Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Computer Threats and Safety Darren J. Mott Supervisory Special Agent Cyber Crime Squad Federal Bureau of Investigation Cleveland Division 1.

Similar presentations


Presentation on theme: "1 Computer Threats and Safety Darren J. Mott Supervisory Special Agent Cyber Crime Squad Federal Bureau of Investigation Cleveland Division 1."— Presentation transcript:

1 1 Computer Threats and Safety Darren J. Mott Supervisory Special Agent Cyber Crime Squad Federal Bureau of Investigation Cleveland Division 1

2 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 2 General Outline General Security General Security Current Cyber Threats Current Cyber Threats Threats to Children Threats to Children Common Scams Common Scams How to report a Cyber Crime How to report a Cyber Crime Social Networks Social Networks How to conduct general forensics on your computer How to conduct general forensics on your computer 2

3 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 3 General Security The operating system on PCs (XP/VISTA) are generally insecure out of the box. The operating system on PCs (XP/VISTA) are generally insecure out of the box. MAC users are generally safer than PC users, but as MACs gain in popularity, more exploits are showing up. MAC users are generally safer than PC users, but as MACs gain in popularity, more exploits are showing up. Do not depend on the Microsoft Firewall to provide much protection Do not depend on the Microsoft Firewall to provide much protection You should always have a third party security program running on your system. You should always have a third party security program running on your system. 3

4 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 4 Myth “I have an anti-virus program, my computer is safe.” “I have an anti-virus program, my computer is safe.” AV products only protect against computer viruses. There are FAR more vulnerabilities that just viruses.AV products only protect against computer viruses. There are FAR more vulnerabilities that just viruses. AV products ONLY protect against less that 40% of known viruses.AV products ONLY protect against less that 40% of known viruses. AV products don’t protect you until AFTER the virus is released.AV products don’t protect you until AFTER the virus is released. 4

5 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 5 Myth “My computer is behind a router, I am safe.” “My computer is behind a router, I am safe.” While being behind a router is a good idea and your PC is better hidden, it is not an end-all protection schemeWhile being behind a router is a good idea and your PC is better hidden, it is not an end-all protection scheme Routers should be secured alsoRouters should be secured also Wireless Routers MUST be secured.Wireless Routers MUST be secured. WPA security protocol and/or MAC address restriction WPA security protocol and/or MAC address restriction Be careful connecting to unsecured wireless networks. Your traffic can be monitored. Be careful connecting to unsecured wireless networks. Your traffic can be monitored. Unless you have to, do not broadcast the network SSID. Unless you have to, do not broadcast the network SSID. 5

6 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 6Myth I don’t run a Windows Operating System, I don’t need to worry. I don’t run a Windows Operating System, I don’t need to worry. Linux and Mac users are generally safer from infection by viruses, but not free from exploitation of known vulnerabilities. Linux and Mac users are generally safer from infection by viruses, but not free from exploitation of known vulnerabilities. Most computers are Windows based, so bad guys are going to spend more time attacking that system.Most computers are Windows based, so bad guys are going to spend more time attacking that system. 6

7 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 7 Current Cyber Threats Modern malware is passed along by a variety of methods. Modern malware is passed along by a variety of methods. Email – attachmentsEmail – attachments WebsitesWebsites Software (especially pirated software)Software (especially pirated software) P2P networksP2P networks 7

8 8 Types of Malware Viruses Viruses Worms Worms Wabbits Wabbits Trojans Trojans Spyware Spyware Backdoors Backdoors Exploits Exploits Rootkit Rootkit Keyloggers Keyloggers Dialers Dialers URL Injectors URL Injectors Adware Adware 8

9 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 9 Current Cyber Crime Trends Covert delivery of Malicious code Covert delivery of Malicious code Use of malware to steal personal information Use of malware to steal personal information Use of this information to steal & manipulate financial information Use of this information to steal & manipulate financial information Targeting of smaller banks, school districts, churches and CFOs Targeting of smaller banks, school districts, churches and CFOs Organized groups arising to coordinate attacks Organized groups arising to coordinate attacks Use of wireless networks to steal data Use of wireless networks to steal data Insider crime continues to be a problem Insider crime continues to be a problem Terrorism Terrorism Espionage Espionage 9

