190 likes | 588 Views
gsc11_Userworkshop_15. GLOBALCOMM™ 2006. Cyber Security. Presented by The JED Group, LLP A TIA Member Elliott Davidow Managing Partner. Who is the JED Group? Who am I? Why are you presenting?.
E N D
gsc11_Userworkshop_15 GLOBALCOMM™ 2006 Cyber Security Presented by The JED Group, LLP A TIA Member Elliott Davidow Managing Partner
Who is the JED Group?Who am I?Why are you presenting? • The JED Group is a consulting firm started in 1972. We have 102 partners and specialized in modeling financial (what ifs), manufacturing - production (optimization), and communications security testing and implementation. We also provide encryption security services directly to our clients. • My name is Elliott Davidow. I have 33 years of experience, hold a degree in Electrical Engineering, an MBA in numerical methods, and a PhD in Mathematics. I like to personally specialize in encryption procedures and methods. I am, as a couple of examples, an active participant of DHS/ANSI HSSP Standards Team as well as a consultant to the European Union’s cyber committee, and a major contributor to our Condo Association’s Emergency Action Plan.
Stay Safe • Protect your personal information. It's valuable. • Know who you're dealing with online. • Use anti-virus software, a firewall, and anti-spyware software to help keep your computer safe and secure. • Be sure to set up your operating system and Web browser software properly, and update them regularly. • Use strong passwords or strong authentication technology to help protect your personal information. • Back up important files. • Learn what to do if something goes wrong. • Protect your children online.
Internet Clicking on E-mail from people you don’t know. Phishing/Surfing “Interesting Sites” that ask for info and/or that you allow cookies from. Allowing your kids access to your computer Poor Password Procedures Know whom your dealing with on line Use virtual credit cards like Citibank's Virtual Account SET POLICIES! Secure-Secure! Direct Physical Contact Responding to someone you don’t know who contacts you personally and/or someone in your organization answering personal/security questions Not securing your Phone or Laptop 26 million Vets had their personal info compromised when a laptop was stolen. 1/3 of all Air Force Officers had their info taken from a back-up site. Encrypt and backup your valuable data Encrypt – Encrypt - Encrypt Two of the Biggest HolesA REPEAT OF THE PREVIOUS SLIDE (and WE’re still DOING THEM)
CellPhone Despite what you’ve read: POWER OFF YOUR BLUETOOTH in public places\or during sensitive conversations Conversations can be overheard Data can be compromised Your resident programs can be run Names/address can be captured E-mails/IM’s/SMS can be captured by others
Wireless • WEP – What's wrong with WEP? • WEP has been part of the 802.11 standard since initial ratification in September 1999. At that time, the 802.11 committee was aware of some WEP limitations; however, WEP was the best choice to ensure efficient implementations worldwide. Nevertheless, WEP has undergone much scrutiny and criticism over the past couple years. • WEP is vulnerable because of relatively short IVs and keys that remain static. The issues with WEP don't really have much to do with the RC4 encryption algorithm. With only 24 bits, WEP eventually uses the same IV for different data packets. For a large busy network, this reoccurrence of IVs can happen within an hour or so. This results in the transmission of frames having keystreams that are too similar. If a hacker collects enough frames based on the same IV, the individual can determine the shared values among them, i.e., the keystream or the shared secret key. This of course leads to the hacker decrypting any of the 802.11 frames. • The static nature of the shared secret keys emphasizes this problem. 802.11 doesn't provide any functions that support the exchange of keys among stations. As a result, system administrators and users generally use the same keys for weeks, months, and even years. This gives mischievous culprits plenty of time to monitor and hack into WEP-enabled networks. Some vendors deploy dynamic key distribution solutions based on 802.1 which definitely improves the security of wireless LANs. The problem, however, is that these types of mechanisms won't be part of the 802.11 standard until the end of 2006 at best • If possible, use WPA and never leave your access point unsecured!
