Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security Online Security.

Similar presentations


Presentation on theme: "Cyber Security Online Security."— Presentation transcript:

1 Cyber Security Online Security

2 What is Cyber Security? Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, the term security implies cybersecurity.

3 What is Cyber Warfare? Cyberwarfare is Internet-based conflict involving politically motivated attacks on information and information systems. Cyberwarfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and cripple financial systems -- among many other possibilities.

4 What is a Cyber Attack? an attempt by hackers to damage or destroy or gain unauthorized access to a computer network or system.

5 Types of Cyber Attacks Spoofs – Website forgery - Man-in-the- Middle – Link Manipulation Phishing Scams Id Theft

6 Malware Malware is an encompassing term that includes “virus”
Malware = “malicious software” Malware is any kind of unwanted software that is installed without your consent on your computer. Viruses, worms, Trojan horses, bombs, spyware, adware are subgroups of malware.

7 Viruses A virus tries to infect a program or data file, which in turn relies on the user to spread the virus around to others (via , the network, etc.) A computer virus is a program that can replicate itself and spread from one computer to another. A virus can infect files every time a user opens an infected program, document or file.

8 Virus - Logic Bombs Logic Bombs: is programming code that is designed to execute or explode when a certain condition is reached. Most the time it goes off when a certain time is reached or a program fails to execute. But it these bombs wait for a triggered event to happen. Most common use of this is in the financial/business world. In businesses, often the result of a disgruntled programmer. Often found on programs downloaded from the web.

9 Trojans Trojan horse: a program or software designed to look like a useful or legitimate file. Once the program is installed and opened it steals information or deletes data. Trojan horses (as opposed to other types of malware) usually run only once and then are done functioning. Some create back-door effects (allow illegal logins from unauthorized individuals) Can “patch” the OS to revert to an insecure state

10 Worms Worms and viruses get interchanged commonly in the media.
In reality a worm is more dangerous than a virus. A worm spreads without action on your part (like via your server) Worm is designed to replicate itself and disperse throughout the user’s network. Worms and Internet Worms are the two most common worm.

11 Worm worm goes into a user’s contact/address book and chooses every user in that contact list. It then s itself to all of your contacts, by copying itself into an attachment The recipient will open the attachment and the process will start over again!

12 Internet Worms A internet worm is designed to be invisible to the user. The worms scans the computer for open internet ports that the worm can download itself into the computer. Once inside the computer the worms scans the internet to infect more computers.

13 Adware and Spyware Adware is a type of malware designed to display advertisements in the user’s software. They can be designed to be harmless or harmful; the adware gathers information on what the user searches the World Wide Web for. With this gathered information it displays ads corresponding to information collected.

14 Adware and Spyware cont.
Spyware is like adware it spies on the user to see what information it can collect off the user’s computer to display pop ads on the user’s computer. Spyware unlike adware likes to use memory from programs running in the background of the computer to keep close watch on the user. This most often clogs up the computer causing the program or computer to slow down and become un-functional.

15 Not just on programs! “Macro” viruses can be found in .doc, .xls, and .ppt files (including .docs, .xlsx, and .pptx) Adobe Acrobat files can have viruses Wed sites can try to automatically download malware or trojans In short – trust no one.

16 What are actually trying to defend?
We are not interested in just protecting computers. If you really wanted to protect your computer, you'd simply turn it off and stick it in a fireproof/waterproof safe. We are not interested in just protecting data. If you really wanted to protect some piece of data, you'd disconnect your hard drive, and stick it in a fireproof/waterproof safe.

17 Risk Assessment - Balance Between Services and Security
Secure but still has to be useful, cost effective and physically possible

18 Steps You Can Take For You
What Can You Do to Protect You? Steps You Can Take For You

19 Physical Security KEEP YOUR COMPTUER SAFE! Don’t leave it lying around
Lock your room Use a password Use a STRONG password Don’t turn your back for a minute!!

20 Logging into a Computer with User Account verses Admin Account
Every process has a user associated with it, every file and directory has a user associated with it. Each account has privileges/permissions given to it. Administrator (or root in UNIX) has unlimited privileges/permissions thus if you are logged in as Admin and you are infected/attacked/breached as Admin the hacker has those privileges/permissions Running your computer as an administrator (or as a Power User in Windows) leaves your computer vulnerable to security risks and exploits. Simply visiting an unfamiliar Internet site with these high-privilege accounts can cause extreme damage to your computer, such as reformatting your hard drive, deleting all your files, and creating a new user account with administrative access. When you do need to perform tasks as an administrator, always follow secure procedures. The ultimate prize in attacking a computer is to be able to run Programs with super-user privileges, because then you essentially "own" that machine. In particular, if you can launch a command shell with elevated privileges, game over ... you win.

