1. The ABC’s of Identity Theft Part One in a multi-part series of overviews on Disaster Avoidance, Business Continuity and Disaster Recovery

2. Objectives Security Overview Define “identity theft” Evaluate criminal methodologies Consider “protective” solutions

10. Interesting information… 25 million new strains of malware are presented in just one year 23 new malware samples per minute Banker trojans make up 66% of all malware 95% of the bits and bytes sent across the internet consists of “unstructured” data PDF JPG/GIF MPEG SOURCE: Infoweek TechWeb Webcast of 2/17/2010

11. Interesting information (cont)… The most alarming sources of malware attacks come from: Social Networking @ 31% Web sites @ 29% Email @ 17% SOURCE: Infoweek TechWeb Webcast of 2/17/2010

12. Interesting information (cont)… Facebook receives 15 million requests for service PER SECOND 49 % of companies polled allow their staff to access Facebook SOURCE: Infoweek TechWeb Webcast of 2/17/2010

13. Potential Threat Vectors… Wireless access points Email accounts Social networks Web site attacks on browsers

15. “Vectors” of choice…

16. A new site to watch (or not)… Reported in Sunday’s New York Times CHATROULETTE Only three months old and has grown to tens of thousands of users

18. During the 2 nd half of 2008, 70 of the top 100 websites were found to have been compromised or contained links to malicious sites.

19. A recent Oracle survey… Security threats are poorly understood 33% of those polled stated identity theft was a potential barrier to online purchasing 42% were worried that personal details might be intercepted 30% stated they didn’t trust web site security measures

20. Fringe sites… The problems only occur after the user decides to click the link!

21. Identity Theft

22. Identity theft in its simplest form is the compromise and use of your personal data for the purpose of committing a fraudulent act.

23. It isn’t about credit card receipts It doesn’t always come from those unsolicited credit card company invitations It doesn’t happen from people looking over your shoulder at the ATM

24. What they want… DOB SSN/National ID number Online banking information Email address and passwords Mailing address Telephone number

25. Access to your bank accounts Access to your credit card accounts Use of your personal data to secure credit Use of your personal data to obtain fraudulent identification papers Why they do it…

26. Criminal Methodologies

27. Cybercrime today has solid roots in Romania, Bulgaria and Russia. Their “take” amounts to hundreds of thousands of dollars per day.

32. IP Address Email Address Facebook

34. How they do it… Overt “hacking” Trojans Key loggers Phishing/scam emails

35. Hacking Remote access of private areas of the company server environment Primarily access over the web 1) access into then company home page 2) access into sensitive files areas Unlawful or malicious removal of sensitive information Internal/local access 1) USB drives 2) CD burners 3) Rogue wireless devices

36. Trojans Potentially malicious executable files that access critical areas or files in your network or computer.

37. Key Loggers Beware! These executables have the ability to record ALL your password entries and then send them off to a specific address without you knowing it.

38. “Phishing” and scam emails Emails that solicit the recipient to divulge key information in order to gain access to specific data.

39. How malware propagates… “botnet” is a term associated primarily with the negative aspects of malware distribution

40. 10,000’s Message Variants 10-15 Unique Site Designs 1,000’s URLs 100’s Web Servers One Support Website One Pharmacy One Merchant Account Billions of Messages 100,000’s Zombies

41. The problems only occur when the user decides to click the link!

43. What looks “innocent” really isn’t. Would you provide this information to a stranger?

44. So, do you think this looks official and legitimate?

47. Protection Options

48. Anti-virus update… Symantec (Norton) will leave the business McAfee is strengthening its position RSA is winning huge projects Sendio, Red Condor, AVG, etc…

49. “Security” regulations… HIPAA - Health Information Portability and Accountability Act HITECH - Health Information Technology for Economic and Clinical Health Act PCI - Payment Card Industry Sarbanes-Oxley

50. Protection methods… Firewall Resident Antivirus app Spyware/Malware app Endpoint security Forensics Individual Corporate

51. Firewalls… Use them Whitelists and blacklists Monitor the common ports

52. Resident antivirus protection… BOT detection Malware detection Hidden executable file detection Spyware/Malware protection… BOT detection Malware detection Hidden executable file detection

53. Endpoint security is used to control, secure and monitor all methods of data transfer

54. Spotting malware activity… Malware morphs IRC traffic increases across the common ports Increases in antivirus file changes Outbound SMTP traffic increases Host file modification

55. Using the “cloud”…

56. The solution can be on premise or in the “cloud”… Premise-based solutions Cloud-based solutions

57. Your individual solution requires a “blended” approach… Your firewall Some sort of hardware or software “monitor” Your corporate solution requires a “blended” approach as well… Your firewall Some sort of hardware or software “monitor” Endpoint security with forensics

58. The problems only occur when the user decides to click the link!

59. Larry Pyrz SimpleTel, Inc. www.simpletel.biz larry@simpletel.biz 773-728-3315