4 In 1969 the first message was sent on the pre-cursor to the ARPANET a precursor to the modern internet.
5 In 1971 the creeper virus was created In 1971 the creeper virus was created. It replicated itself across the ARPANET and installed on the local system displaying the message. “IM THE CREEPER. CATCH ME IF YOU CAN”. Another programmer wrote a program “REAPER” to seek out and destroy the CREEPER virus.
6 In December 2013 Microsoft moved to take down the ZeroAccess botnet comprised of ~ 3 million infected computers.
9 SCALEHard Drive Size: 500 GBGB = Giga ByteGiga = 1.0 E 9 = Billion = 1000 millionByte = 8 bits = Memory to store ~ 1 character “a”Bit = Binary digit = 1 or 0Nibble = 4 bits or half a byte MP3 Size: 3.5 MBMB = Mega ByteMega = 1.0 E 6 = Million = 1000 thousandTrojan: 100 KBKB = Kilo Byte = 1.0 E 3 = thousand
10 VIRUSA self replicating programinstalls itself in another program.not necessarily maliciousHarm may result due to its method of infectionMemory in a computer is a approximate thing.Viruses exploit this to infect a program.empty space in memory blocksCompress a program to make roomDelete parts of program and insert its codeDispersal amongst many files using multiple methods.
12 MUTATIONViruses, Trojans and worms can infect each otherMay be accidental or intentionalPopular viruses may be exploited by other virus writers.May work in tandem or conflict.Exploit the same flawExploit resultant flawsDelete and replace existing infectionEx. Cholera/CTX is the cholera virus infected with the CTX mass mailing worm. Mutations are rarely viable, but still a threat. Doubly so since they present an additional challenge of detection, and malfunction.
13 TROJAN HORSE non replicating uses subterfuge to infect Usually not destructive in and of themselves,Tend to open backdoors formore malicious programsmonitoringRemote controlStealing personal informationKey loggingVectorsattachment in afree program to download moviesFake AV pop upMay perform as advertised or appear to fail to do anythingTROJAN HORSE
14 ZEUS / SPYEYEThere was a crackdown on ZEUS/SPYEYE in It was used to steal information from NASA, Bank of America, CISCO, Amazon.Easy to installUser friendlyDifficult to attribute
15 WormsSelf replicatingpropagate by exploiting vulnerabilitiesopen network ports,flaws in software design.Incidental cost due to transmission methodconsumes excessive bandwidth while searching for new targetsThis suspicious traffic makes it easier to spot
16 There’s some overlap in the definition of different types of malware There’s some overlap in the definition of different types of malware. The distinction doesn’t really matter since the goal is to prevent infection and keep your system secure.No system is perfect but there’s a great deal the average user can do to thwart attackers and protect themselves.Social engineering is a big part of malware. If you encounter a fake AV program, or PHISHING attempt it is intentionally alarmist. It covers most your screen with a flashing dire warning and counters racking the total number of infections found.Spear phishing is becoming more common too. It’s hard to avoid putting information out there as a public institution. Encountering a Cyber threat is inevitable, but most attempts are fairly transparent.greyarea
17 Vitek Boden :Machony shire, Australia In 2001 millions of tons of sewage were dumped into natural parks by the Queensland waste management system. At first they thought it was a malfunction but after the problem persisted they realized they were subject to an cyber attack.The stations had remotely controllable nodes and they noticed a pattern of the attacks and setup a sting capturing 49 year old Vitek Boden in his car with a laptop and some propriety hardware for the accessing sewage systems controls.
18 Lulsec:Was a group of hackers who gained notoriety in 2011 for a series of high profile attacks against corporations. Most members were caught after their leader outted himself to an FBI informant and assisted in there capture.
19 AV : AntivirusThey operate by scanning your system against there database of malware signatures. There’s no reason not to have one.They can be bothersome due to system resource consumption and permission conflicts but their settings can be tweaked to reduce their resource usage and when installing programs from a trusted source they can be disabled.Still they should be installed. Scans should be run at least weekly and virus definitions updated daily.
