310 likes | 430 Views
Creating safety in an Internet World. February 25, 2011 John Hiebert. Overview. In the last few years, the Internet has dramatically changed the way we interact with our world and how we learn. Change from local based resources to online resources World Book Online, E ncyclopedia Britannica
E N D
Creating safety inan Internet World February 25, 2011 John Hiebert
In the last few years, the Internet has dramatically changed the way we interact with our world and how we learn. • Change from local based resources to online resources • World Book Online, Encyclopedia Britannica • Discovery.ca, NASA TV • Increasing availability of online services • Amazon & eBooks • Online Banking • Online Purchasing – eg. Flights, hardware, software • email • Increasing use of social media and new ways of communicating • Facebook • Skype • Texting Current Environment
All of these changes in how we live, learn and communicate have had a significant impact on a number of areas • Organizational and personal Security – we have lost a certain amount of control • Keeping computers and files safe from infection and damage used to be as simple as locking the door to the lab when it was not in use • Now every time we interact with the Internet we are opening the door a bit • Financial Security – often at the mercy of someone else’s security • More and more of our financial information is stored somewhere online other than our bank (eg. PayPal) • Many of us do our banking transactions, paying bills online – only as secure as the weakest link • Personal Privacy • Social media sites store increasing amounts of personal data about us, much of it put there by us. • This data may be used, hacked or sold, often without our knowledge Impact of the Changes
The Internet is not a closed and controlled system • Not all people with access to the Internet are interested in behaving “nicely” • The Internet allows for a certain amount of anonymity and ease of access which makes “bad” behaviour easier to accomplish • Legislation and enforcement always lags behind technology • Current laws often make it difficult to prosecute wrongdoing • The global nature of the Internet means a person can launch an attack from half a world away in a country that has no working relationship with law enforcement in Canada. • The more of ourselves we put out on the Internet the more we surrender control over how that information is used • This also extends to those we know and how they use information about us • It is impossible to put the genie back in the bottle • When something becomes viral, it is almost impossible to contain Why is this an issue?
Is This Really a Problem? YES • Windows XP, no patches applied (Circa 2001 software). • Connected to standard home high-speed Internet. • “Sniffer” placed between computer and internet connection to passively intercept/record all traffic using freely available software.
20:27:02 Machine connected to Internet • 20:27:20 First attack received (18 seconds) • 20:27:34 Second attack received, machine compromised (32 seconds) • 20:28:45 Our machine starts attacking other machines on the Internet (one minute and 43 seconds) • In 10 hours of connect time, our un-patched computer: • Tried to “reach out and touch” over 300 000 unique computers &l aunchedover 18,500 attacks on other computers. • Was infected with 5 Viruses, 4 Trojans, 1 Keylogger, 1 Adware System Compromise:Timeline
100% protection is possible • TURN OFF THE INTERNET • That is not practical – So what can we do? • Know the Threats • Protect Yourself • Practice Safe Surfing What are the Options
Threats come in many forms • Direct attacks • Viruses, trojans, botnets, adware • Delivered via multiple methods • Phishing attacks • Direct hacking of your system • Our own behaviour • Poor passwords • Surfing and downloading practices • The failure of others • Weak security by sites we interact with Know Your Enemy
Virus • A virus is a computer program that installs itself on your computer without your knowledge. • It can steal your information. • It can delete your files. • It can make your computer seem really slow. • It can infect other computers (within your house, within your school) Malware Threats - Some Quick Definitions
Trojan/Worm • Trojans are programs that allow other people to control your computer and access all the information that your computer has access to, including your usernames and passwords for things like your banking site. • Computers that are infected with a Trojan are generally part of something called a “Botnet” (ie Robot Network), which is typically millions of infected computers that are controlled by a single individual or group. • Botnets are responsible for the vast majority of the bad activity on the Internet including sending spam, identity theft and computer crime. Malware Threats - Some Quick Definitions
