270 likes | 495 Views
Computer Threats and Safety. Darren J. Mott Supervisory Special Agent Cyber Crime Squad Federal Bureau of Investigation Cleveland Division. 1. General Outline. General Security Current Cyber Threats Threats to Children Common Scams How to report a Cyber Crime Social Networks
E N D
Computer Threats and Safety Darren J. Mott Supervisory Special Agent Cyber Crime Squad Federal Bureau of Investigation Cleveland Division 1
General Outline • General Security • Current Cyber Threats • Threats to Children • Common Scams • How to report a Cyber Crime • Social Networks • How to conduct general forensics on your computer 2
General Security • The operating system on PCs (XP/VISTA) are generally insecure out of the box. • MAC users are generally safer than PC users, but as MACs gain in popularity, more exploits are showing up. • Do not depend on the Microsoft Firewall to provide much protection • You should always have a third party security program running on your system. 3
Myth • “I have an anti-virus program, my computer is safe.” • AV products only protect against computer viruses. There are FAR more vulnerabilities that just viruses. • AV products ONLY protect against less that 40% of known viruses. • AV products don’t protect you until AFTER the virus is released. 4
Myth • “My computer is behind a router, I am safe.” • While being behind a router is a good idea and your PC is better hidden, it is not an end-all protection scheme • Routers should be secured also • Wireless Routers MUST be secured. • WPA security protocol and/or MAC address restriction • Be careful connecting to unsecured wireless networks. Your traffic can be monitored. • Unless you have to, do not broadcast the network SSID. 5
Myth • I don’t run a Windows Operating System, I don’t need to worry. • Linux and Mac users are generally safer from infection by viruses, but not free from exploitation of known vulnerabilities. • Most computers are Windows based, so bad guys are going to spend more time attacking that system. 6
Current Cyber Threats • Modern malware is passed along by a variety of methods. • Email – attachments • Websites • Software (especially pirated software) • P2P networks 7
Types of Malware • Viruses • Worms • Wabbits • Trojans • Spyware • Backdoors • Exploits • Rootkit • Keyloggers • Dialers • URL Injectors • Adware 8
Current Cyber Crime Trends • Covert delivery of Malicious code • Use of malware to steal personal information • Use of this information to steal & manipulate financial information • Targeting of smaller banks, school districts, churches and CFOs • Organized groups arising to coordinate attacks • Use of wireless networks to steal data • Insider crime continues to be a problem • Terrorism • Espionage 9
General Protection TIPS • NEVER open an attachment from someone you don’t know. If you get an attachment from someone you do know but there is no text indicating what it is, be suspicious. • Use security software to restrict sites. • Make your kids aware that they AREN’T really getting free stuff from emails. 10
Common Scams • Nigerian Email • Work at home • Western Union money transfer professional • Phishing/Vishing • Auction Fraud • Lotteries • Reshipping • More details at www.ic3.gov 11
Online Transactions • If used on well-known sites it is generally a safe transaction. Look for the lock in the lower right corner of the browser or in the address bar the an “https”. This creates a secure encrypted connection between you and the vendor. • Most theft occurs on the companies’ backend not during the transaction itself. 12
How to report a crime • Depending on the type of crime experience you should contact local police, the FBI and at the very least www.ic3.gov. • Unless you work for a company that is the victim of a computer intrusion you will be unlikely to find resolution in the Federal System. Civil remedies are generally more effective. 13
How do I know if mycomputer is compromised • Depending on the malware, you may not know. • Is your computer really sluggish or slow? Then maybe. • Educate yourself on self-diagnosis. Google is your friend. • External data storage. • Re-install OS periodically. 14
Your Kids & Computer Accounts • Give them their own login and do NOT make it an administrator account. This will restrict them from installing programs. • You can use third party to applications to restrict sites (Cybersitter, Safe Eyes, Internet, Net Nanny etc..) but don’t expect everything to be filtered. • Not 100% protection, but better than nothing. 15
Threats to Children • Highly targeted by pedophiles online, especially because of the explosion of social networks (MySpace, Facebook etc…) • Check your computer for IRC, AIM, YAHOO messenger, ICQ or any other IM programs. These are gateway programs for problems (watch a single episode of NBC’s To Catch a Predator for proof). • Social Networks (Risks to everyone) • Keep your computer in a common area. • Tell your kids you are logging all their activity – even if you aren’t (Google – “keyloggers for parents”) 16
Social Networks • Massive adoption in the consumer market • MySpace, Facebook, LinkedIn, Friendster, Twitter • Statistics on Facebook • Over 500,000,000 users (fall 2010) • Over 250,000 new registrations per day • Over 200,000 developers have submitted some sort of Facebook application using basic programming skills and there are over 350,000 official apps 17
Social Networking & Crime • Authorities say the web is largely to blame for a 16 percent increase in rapes this year. • “In the past, rapists would have to hunt and stalk…now all you have to do is get on the internet and she’s waiting for you in a hotel room”. Sgt. Darrell Price, Charlotte- Mecklenburg PD, Sexual Assault Unit as quoted in “American Police Beat”, September 2009. 19
Ideal Exploitation Platform • Social networks have intrinsic properties that make them ideal to be exploited by an adversary: • Difficult to police: very large and distributed user base • Trust network: clusters of users sharing the same social interests developing trust with each other • Platform openness for developing applications that are attractive the general users who will install them 20
Too Much Info • The SN value proposition is information sharing • “Linked In” - defaults for outsider access is not bad • “Facebook” - defaults very open • “Twitter” - no expectation of privacy anyway • Try this: go to your Facebook account and search for: • <any company name in your city or area> and “Software” or “Technology” • From the list of results click until you find one that has all their profile information visible... there are usually many! • Can lead to guessed passwords or recovery questions 21
As an example • It took seriously 45 mins on wikipedia & google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, & it only has 2 zip codes (thanks online postal service!) the second was somewhat harder, the question was “where did you meet your spouse?” 22
General Forencics • Run>>cmd • Netstat • Samspade.org • Maxmind.com • Domaintools.com • Dnsstuff.com • Grc.com – Shields up • If you are not comfortable regarding these steps, find a computer savvy friend. 24
Computer Security Issues Mailing List • I keep a personal mailing list that I send out security issues from time to time (latest scams, new viruses, etc..) • If you want me to add you, send an email to darren.mott@gmail.com. • If you think of a question I did not answer here, feel free to contact me. 26
Thank you SSA Darren J. Mott 216-622-6916 darren.mott@ic.fbi.gov 27