210 likes | 285 Views
National E-security Awareness Week Community Presentation a Department of Broadband, Communications and the Digital Economy Initiative. 06-13 June 2008. National E-security Awareness Week.
E N D
National E-security Awareness WeekCommunity Presentationa Department of Broadband, Communications and the Digital Economy Initiative 06-13 June 2008
National E-security Awareness Week • An Australian Government initiative that aims to help Australians understand e-security risks, and educate home and small business users about the simple steps they can take to protect themselves, their families and their businesses online • What does this mean to you?
This presentation will include: • Common Risks • Securing your computer • Secure social networking • Securing your wireless connection • How to stay informed
What are some of the online risks? Cyber- Bullying Illegal Material Inappropriate Material Viruses/ Trojans Illegal Contact Spam Online Fraud
Common e-security risks: • Thieves stealing personal information about you, which can then be used to purchase things in your name, defame others or steal your real world identity • Being infected with malicious software such as Trojans, spyware, key loggers and viruses, having websites taken over and modified, damage to computer data and causing your computer to generally run slow
Common e-security risks: • Being defrauded by online scams such as phishing • Thieves using your wireless connection to steal your monthly download limit How secure is your wireless internet? More on that later…
Securing your Computer • Install and update security software • Apply software updates to: • Your operating system AND • All other programs you have installed AND • Any other devices (routers, phone, PDAs) • Ideally, this should be set up to occur automatically
Securing your Computer • Run as a non-privileged user (i.e. not with “Administrator” access) when surfing the internet, reading email or for computer based activities • Generally, you should run with as few privileges as possible and launch applications with as few privileges as possible
Securing your Computer • Most operating systems run in “kernel mode” with maximum privileges, therefore no security enforcement • “User mode” is preferred if the two solutions provide the same result • This provides better system security as vulnerabilities in one application cannot be used to exploit the rest of your machine
Online transactions • THINK BEFORE YOU CLICK • If it looks too good to be true, it probably is • Always type in the address of the website you want to transact with – never follow a link in an email • Ensure you have a strong password for online services you care about (such as banking) • Don’t make purchases from websites you are unsure of – check the credentials of the business first and confirm that you are indeed looking at their website
Online transactions • Check the status of your online transactional accounts regularly, and contact your transaction service provider IMMEDIATELY in the event of any problems • Do not use “shared” PCs you don’t control for online transactional services
Online transactions • When making transactions, check that the process is carried out through a secure server. Characteristics include: • URL starts with ‘https://’ • A padlock or key icon will appear in the browser window. If the padlock is closed or the key is complete, the server is secure.
Securing your computer • Highly desirable: • A personal firewall • Anti-virus software that is kept up to date • Anti-spam filter • Anti-spyware
E-mail security • Do not open attachments if you do not know the sender • Do not open messages that seem out of character from a sender you do know • Be careful about clicking on links in emails and instant messages
Safe Browsing • Its not all about maintaining anti-virus software • Hackers can access cookies (small text files saved on user’s computers by the server of the page the user is visiting). • The information the cookies contain is usually related to the page being visited, but can include user names and passwords, browsing preferences, etc • Cookies can be disabled, and then enabled only when certain web pages require them.
Secure Social Networking • Think about the personal information you are sharing: • What could be pieced together from the various bits of information available about you online? • Do you know the privacy policy of the sites you use? Do you know that some share your details with other businesses?
Securing your Wireless Connection • Use a strong password to protect your wireless connection • How do you choose a strong password? • At least 8 characters in length • Combination of upper and lower case characters as well as numbers and symbols • If you must write them down, keep them in a safe place.
Securing your Wireless Connection • Make your router only available to trusted machines (through the MAC address). This alone is not safe against an experienced hacker due to “MAC spoofing”. • Restrict how many people in your neighbour can ‘see’ your wireless network by turning off the SSID feature which broadcasts your wireless network’s name. This will make your network invisible to nosy neighbours, potential broadband freeloaders or identity thieves, however….
Securing your Wireless Connection • …you should be aware of free utilities such as Kismet which can reveal so called ‘hidden’ SSID, MAC addresses and static IP schemes • Make sure you have encryption turned ‘on’ in your wireless software settings, because…
Securing your Wireless Connection Getting online without encryption is like shouting your credit card number out loud in a busy street! • Set the range of your router to only what you need – not two blocks away • Use as a minimum WEP (not great but better than nothing). • Use WPA (WPA2 is considered the highest standard). This is in built in some operating systems such as Windows XP - but you must turn it on!
How to stay informed and get help if you need it….. • Suspected crimes: • Australian Federal Police or your state police • Australian High Tech Crime Centre • Virtual Global Taskforce (AFP is a partner) • Prohibited online content and spam: • Australian Communications and Media Authority • Scams: • Scamwatch (ACCC)