Adware • A program that installs on your computer and monitors your browsing activities. • It can redirect your browsing to websites that you didn’t intend to visit. • It can popup advertising. • It can solicit money for software you don’t need. • Usually installed as an additional search bar in your browser (MyWay search bar) • Can usually be easily uninstalled from the add/remove programs. Malware Threats - Some Quick Definitions
Keylogger • Software that logs all keystrokes on the keyboard. • Very difficult to detect and nearly invisible to the user. • Writes to a log file to review later. • Can capture information like: • Login credentials • Personal Information • Credit Card Information • Student marks • Other sensitive data • Hardware keyloggers in public library - http://www.h-online.com/security/news/item/Hardware-keyloggers-found-in-public-libraries-1190097.html • Hardware keylogger Amazon - http://www.amazon.com/KeyLlama-4MB-Premier-Hardware-Keylogger/dp/B003SUJBYU/ref=sr_1_1?ie=UTF8&qid=1298608730&sr=8-1 Malware Threats - Some Quick Definitions
Phishing • Mostly conducted by criminal gangs. • Attempt to trick you into revealing personal and sensitive information such as usernames, passwords and credit card details • Their goal is to clean out your bank account and max your credit cards. • Merlin filters thousands of phishing attempts every single day, however some may still get through. Malware Threats - Some Quick Definitions
Malware Attacks • Malicious email attachments • Bad or infected links • Link in an email – eg. I earned $885.00 a week… link • Infected link to a trending topic or event – eg. Reporter video from Grammy telecast • http://nakedsecurity.sophos.com/2011/02/15/reporter-had-a-stroke-on-live-tv-facebook-scam/ • Web Drive-by using Javascript or other scripting technology • Eg. Noscript - http://www.allfacebook.com/warning-dont-click-reporter-had-a-stroke-on-live-tv-2011-02 • Ads • Bogus and infected Applications • Direct Attacks • Attempts to penetrate personal wireless networks • Attacks within a school network • Direct attacks while at public access sites (eg. free wireless) How does it happen?
Personal Information Loss • Locally via a Keylogger application • Luring via Phishing attacks • Self-inflicted • Social media and sharing sites such as Facebook, Flickr present security problems • Info scraping from social media sites (www.lovely-faces.com - http://www.face-to-facebook.net/how.php) • Incorrectly set privacy settings • Geo-location information on photos • Weak security by a company or website you interact with • Credit card companies • Online retailers • Online Backup vendors • Security of your personal information is only as good as the weakest link How does it happen?
Proper Patching, system maintenance and system configuration • Employ a hardware firewall • Proper up-to-date Anti-Virus software • Maintain good passwords • Practice “Safe Surfing” – follow best practices in your online behavior What can we do? Defense in layers!
Patch • Patches are released to deal with mistakes in software that the “bad guys” take advantage of • Many security incidents can be solved by keeping your computer patches up-to-date (Microsoft, Adobe, Apple) • Monitor the updates of the applications you use regularly • Utilize Windows Update and the update options of these vendors • Configure your system properly • Remove administrative rights from your user • While this can be an inconvenience, 92% of all Windows vulnerabilities are solved by not running as admin Protect Yourself – Best Practices
Place a hardware firewall between your computer and your ISP • A workstation should never be placed directly on the Internet • A hardware firewall helps protect against direct attacks and provides an extra layer of separation between you and the “wild west” • Router Security – It is important to configure the router for the highest level of security. • Don’t use WEP encryption • Use some form of WPA2 (if available) and choose a strong password. • SSID name (wireless network name) – choose something that doesn’t directly identify who you are • Make sure to change the “admin” password on the router. There are several vulnerabilities that take advantage of the default password • Notebook Users should install a software firewall application • Provides a similar layer of protection when not at home • Public Internet locations have weak security and are particularly vulnerable to attack Protect Yourself – Firewall
