cyber security awareness
DESCRIPTION
This is a collection of cyber security related topics, which can used for explaining various threats and its counter measures in the cyber world.You are free to use this material for education purpose.There are many - reference document used for preparing this document.TRANSCRIPT
Shafeeque Olassery KunnikkalC|EH, C|HFI, C|EI, MCPFounder & CTOGraytips Cyber Technologieswww.graytips.comEmail: [email protected]: 9847113216
Topics What is Cyber Security? Common Cyber threats include:
Social Engineering Attacks Malwares Weak and Default Passwords Unpatched or Outdated Software Vulnerabilities Removable Media Frauds - The “Nigerian” Email Scam
Secure Browsing Fundamentals
2Graytips Cyber Technologies @ 2014
Topics Mobile Devices Security Social Media Security Email Best Practices
What is spam? What is BCC ? - Why would you want to use BCC?
Wireless Security Common Network Attacks Maintain Good Computer & Security Habits Key Steps to Better Secure Your Company and Workplace
3Graytips Cyber Technologies @ 2014
What is Cyber Security? The protection of data and systems in networks
that connect to the internet
Applies to any computer or other device that can transmit data to another device over a network connection, whether it uses the internet or some other network
4Graytips Cyber Technologies @ 2014
What are the risks? There are many risks, some more serious than others. viruses erasing your entire system someone breaking into your system and altering files someone using your computer to attack others someone stealing your credit card information and
making unauthorized purchases.
5Graytips Cyber Technologies @ 2014
Common Cyber Threats Social Engineering Attacks.
Computer Based Social Engineering Phishing and spear phishing
Human based Social Engineering Dumpster Diving Shoulder Surfing Eavesdropping Piggybacking Tailgating
Mobile based Social Engineering Smishing Vishing
6Graytips Cyber Technologies @ 2014
Common Cyber Threats - contdMalwaresWeak and default passwordsUnpatched or outdated software vulnerabilitiesRemovable mediaCommon Frauds
The Nigerian email scam
7Graytips Cyber Technologies @ 2014
Social Engineering Attacks
8Graytips Cyber Technologies @ 2014
9Graytips Cyber Technologies @ 2014
Social Engineering Attack Computer based Social Engineering
Phishing and Spear Phishing. Human based Social Engineering
Dumpster Diving, Shoulder Surfing Eavesdropping Piggybacking Tailgating
Mobile Based Social Engineering Smishing Vishing
10Graytips Cyber Technologies @ 2014
Phishing Email Example
11Graytips Cyber Technologies @ 2014
12Graytips Cyber Technologies @ 2014
Phishing and Spear Phishing• An e-mail to deceive you into disclosing personal
information. • Widely adopted method by Social Engineers.• you may be asked to click on a link or fraudulent
website which asks you to submit your personal data or account information.
• Spear phishing is a type of targeted phishing that appears to be directed towards a specific individual or group of individuals.
13Graytips Cyber Technologies @ 2014
Common Symptoms• Uses e-mail • May include bad grammar, misspellings, and/or generic
greetings • May include maliciously-crafted attachments with varying
file extension or links to a malicious website • May appear to be from a position of authority or legitimate
company: – Your employer – Bank or credit card company – Online payment provider – Government organization
• Asks you to update or validate information or click on a link • Threatens dire consequence or promises reward • Appears to direct you to a web site that looks real
14Graytips Cyber Technologies @ 2014
Spear PhishingHas a high level of targeting sophistication and
appears to come from an associate, client, or acquaintance
May be contextually relevant to your job May appear to originate from someone in your
email address book May contain graphics that make the email look
legitimate
15Graytips Cyber Technologies @ 2014
Countermeasures• Ensure anti-virus software and definitions are up to date • Never trust an unsolicited email, text message, pop-up
window, Facebook message, etc. that asks you to: give sensitive information such as your Adhar Number or bank account numbers;
• Before clicking any link check the actual address by hovering the cursor over a link (bottom left in Chrome and Internet Explorer 10 and 11), make sure it looks legitimate.
• i.e the text in the URL and the text for the hyperlink are same.
• Do not delete suspicious e-mails, report to your companies system administrators.
16Graytips Cyber Technologies @ 2014
Countermeasures - contd• Turn off the option to automatically download
attachments• Save and scan any attachments before opening them• Don’t trust the message no matter how convincing or
official it looks; no matter if it appears to come from your bank, the government, your ISP, or your best friend. Always independently verify the authenticity of the message before you respond.
