Security Awareness: Security Tips for Protecting Ourselves Online Friday, May 20, 2011 Brian Allen, CISSP Network Security Analyst Washington University in St. Louis

Let’s Talk About… Facebook/Social Networking Password Security AV Products Home Wireless Router Security Laptop Security Safe Web Browsing Phishing Examples Online Banking Virus Example and Case Study

Facebook/Social Networking:

Password Security

Parents’ Password Cracked On First Try The Onion News Feb 27, 2002 REDONDO BEACH, CA – Nick Berrigan, 14, successfully hacked into his parents’ AOL account on the first try Tuesday, correctly guessing that “Digby” was their password. “They actually used the dog’s name,” said Berrigan, deactivating the parental controls on his AOL account.

Free Password Managers 1.KeePass – I use this one 2.Password Safe – Bruce Schneier’s Project 3.PassPack –An online password manager Commercial Password Manager: 4.1Password -”Works great on iPhone and OS X”

Free Antivirus Tools

Antivirus I look for: – the fastest – update themselves automatically – have an easy to use interface AVG = AntiVir = Avast =

From CNET.com Editor Reviews AVG Popularity: * Total downloads 227,792,675 Avira AntiVir Popularity: * Total downloads 61,994,231 Avast Popularity: * Total downloads 60,978,532

AVG Interface

AVG Will Check Every

Avira AntiVir Interface

AVAST Interface

Home Wireless Router Tips

Change Default Password Firewall is on by Default WPA2, not WPA or WEP MAC Address Filtering Leave SSID on No personal info in SSID like Smith_Family

Change The Default Password

Firewall Is On By Default

WPA2

MAC Address Filtering

Home Wireless Router Tips Change Default Password Firewall is on by Default WPA2, not WPA or WEP MAC Address Filtering Leave SSID on No personal info in SSID like Smith_Family

Laptop Tracking Software

Key Questions to Consider How hard is it to disable or remove the software? Who will have access to the collected data? How many laptops are lost or stolen every year?

LoJack Pros Very difficult to disable The company, only with the user’s permission, can log in to: – Take pictures – Erase the hard drive Will work with police to recover the laptop

LoJack Bios Compatibility Asus Dell Gammatech Getac Gateway General Dynamics HP Fujitsu Lenovo (IBM Thinkpad) Motion Computing Panasonic Toshiba

LoJack Cons Bios compatibility does not include Macintosh – 40% student machines are Macs Most Expensive - $49 per laptop The company can get access into laptops, although it is only to be initiated by the owner after it is reported stolen

Laptop/USB Encryption USB Hardware Encryption – IronKey $$$ Laptop/USB Encryption – TrueCrypt (Free!)

Safe Web Browsing

Four OS Security Tips Make sure the operating system has: – Update automatically – Firewall turned on – All accounts have strong passwords – Up-to-date Anti-virus tool

Link Security Tips Don’t click links or open attachments in s. If you have any doubt, get confirmation directly from the sender. Be wary of messages that include attractive offers or urgent requests. Watch out for links that require you to immediately provide a login and password. Type the URL directly into Google.

Browser Security Tips I use Firefox as my regular browser. Firefox will automatically update itself. Firefox 3 and 4 have Phishing and Malware Protection on by default. Use the Add Block Plus Firefox Addon.

The Top Firefox Addon (By Far)

Without AdBlock Plus

With AdBlock Plus

Phishing Examples

Phishing

Spear Phishing Example

Online Banking

Important Online Banking Tip Never type your bank url into a browser Or click on a url that looks like your bank Always let Google find it for you – Should be the first link

Virus Example and Case Study:

First: Different Types of Infections Viruses – Rely on users to spread: attachments, links in an Worms – can spread on their own Trojans – A malicious file that appears to be legitimate Bots – A worm that phones home to a Command & Controller so the attacker can give it instructions

What Do The Infections Do? Send Spam Attack other machines Set up a Phishing site Act as a proxy for other malicious traffic Download spyware/adware to the machine Run a keylogger

Koobface Botnet Koobface made an estimated $2m since July 2009 It makes money by selling scareware (fake anti- virus), doing click fraud and other scams. Koobface targets Facebook and other sites. 400,000+ bots; 20,000+ fake Facebook accounts Tricks users to execute malware disguised as Flash updates needed to view shocking content. The malware turns PCs into zombie drones under the control of hackers.

Fake Anti-Virus Screen Shot

KoobFace Botnet How it works in one example: Koobface is a Russian based botnet The threat arrives as a Facebook private message that contains a supposed link to a youtube video

Don’t Click the LINK!

Koobface Example Continued Users who are tricked into clicking the link are redirected to other pages until they finally end up at a spoofed YouTube site called YuoTube

Don’t Trust the “Adobe Flash Update”!

How KoobFace works It navigates through users’ FB pages to search for their friends. It phones home to get the actual message that the worm will then spread to your friends. McAfee says it is not unusual to see 10,000 Koobface variants in one month. TrendLabs considers Zeus and Koobface to be the most prolific malware families

Koobface Targets MacOSX A new version of Koobface attacks Mac OSX spreads through Facebook. Security company Intego says this version uses a malicious Java applet to attack users.

Thank You! Brian Allen, CISSP

Password Managers: KeePass: Password Safe: PassPack: 1Password ($): Antivirus: AVG: AntiVir: Avast : Laptop Tracking: LoJack($): USB/Laptop Encryption: Ironkey($): TrueCrypt: Firefox Ad Blocker: AdBlock Plushttps://addons.mozilla.org/en-US/firefox/addon/adblock-plus Brian Allen