OSAC/AmCham Country Council Meeting in Kraków 2011. ABC of Digital Security

transcript

8/7/2019 OSAC/AmCham Country Council Meeting in Kraków 2011. ABC of Digital Security

http://slidepdf.com/reader/full/osacamcham-country-council-meeting-in-krakow-2011-abc-of-digital-security 1/29

ABC of Digital Security

Marek Suczyk

April 13, 2011

Cyberworld

Source: www.sxc.hu

Cyberworld

United States

» 239,2 mln Internet users (77,3% of the American population)

10%20%

2000 2005 2007 2010

Source: http://www.internetworldstats.com; July 1, 2010

Cyberworld

Poland

» 22,5 mln Internet users (58,4% of the Polish population)

2000 2005 2007 2010

Source: http://www.internetworldstats.com; July 1, 2010

So, what? What does it mean for me?

Two worlds

Source: www.sxc.hu

Am I secure?

Your system is as strong as its weakest link

„I didn’t break systems, I broke people.”

Internet threats

1. Malicious software (malware)

Infectious malware

» Computer viruses» Computer warms

Concealment

» Trojan horses

» Backdoors

For profits

» Spyware

» Keystroke logger

» Dialer, etc., etc...

Hackers or criminals?

90’s

» Hacking for fun, entertainment and recognition» Internet hooligans

» Well organized and managed groups

» Often politycally motivated

» Earning huge amounts of money

2. Phishing

and fake landing page

Typosquating

» Original page: www.millennium-online.pl

» Fake landing page could be:

– www.milennium-online.pl (one ‘l’) – wwwmillennium-online.pl (w/o dot)

– www.millennium-0nline.pl (zero instead of ‘o’)

– Etc.

3. Naivness

259 723 visits in 6 months

409 „victims”

...with an investment of 17 Euro

4. Virtual friends

Do you know who on the other side is...?

5. Social networking

Golden rules

Use recent updates of your OS and security software

Do NOT turn off your self-preservation instinct

Behave like in your real life

Have a limited trust for a „virtual friend”

Remember that you are not anonymous on the Internet

ENJOY the Internet but be aware of what can happen

Digital format threats

Methods of physical data transport

Electronic cards

Source: www.sxc.hu

How to make a counterfait card?

Or buy it?

American credit card

» with CVV $2.11» w/o CVV $0.53

Non-american cards» with CVV $2.64

» w/o CVV $1.06

Source: CERT report 2010

Golden rules

Protect your digital data carriers

Use PINs and passwords where possible

Protect your PINs and passwords well

End of the life-cycle of your computer

Kroll Ontrack experiment

Purchase of 100 used hard drives on the Internet

Data Recovery

Found:

» 118 documents with confidentialit clause

» 18 364 personal data records

» 3 complete marketing strategies

» 12 company budgets

» 687 various business contracts

Do you use a shredder?

Do you really delete your computer data?

„Delete” does NOT erase your data

System Format does NOT erase your data

Reinstallation of your Operating System does NOTerase your data

Hammer does NOTdelete you data...

Golden rules

Use professional software to delete your sensitive data

Use a degausser to destroy your hard driveseffectively

Questions?

THANK YOU

Marek SuczykManaging Director at Kroll Ontrack Poland

OSAC/AmCham Country Council Meeting in Kraków 2011. ABC of Digital Security

Documents