• Don’t use an email address, link, or phone number in the message itself. If it’s from your bank, search online for the customer service line and call the bank
17Graytips Cyber Technologies @ 2014
Countermeasure - contdDo not:
Open suspicious e-mails Click on suspicious links or attachments
in e-mails Call telephone numbers provided
18Graytips Cyber Technologies @ 2014
Phishing
It's demo time !!!Cloning FacebookCloning akesissstar.info
Malwares Malware - short for malicious software - that is
intended to do harm to your computer or software – Viruses – Trojan horses – Worms – Keyloggers – Adware– Spyware – Rootkits – Backdoors
20Graytips Cyber Technologies @ 2014
What is a Virus?
21Graytips Cyber Technologies @ 2014
Symptoms
• System will not start normally (e.g. “blue screen of death”)
• System repeatedly crashes for no obvious reason• Internet browser goes to unwanted web pages• Anti‐virus software appears not to be working• Many unwanted advertisements pop up on the
screen• The user cannot control the mouse/pointer
22Graytips Cyber Technologies @ 2014
Countermeasures Ensure Anti‐virus software is fully up‐to‐date
according to manufacturer’s standards Don’t fall for fake Antivirus offers
23Graytips Cyber Technologies @ 2014
TROJAN
24Graytips Cyber Technologies @ 2014
What is a TROJAN ?• The main objective of this type of malware is
to install other applications on the infected computer, so it can be controlled from other computers.
• Looks like a legitimate program but when installed it does harmful things.
• The term Trojan refers to the wooden horse used by the Greeks to sneak inside the city of Troy and capture it.
25Graytips Cyber Technologies @ 2014
Common Behavior of a Trojan• Is a standalone program or malicious file,
– These do not infect other files but often pretend to a legitimate program,
– They can harm their host computer, – Corrupt the file allocation table on your computer, – Install keyloggers, steal bank details, logons to websites, – Install other software including third party malware, – Watch what the user is doing on screen, – Upload files from your computer,
26Graytips Cyber Technologies @ 2014
Common Behavior of a Trojan– Give a hacker remote access to the infected computer, take
advantage of unpatched systems to run other malware etc. – Remove files from the infected computer.– Download files to the infected computer.– Make registry changes to the infected computer.– Delete files on the infected computer.– Steal passwords and other confidential information.– Log keystrokes of the computer user.– Rename files on the infected computer.– Disable a keyboard, mouse, or other peripherals.– Shut down or reboot the infected computer.– Run selected applications or terminate open applications.– Disable virus protection or other computer security software.
27Graytips Cyber Technologies @ 2014
Trojan
It's demo time !!!Trojan – ProratMaking dropperWrapping inside a game
What is an Adware ?
Adware is the name given to programs that are designed to advertising banners, re-directs you to websites, and otherwise conducts advertising on your computer. Also collect marketing-type data about you – for example, the types of websites that you visit – so that customized adverts can be displayed.
29Graytips Cyber Technologies @ 2014
Adware Example
30Graytips Cyber Technologies @ 2014
31Graytips Cyber Technologies @ 2014
Adware Example
32Graytips Cyber Technologies @ 2014
Adware Example
What is a Spyware?• Spyware is software that gathers information about
you, your browsing and Internet usage habits, as well as other data.
• How does it reach users?• Spyware is installed on computers without the user’s
knowledge. It can be installed when downloading certain content from the Web or from P2P networks, when installing freeware, or simply when visiting dubious websites.
33Graytips Cyber Technologies @ 2014
Types Of Spyware• Video Spyware• Audio Spyware• Desktop Spyware• USB Spyware• Email Spyware
Spytechagent
It's demo time !!!
What is a Rootkit?
Malware authors use rootkits to hide malware on your PC.