10 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 10 General Protection TIPS NEVER open an attachment from someone you don’t know. If you get an attachment from someone you do know but there is no text indicating what it is, be suspicious. NEVER open an attachment from someone you don’t know. If you get an attachment from someone you do know but there is no text indicating what it is, be suspicious. Use security software to restrict sites. Use security software to restrict sites. Make your kids aware that they AREN’T really getting free stuff from emails. Make your kids aware that they AREN’T really getting free stuff from emails. 10

11 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 11 Common Scams Nigerian Email Nigerian Email Work at home Work at home Western Union money transfer professional Western Union money transfer professional Phishing/Vishing Phishing/Vishing Auction Fraud Auction Fraud Lotteries Lotteries Reshipping Reshipping More details at www.ic3.gov More details at www.ic3.govwww.ic3.gov 11

12 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 12 Online Transactions If used on well-known sites it is generally a safe transaction. Look for the lock in the lower right corner of the browser or in the address bar the an “https”. This creates a secure encrypted connection between you and the vendor. If used on well-known sites it is generally a safe transaction. Look for the lock in the lower right corner of the browser or in the address bar the an “https”. This creates a secure encrypted connection between you and the vendor. Most theft occurs on the companies’ backend not during the transaction itself. Most theft occurs on the companies’ backend not during the transaction itself. 12

13 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 13 How to report a crime Depending on the type of crime experience you should contact local police, the FBI and at the very least www.ic3.gov. Depending on the type of crime experience you should contact local police, the FBI and at the very least www.ic3.gov. www.ic3.gov Unless you work for a company that is the victim of a computer intrusion you will be unlikely to find resolution in the Federal System. Civil remedies are generally more effective. Unless you work for a company that is the victim of a computer intrusion you will be unlikely to find resolution in the Federal System. Civil remedies are generally more effective. 13

14 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 14 How do I know if my computer is compromised Depending on the malware, you may not know. Depending on the malware, you may not know. Is your computer really sluggish or slow? Then maybe. Is your computer really sluggish or slow? Then maybe. Educate yourself on self-diagnosis. Google is your friend. Educate yourself on self-diagnosis. Google is your friend. External data storage. External data storage. Re-install OS periodically. Re-install OS periodically. 14

15 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 15 Your Kids & Computer Accounts Give them their own login and do NOT make it an administrator account. This will restrict them from installing programs. Give them their own login and do NOT make it an administrator account. This will restrict them from installing programs. You can use third party to applications to restrict sites (Cybersitter, Safe Eyes, Internet, Net Nanny etc..) but don’t expect everything to be filtered. You can use third party to applications to restrict sites (Cybersitter, Safe Eyes, Internet, Net Nanny etc..) but don’t expect everything to be filtered. Not 100% protection, but better than nothing. Not 100% protection, but better than nothing. 15

16 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 16 Threats to Children Highly targeted by pedophiles online, especially because of the explosion of social networks (MySpace, Facebook etc…) Highly targeted by pedophiles online, especially because of the explosion of social networks (MySpace, Facebook etc…) Check your computer for IRC, AIM, YAHOO messenger, ICQ or any other IM programs. These are gateway programs for problems (watch a single episode of NBC’s To Catch a Predator for proof). Check your computer for IRC, AIM, YAHOO messenger, ICQ or any other IM programs. These are gateway programs for problems (watch a single episode of NBC’s To Catch a Predator for proof). Social Networks (Risks to everyone) Social Networks (Risks to everyone) Keep your computer in a common area. Keep your computer in a common area. Tell your kids you are logging all their activity – even if you aren’t (Google – “keyloggers for parents”) Tell your kids you are logging all their activity – even if you aren’t (Google – “keyloggers for parents”) 16