There are three levels of A/V software available • Free Anti-Virus • Paid Anti-Virus • Other Tools • It is important to remember that “you get what you pay for” but at minimum, you should install free antivirus from a reputable vendor that provides timely signature updates • Reasonable vendors include: AVG, Avast, & Microsoft’s Security Essentials • Paid vendors usually go beyond simple files scanning, and offer versions that include: • A software firewall –superior to Windows built-in firewall and with more control • Content Filtering/Parental Controls • Surfing protection – eg. Mcafee site advisor – identifies safe sites in Firefox • Maintenance tools – registry cleaner, document shredder • Network monitoring tools Protect Yourself – Anti-Virus
There are other tools available (often free) that can help protect you • Antispyware tools – spybot • Browser plugins – noscript for firefox • Ad Blocking – Ad-aware Protect Yourself - Other Tools
Protect Yourself - Passwords Your Password is the first line of defense for your network and your personal information. Password Best Practices include: Do not use the same password for basic sites and sites with critical data eg. Facebook & your bank Ensure that passwords for critical data locations have a strong, complex password Utilize a password program that can help keep track of passwords and safely store them. Most will allow you to copy and paste usernames and passwords to help protect against keyloggers. Examples are: Password Safe Roboforms Don’t use passwords that are easily connected to you such as Birthdays, anniversaries, Pet or children’s names, Employers, Hobbies
Protect Yourself - Passwords Passwords Should be: at least 8 Characters or longer in length (12 is now recommended) Contain upper and lower case letters, a number, and a special character ( #, &, *, @) The most secure passwords are mnemonic passwords You are likely to remember the phrase You won’t need to write it down Dictionary password attacks will not work with this type of password Use first character in a phrase and add special characters Beatles Lucy In The Sky 12With Diamonds– [Blits12wd]
Safe Online Behaviour Safe Online Behaviour is key to protecting yourself from Internet threats Employ a product like noscript when visiting new or unknown sites Online Banking Never bank or do critical activities from an untrusted machine such as an Internet café or Hotel lobby. Use a dedicated, restricted user account for banking Use a separate PC or Virtual Machine if available Never go to a banking or credit card site from a link. Always enter the URL yourself Use a strong and unique password
Safe Online Behaviour Safe Online Behaviour is key to protecting yourself from Internet threats Email Never respond to emails from Banks requesting confirmation of account information Delete emails rather than opening them if unsure whether they are good Be careful of clicking links in emails (even if they are from people you know)
Safe Online Behaviour Safe Online Behaviour is key to protecting yourself from Internet threats Browsing Be careful with sites you don’t know Don’t simply follow every link you get in Google Be careful or avoid sites that are known to be favorites for the “bad guys” (gaming sites, download sites, torrent sites) Applications Stick with legitimate, legal applications (avoid downloading cracked apps – can often be compromised) Only download applications from reputable sites such as download.com
Safe Online Behaviour Safe Online Behaviour is key to protecting yourself from Internet threats Social media The rule should be don’t put anything online that you would be embarrassed about if it got out Know the rules of the site you are contributing to (http://www.facebook.com/terms.php) Your personal security/reputation is determined by how much you choose to expose online Good Personal Online Security Practices are one of the most important lessons you can pass on to your students Recent Wpg. Free Press article - a wpg. teacher surveyed 177 grade 8 and 9 students. 86% had access to a computer and 93% had Facebook accounts.
Keep your Operating System up to date (Windows Update). • Keep your applications up to date (Flash Player, Adobe Reader, MS Office, etc). • Run antivirus software that is up to date. • Do not open files or start programs from someone you do not trust. • Do not leave your computer logged in unattended. • Do not log in to check your finances (back account, credit card, PayPal) from a public computer. • Use a secure password that is easy to remember (mnemonic). Tips
Microsoft Patches • www.windowsupdate.com • Security Information • www.microsoft.com/protect • www.snopes.com • www.sans.org • Online Virus Scanners • www.activescan.com • www.kaspersky.com/virusscanner Resources