Cyberbullying • Cyberbullying refers to the new, and growing, practice of using technology to harass, or bully, someone else. Bullies used to be restricted to methods such as physical intimidation, postal mail, or the telephone. Now, developments in electronic media offer forums such as email, instant messaging, web pages, and digital photos to add to the arsenal. Computers, cell phones, and PDAs are new tools that can be applied to an old practice. • Forms of cyberbullying can range in severity from cruel or embarrassing rumors to threats, harassment, or stalking. It can affect any age group; however, teenagers and young adults are common victims, and cyberbullying is a growing problem in schools. • How can you protect yourself? • Be careful where you post personal information - By limiting the number of people who have access to your contact information or details about your interests, habits, or employment, you reduce your exposure to bullies that you do not know. This may limit your risk of becoming a victim and may make it easier to identify the bully if you are victimized. • Avoid escalating the situation - Responding with hostility is likely to provoke a bully and escalate the situation. Depending on the circumstances, consider ignoring the issue. Often, bullies thrive on the reaction of their victims. Other options include subtle actions. For example, if you are receiving unwanted email messages, consider changing your email address. If the bully does not have access to the new address, the problem may stop. If you continue to get messages at your new account, you may have a stronger case for legal action. • Report cyberbullying to the appropriate authorities - If you are being harassed or threatened, report the activity to the local authorities. Law enforcement agencies have different policies, but your local police department or FBI branch are good starting points. Unfortunately, there is a distinction between free speech and punishable offenses, but the legal implications should be decided by the law enforcement officials and the prosecutors. Depending on the activity, it may also be appropriate to report it to school officials who may have separate policies for dealing with activity that involves students.
Misleading Applications a.k.a. Rogue Anti Spyware • Sometimes bundled with spyware • Some don’t scan at all • Some download ad-ware or spyware • All falsify or exaggerate the risk of things on a system • Programs claimed to be from Microsoft, Symantec, etc., that are sent to you or off a misleading site.
To increase the value of an enterprise by damaging a competitor To manipulate future opinions- i.e., stock prices/future contracts, etc. To advertise a cause, movement, or product To make credible a threat…DSN poisonings, Web site attacks, etc Revenge Some Motives for a Cyber - Attack
Considerations • Cybercrime - Fraud and theft. As the rewards get more attractive, attackers will continue to improve their methods. • Traditional perimeter defenses are not enough. With the rise in client side attacks and web application attacks, attackers are leveraging existing “approved” protocols and technologies. • As technology changes so do the threats. New vulnerabilities are being discovered every day and attackers are constantly exploiting new paths into networks. • Know who to call if you feel compromised: FBI, Secret Service, Police, Credit Card company, even your insurance company.
AttackTrends • By type of attack
Security Risks: Adware, Spyware & Others • The most reported Adware from July 1 - December 31 2005 was Websearch (19%) • 9 of the top ten were installed by rogue affiliates • 7 of the top ten carried a risk rating of High or Medium • 5 of the top ten employed some form of anti-removal technique, were installed via drive-by downloading and updated themselves more than once a day • Direct Revenue’s Aurora updated itself over 13 times per day • The most reported Spyware from January 1st - June 30th, 2005 was CometCursor (42%)
Summarizing • All the familiar saying we’ve heard from our authority figure still are valid: • If it’s too good to be true… • The son of the former President of Nigeria is not going to give you a 4 million! And he doesn’t need your SSN or account number. Nor does your credit card company TO PREVENT YOUR CHARGING against your account. But they will need your payment. Use a minimum of 128 bit encryption with a secured access point, and WPA if wireless. DON’T USE YOUR CELL PHONE UNLESS YOU EMPLOY A CERTIFICATE. • Don’t trust weak and unsecured access points, back up and encrypt data • Turn off you Bluetooth, use WPA as a minimum. • Your kids on line activities need to be “parentalized!” This isn’t an invasion of privacy, it’s about taking your time to show them you love them and that your not to busy to care about them. • Uhmmm, purchase a better Smith and Wesson Privacy Firewall/Antivirus appliance or get that Plasma TV for the whole family. Decisions, Decisions, Decisions………..