17 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 17 Social Networks Massive adoption in the consumer market Massive adoption in the consumer market MySpace, Facebook, LinkedIn, Friendster, TwitterMySpace, Facebook, LinkedIn, Friendster, Twitter Statistics on FacebookStatistics on Facebook Over 500,000,000 users (fall 2010) Over 500,000,000 users (fall 2010) Over 250,000 new registrations per day Over 250,000 new registrations per day Over 200,000 developers have submitted some sort of Facebook application using basic programming skills and there are over 350,000 official apps Over 200,000 developers have submitted some sort of Facebook application using basic programming skills and there are over 350,000 official apps 17

18 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 1818

19 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 19 Social Networking & Crime Authorities say the web is largely to blame for a 16 percent increase in rapes this year. Authorities say the web is largely to blame for a 16 percent increase in rapes this year. “In the past, rapists would have to hunt and stalk…now all you have to do is get on the internet and she’s waiting for you in a hotel room”. “In the past, rapists would have to hunt and stalk…now all you have to do is get on the internet and she’s waiting for you in a hotel room”. Sgt. Darrell Price, Charlotte- Mecklenburg PD, Sexual Assault Unit as quoted in “American Police Beat”, September 2009. 19

20 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 20 Ideal Exploitation Platform Social networks have intrinsic properties that make them ideal to be exploited by an adversary: Social networks have intrinsic properties that make them ideal to be exploited by an adversary: Difficult to police: very large and distributed user baseDifficult to police: very large and distributed user base Trust network: clusters of users sharing the same social interests developing trust with each otherTrust network: clusters of users sharing the same social interests developing trust with each other Platform openness for developing applications that are attractive the general users who will install themPlatform openness for developing applications that are attractive the general users who will install them 20

21 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 21 Too Much Info The SN value proposition is information sharing The SN value proposition is information sharing “Linked In” - defaults for outsider access is not bad“Linked In” - defaults for outsider access is not bad “Facebook” - defaults very open“Facebook” - defaults very open “Twitter” - no expectation of privacy anyway“Twitter” - no expectation of privacy anyway Try this: go to your Facebook account and search for: Try this: go to your Facebook account and search for: and “Software” or “Technology” and “Software” or “Technology” From the list of results click until you find one that has all their profile information visible... there are usually many!From the list of results click until you find one that has all their profile information visible... there are usually many! Can lead to guessed passwords or recovery questionsCan lead to guessed passwords or recovery questions 21

22 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 22 As an example It took seriously 45 mins on wikipedia & google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, & it only has 2 zip codes (thanks online postal service!) the second was somewhat harder, the question was “where did you meet your spouse?” It took seriously 45 mins on wikipedia & google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, & it only has 2 zip codes (thanks online postal service!) the second was somewhat harder, the question was “where did you meet your spouse?” 22

23 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 23 WAY Too Much Information (or compromised account) 23

24 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 24 General Forencics Run>>cmd Run>>cmd Netstat Netstat Samspade.org Samspade.org Samspade.org Maxmind.com Maxmind.com Maxmind.com Domaintools.com Domaintools.com Domaintools.com Dnsstuff.com Dnsstuff.com Dnsstuff.com Grc.com – Shields up Grc.com – Shields up Grc.comShields up Grc.comShields up If you are not comfortable regarding these steps, find a computer savvy friend. If you are not comfortable regarding these steps, find a computer savvy friend. 24

25 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 25 Vigilance is the key. 25

26 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 26 Computer Security Issues Mailing List I keep a personal mailing list that I send out security issues from time to time (latest scams, new viruses, etc..) I keep a personal mailing list that I send out security issues from time to time (latest scams, new viruses, etc..) If you want me to add you, send an email to darren.mott@gmail.com. If you want me to add you, send an email to darren.mott@gmail.com. darren.mott@gmail.com If you think of a question I did not answer here, feel free to contact me. If you think of a question I did not answer here, feel free to contact me. 26

27 Darren Mott’s presentation to Greater Cleveland PC Users Group www.gcpcug.org – 01/08/11 27 Thank you SSA Darren J. Mott 216-622-6916 darren.mott@ic.fbi.gov 27


Download ppt "1 Computer Threats and Safety Darren J. Mott Supervisory Special Agent Cyber Crime Squad Federal Bureau of Investigation Cleveland Division 1."

Similar presentations


Ads by Google