Presentation is loading. Please wait.

Presentation is loading. Please wait.

SLAC COMPUTER SECURITY AntiVirus Process Marilyn Cariola Heather Larrieu (audio) Chris Mayfield October 14, 2008 1.

Published byAubrie Mellon Modified over 9 years ago

Similar presentations

Presentation on theme: "SLAC COMPUTER SECURITY AntiVirus Process Marilyn Cariola Heather Larrieu (audio) Chris Mayfield October 14, 2008 1."— Presentation transcript:

1 SLAC COMPUTER SECURITY AntiVirus Process Marilyn Cariola Heather Larrieu (audio) Chris Mayfield October 14, 2008 1

2 SLAC COMPUTER SECURITY Computer Security AntiVirus Source: Quarterly Report PandaLabs – July-Sept 08

3 SLAC COMPUTER SECURITY Malicious Software More trojan attacks Coming via web browsing Using SQL injections techniques Battery of exploit attempts –3 rd party applications –OS vulnerabilities Goal is Silent Infection –Trojan.ZLOB –Trojan.PANDEX –Trojan.ASPROX 3

4 SLAC COMPUTER SECURITY What you see 4

5 SLAC COMPUTER SECURITY Virus Alert Alert: Virus Found Computer: XXXXXXXXXXXXX Virus: Trojan Horse Path: C:\WINDOWS\Temp\VBR49FD.exe Date: 9/29/2008 Time: 9:54:46 AM Severity: Critical Requested Action: Clean Action Taken: Leave Alone User: XXXXXXXXXXXXX Source: Symantec AntiVirus Corporate Edition 5

6 SLAC COMPUTER SECURITY AV Process & Actions Type (1) Actions AVCyberAdminUser Trojan horse, SpywareLeave alone, access denied, undefined Isolate/ Email Scan (2) format and rebuild (3) Change password AdwareLeave alone, access denied, undefinedEmailScan (2) Chg pwd WormLeave alone, access denied, undefinedEmailScan (2) Chg pwd VirusLeave alone, access denied, undefinedEmailScan (2) Chg pwd Trojan horse, SpywareClean, quarantine, deleteEmailScan (2) Chg pwd AdwareClean, quarantine, deleteNone WormClean, quarantine, deleteNone VirusClean, quarantine, deleteNone Notes: 1.The results of malware research could change the actions to be taken 2.All scans must be full AV scans in safe mode with system restore turned off. a)Results need to be shared with Cyber, screen captures or exported files. b)Depending on the results of the scan, further actions could include format and rebuild or Cyber taking the computer or hard drive for further investigation. 3.Computer security may not request a rebuild if the virus is found in cache. 4.Computers used to access personally identifiable information (PII) will receive more scrutiny when they generate virus alerts.. 6

7 SLAC COMPUTER SECURITY Other Actions Additional viruses or issues –Isolate / scan / rebuild Several (3 or more) alerts on same computer / same day –Isolate / scan / rebuild Unauthorized / prohibited software –Must be removed –Some cases sent to HR 7

8 SLAC COMPUTER SECURITY Further Review Affirmative duty to report abuse of SLAC resources Device taken, including USB devices –Illegally licensed software –Hacker tools Key generators, password sniffing, vulnerability assessment –Illicit material Pornography, gambling, evidence of running a personal business Reported to HR 8

9 SLAC COMPUTER SECURITY 9

10 SLAC COMPUTER SECURITY References 10 Computer Security website –Restricted/Prohibited softwareRestricted/Prohibited software Policies –Limited Personal Use of Government Office Equipment including Information TechnologyLimited Personal Use of Government Office Equipment including Information Technology –Use of SLAC Information ResourcesUse of SLAC Information Resources

11 SLAC COMPUTER SECURITY Questions / answers / discussion 11 What would happen if we didn’t do this? –A computer gets compromised Becomes a bot for additional attacks Information is lost –During a Site Assessment Non-job related data is found –Unlicensed / illegal software –Pornography SLAC fined, lose contract?

Download ppt "SLAC COMPUTER SECURITY AntiVirus Process Marilyn Cariola Heather Larrieu (audio) Chris Mayfield October 14, 2008 1."

Similar presentations

Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
For further information computersecurity.wlu.ca

For further information computersecurity.wlu.ca
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
Safe IT – Protect your computer and Family from unwanted programs viruses and websites.

Safe IT – Protect your computer and Family from unwanted programs viruses and websites.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Quiz Review.

Quiz Review.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.

Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.
Protecting Yourself Antivirus Programs By: Stephanie Shaughnessy.

Protecting Yourself Antivirus Programs By: Stephanie Shaughnessy.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
eScan Total Security Suite with Cloud Security

eScan Total Security Suite with Cloud Security

Similar presentations

Ads by Google