21 He Who Controls the Information, Controls the World
the owner of a file/directory can choose to explicitly allow access to the file by other users; and there are privileged users (Administrator account in Windows, root account in UNIX), a process owned by a privileged user can access files/directories they don't own. The Administrator and root accounts are super-user accounts. A process owned by Administrator/root can access any file/directory.

22 Keep Your Computer Up to Date Keep Your Software Up to Date Keep Your Web Browsers Up to Date

23 Operating System And Program Security
Keep your Operating System up to date! Turn on auto-update! the updates are mostly focused on security patches Update ALL programs! Update Java!

24 Use Security Software & Keep them Up to Date!
Install anti-virus software, anti-spyware software, and a firewall. Set your preference to update these protections often. Protect against intrusions and infections that can compromise your computer files or passwords by installing security patches for your operating system and other software programs.

25 Anti-Virus software Antivirus programs are designed to detect malware trying to enter the user’s system. There are several ways a antivirus program can track malware entering the computer. Use some type of Antivirus/Spyware/Malware program Windows Defender on PC One of the free options for the Mac Avira Sophos Avast

26 Antivirus program Scans incoming / messages, and monitors all files running on the computer Scans all files copied (or present on removable USB/DVD drives, or on the cloud) Uses database of virus “signatures” for known viruses, and “guesses” at new unknown ones Constant updates required Not 100% foolproof – but pretty good! Some good ones are free Run the Antivirus at all times, and let it “scan” incoming files. Also, let it scan your entire computer when you first install it

27 Cloud Antivirus New form of antivirus program
The virus scanning is done from a remote location(not on the computer). Why this is so popular is because it relieves the physical computer resources. Constant functionality (Nonstop scanning) Security Issues

28 Firewall It’s probably built into your machine ( a weak one, anyway)
The campus has it’s own firewall A firewall keeps out MOST (but not all) of the attempts to harm your computer

29 Network Firewall The operating systems’ way of protecting the user from unknown programs. Not technically a antivirus program Monitors the TCP/IP ports programs tries to access. The firewall prevents Worms from infecting the computer. Without it – outside programs could possibly enter and run on your computer Build in on PCs and Macs – also on routers

30 Use Anti-Spyware Programs
Removes programs that “spy” on you Spyware is a type of malware that is installed on a computer without the knowledge of the owner in order to collect the owner's private information often hidden from the user in order to gather information about internet interaction, keystrokes (also known as keylogging), passwords, and other valuable data. A typical spyware program resets your home page

31 Avoid Pirated and Cracked Software Don’t Install Programs/Apps That You Have Not Checked Out

32 Be alert Be alert to what is on the websites you are visiting
Be alert to impersonators Be alert to your surroundings To where your screen faces To what you are saying in public Be alert to what you are downloading Be alert to the permissions of the app that you are using

33 Be Mindful of your Personal Data
Don’t overshare your personal information on Social Networking Sites! Don’t share your passwords Erase your personal data when disposing of mobile devices, computers, tablets, …

34 Encrypt Your Data Look for the lock icon before sending personal of financial information online Use BitLocker or similar programs to encrypt data on your computer, tablet, or cell phone

35 Store Your Data on an External Hard Drive & Unplug It When Not in Use

36 Avoid Phishing s Don’t open files, click on links, or download programs sent by strangers. Opening a file from someone you don’t know could expose your system to a computer virus or spyware that captures your passwords or other information you type.

37 Files Be able to see the full name of files
Extensions can be changed, the only true way to know what is in the file is to be able to read the file header in a hex editor “GIFAR” files – a file that is a photo that allows malicious software that can then be used to gain access to your computer

38 Be Wise about Wi-Fi Who is out there – who is listening?
Can use encryption WEP (Wired Equivalent Privacy) 40 bit key WPA (WiFi Protected Access) 128 bit key WPA2 (WiFi Protected Access 2) 256 bit key Beware of free WiFi Not guaranteed to be secure Not guaranteed to be private Note that this encryption (encoding) occurs at the Link Layer, so that all the layers above (Application, Transport, Internet) are unaware that anything was ever encrypted.

39 Bluetooth Don’t leave it enable – only have on when needed
Hackers and data thieves can use Bluetooth connections to "eavesdrop" on your device and access your sensitive data.

40 Use Complex Passwords Create ones that are longer than 8 characters
Change them every 3 months Don’t reuse the passwords Don’t use words, keys that are continuous on the keyboard Don’t use your birthday, anniversary date, other easily found information about you Tips for Creating Secure Passwords

41

42 Turn off Your Computer When you Are Not Using It
Shutting down a computer prevents others from hacking it remotely, among other risks.

43 BACKUP (and backup often)
Back up critical files! USB, cloud, a second computer critical files to yourself, etc. Don’t trust a single backup Don’t store backups next to computer!


Download ppt "Cyber Security Online Security."

Similar presentations


Ads by Google