Malware hidden by rootkits often monitor, filter, and steal your data or abuse your computer’s resources
36Graytips Cyber Technologies @ 2014
A program designed to capture the keystrokes Two Types– Hardware keylogger– Software Keylogger
37Graytips Cyber Technologies @ 2014
Keylogger
38Graytips Cyber Technologies @ 2014
Hardware Keylogger
Symptoms of Malware Your computer is running extremely slow. Unexpected Crashes: Excessive Hard Drive Activity: Random Network Activity Erratic Email: Beware of pop-ups! Your Antivirus and firewall protection is
unexpectedly disabled. Unfamiliar and peculiar error messages
39Graytips Cyber Technologies @ 2014
Distribution Of Malwares
E-mail attachments Downloading files Visiting an infected website Removable mediaCracked/Pirated Games and Softwares
downloaded from torrents and file sharing servers
40Graytips Cyber Technologies @ 2014
Countermeasures
To guard against malicious code in email: View e-mail messages in plain text Use caution when opening e-mail Scan all attachments Delete e-mail from senders you do not know Turn off automatic downloading
41Graytips Cyber Technologies @ 2014
To guard against malicious code in websites: Block malicious links / IP addresses Block all unnecessary ports at the Firewall and Host Disable unused protocols and services Stay current with all operating system service packs and
software patches
42Graytips Cyber Technologies @ 2014
Countermeasures
Weak and Default PasswordsThe use of weak and default passwords creates
easily exploitable system vulnerabilities.
43Graytips Cyber Technologies @ 2014
Symptoms Words found in the dictionary Readily available information significant to you
(names, dates, cities, etc.) Lack of character diversity (e.g., all lower case
letters) Personal information such as birth date,
names of self, or family, or pets, or anything else that could easily be learned by others. Remember: if a piece of information is on a social networking site, it should never be used in a password.
44Graytips Cyber Technologies @ 2014
Countermeasures Combine letters, numbers, special characters,
Include a combination of upper case and lower case letters, at least one number and at least one special character, such as a punctuation mark
Do not use personal information Do not use common phrases or words
45Graytips Cyber Technologies @ 2014
Do not write down your password, memorize it Change password according to your organization’s
policy Enforce account lockout for end-user accounts after a
set number of retry attempts Do not save your passwords or login credentials in
your browser NEVER share your password
46Graytips Cyber Technologies @ 2014
Countermeasures
Dictionary AttackBrute-force AttackHybrid attacksSyllable AttackRule-based Attack
47Graytips Cyber Technologies @ 2014
Common Password Attacks
Weak Windows Password Cracking
It's demo time !!!Retrieving Windows Passwords from SAMLophtcrack – password cracker
Unpatched or Outdated Software Vulnerabilities
Unpatched or outdated software provide vulnerabilities and opportunities for adversaries to access information systems.
49Graytips Cyber Technologies @ 2014
Symptoms List of suspicious indicators related to unpatched and
outdated software: Unauthorized system access attempts Unauthorized system access to or disclosure of
information Unauthorized data storage or transmission Unauthorized hardware and software modifications
50Graytips Cyber Technologies @ 2014
Countermeasures Comply with the measures in your organization’s
policies Stay current with patches and updates Conduct frequent computer audits Ideally: Daily At minimum: Weekly Do not rely on firewalls to protect against all attacks
51Graytips Cyber Technologies @ 2014
Removable Media Removable media is any type of storage device that
can be added to and removed from a computer while the system is running. Adversaries may use removable media to gain access to your system. Examples of removable media include: Thumb drives Flash drives CDs DVDs External hard drives
52Graytips Cyber Technologies @ 2014
Symptoms Adversaries may: Leave removable media, such as thumb drives, at
locations for personnel to pick up Send removable media to personnel under the guise
of a prize or free product trial Effects include, but are not limited to: – Corrupt files and destroyed or modified
information – Hacker access and sabotaged systems
53Graytips Cyber Technologies @ 2014
Countermeasures Follow your organization’s removable media policy Disable autorun/autoplay
54Graytips Cyber Technologies @ 2014
The “Nigerian” Email Scam
55Graytips Cyber Technologies @ 2014
Secure Browsing Fundamentals
Avoid Microsoft Internet Explorer Google Chrome is currently the best choice Safari and Firefox are the middle choices Login in as a Limited User Make sure https for financial transaction Use NoScript or NotScripts Know what link you are clicking
56Graytips Cyber Technologies @ 2014
Mobile Devices Security Avoid free and open hotspots Use Virtual Private Networks (VPN) Restrict usage in free and open hotspots Maintain an Upto Date OS Disable interfaces that are not currently in use,
such as Bluetooth, infrared, or Wi-Fi. Only download Apps from trusted sources Install Antivirus for Android
57Graytips Cyber Technologies @ 2014
Mobile Devices Security Configure the device to be more secure. Configure web accounts to use secure
connections. Set Bluetooth-enabled devices to non-
discoverable. Delete all information stored in a device prior to
discarding it. Do not “root” or “jailbreak” the device.