20 FirewallControls network traffic flow. What programs can communicate on which ports, and filters incoming traffic.Stand alone equipment, and most O/S have one built in.
21 Spam FiltersSPAM is such a problem that this is a de-facto feature of most mail clients and AV applications, but it’s worth noting. They can operate intelligently parsing mail based on algorithms ranging from strong to weak or in conjunction with whitelist/blacklist.Whitelisting is inclusive, you designate what domains, or addresses can pass through to your mailbox.Blacklist are exclusive, designating what domains or addresses cannot send mail to your mailbox.
22 System Permissions Operate using the lowest permission level possible. An infection operates with the same permissions it is running under.It’s possible to limit the scope of infections by using an account with standard permissionsIf your system is infected as an admin, your whole system is now vulnerableAs a standard user it may be limited to that profileThe default account created usually is an Administrator regardless of its name
23 Phishing is an attempt to gain access to credentials, account information, or funds directly. Usually they’re SPAMMed in bulk.Spear PHISHING is a target phishing attempt. The message will be tailored towards a specific group of users. In either case the same principles of avoidance apply.
24 Spotting SpamGrammarCheck the sender address.Mouse-over linksIf you get an from a vendor and you thinks it’s illegitimate. Just go to the site.
25 Mobile Devices Increasingly targeted by cyber attackers They face the same threats as computers (viruses, worms, trojans, etc)Unsecure AppsGather personal informationCreate security holesEmbedded malwareAnti Virus Apps
26 SpyGold.A Trojan Targets Android OS Forwards copies of txt messages and phone calls onto a remote server.Installs/Uninstalls appsMakes phone callsSends TXTsCan operate at a bot
28 (also some combination of the three) Cracking Passwords3 General MethodsBrute force: every possible passwordDictionary: common passwords and iterationsCapture:deciphering the encrypted passwordSpoofing an active session(also some combination of the three)
29 Password Policy Don’t use a common phrases or words Don’t use the same password in multiple placesMake it ComplexChange it occasionallyMake it Easy to rememberPassword Policy
30 Password Re-use Cascade Varying levels of encryption Open Sessions Attackers won’t stop at exploiting one accountUsing different passwords prevents limits the scope of successful attacksVarying levels of encryptionNot every site stores passwords with the same level of securityNot every site needs a strong passwordOnline Banking: YesCandy Crush : NoCandy Crush with saved credit card: YesOpen SessionsAfter logging into a website a session is createdAttackers can bypass authentication by capturing this session informationDon’t keep multiple tabs or windows open when accessing secure sitesLogout when you’re finished working on a siteRoutinely clear internet historyAvoid storing passwords in the browser
31 Creating a strong, easy to remember password Simple phrase: what day is it again?Remove spaces: whatdayisitagain?Capitol Letters: wHatdayisitagain?Numbers: wHatd7ayisitag4ain?Special Characters: wHatd7!ayisitag4ain?Extra letters wHatd7!ayisihtag4ain?
32 Final WordExplore your computer while it’s working so you’ll know when it’s notWhat accounts are on the machine?What permission levels do they have?What programs and services are running ?Start automatically ?What files (pictures, documents, etc) are important ?When was the last time you backed them up ?Are they backed up online and offline ?Is the online backup secure ?Antivirus programHow up to date is the program ?Up to date Virus definitions ?Routine Scan schedule ?Firewall is runningWhat programs are allowed throughWhat internet browser(s) do you use ?Are they up to date ?What Plugins, Toolbars, Add-Ons does it have ?Are they from a trusted source ?Do they collect personal information and what ?What version ofAdobe ReaderAdobe FlashActiveX or PluginJava
33 Resources Free AV Applications Wild listNational Institute of Standard and TechnologyDepartment of Homeland Securityhttps://www.us-cert.gov/ncas/tipshttps://www.dhs.gov/cybersecurity-tipsPassword Strength Checkerhttps://www.microsoft.com/en-gb/security/pc-security/password-checker.aspxSophos A-Z Threats