58Graytips Cyber Technologies @ 2014
Mobile Devices Security Be careful when using social networking
applications.
59Graytips Cyber Technologies @ 2014
Social Media Security It’s Too Easy to Share Too Much Information How can you protect yourself in social media?– Limit the amount of personal information you post– Remember that the internet is a public resource– Be wary of strangers
60Graytips Cyber Technologies @ 2014
Be skeptical - Evaluate your settings - Be wary of third-party applications - Use strong passwords Check privacy policies Keep software, particularly your web browser, up to
date
61Graytips Cyber Technologies @ 2014
Social Media Security
Avoid links to other pages Use a different email Don’t post complete personal information Keep your computer up to date
62Graytips Cyber Technologies @ 2014
Social Media Security
Email Best Practices
Avoid sending or accepting sensitive information via email
Avoid phishing attempts Look for an email provider with strong antispam
filtering capability. Use filters Identify unwanted spam with the “spam” button.
63Graytips Cyber Technologies @ 2014
Consider viewing email in plain text. Turn off auto downloads Never respond to spam and avoid chain mail Use separate emails for work and home Configure email software securely Be aware of hoaxes and scams
64Graytips Cyber Technologies @ 2014
Email Best Practices
What is spam? Spam is the electronic version of "junk mail."
65Graytips Cyber Technologies @ 2014
How can you reduce the amount of spam?
Don't give your email address out arbitrarily Check privacy policies Report messages as spam Don't follow links in spam messages Disable the automatic downloading of graphics in
HTML mail Consider opening an additional email account
66Graytips Cyber Technologies @ 2014
Blind Carbon Copy - BCC What is BCC ? - Why would you want to use BCC? Privacy Tracking Respect for your recipients Reduce the risk
67Graytips Cyber Technologies @ 2014
Wireless Security• Change the default username and password • Use the highest encryption level (e.g.
WPA/WPA2• Do not use WEP encryption • Change the default Service Set Identifier (SSID)• Do not automatically connect to an open wireless
network• Turn off the wireless network when not in use
68Graytips Cyber Technologies @ 2014
Common Network Attacks ARP Spoofing Network sniffing (Packet sniffing) Denial Of Service Attack(DOS)/DDOS Man In The Middle Attack
69Graytips Cyber Technologies @ 2014
ARP Spoofing
70Graytips Cyber Technologies @ 2014
Network Sniffing
71Graytips Cyber Technologies @ 2014
72Graytips Cyber Technologies @ 2014
Man In The Middle Attack
73Graytips Cyber Technologies @ 2014
Maintain Good Computer & Security Habits
Update Automatically Install a Comprehensive HostBased Security Suite Limit Use of the Administrator Account Use a Web Browser with Sandboxing Update to a PDF Reader with Sandboxing Capabilities Enable File Sharing with passwords for required
users. Lock your computer When you are away. Disconnecting your computer from the Internet
when you aren't using it. Backup your important data regularly
74Graytips Cyber Technologies @ 2014
Graytips Cyber Technologies @ 2014 75
Watch out for Social Engineering attacks Separate machines for handling sensitive
information like payroll Enable Firewall If ISP not providing DNS use Open DNS or
google's Public DNS Change Default Username and Password on the
devices like router, computer, smartphone or any device you use
Key Steps to Better Secure Your Company and Workplace
Graytips Cyber Technologies @ 2014 76
Set strong passwords Install Antivirus Use any browser EXCEPT Internet Explorer
(Chrome and Chromium are really good, Opera, Safari, Firefox are mid level choice
Install Antivirus Uninstall unused applications Ensure https:// and the lock picture while doing
financial transactions Use virtual keyboard available in banking site for
entering passwords. Use Thunderbird as Email-client
Key Steps to Better Secure Your Company and Workplace
Q&A
77Graytips Cyber Technologies @ 2014
Thank You
78Graytips Cyber Technologies @ 2014
Shafeeque Olassery KunnikkalC|EH, C|HFI, C|EI, MCPFounder & CTOGraytips Cyber Technologieswww.graytips.comEmail: [email protected]: 9847113216