Internet Security

Dave PalmerInstructional Media Agent

South Central Extension District

Who This is For…

• Use a State computer

• Work at home on their own computer

This presentation is intended for Extension faculty and staff who…

It is not intended for faculty and staff who…

• Use a county computer

• Work behind a county firewall

Part 1 – The ThreatsVirus

Worms

Scams

Trojans

Backdoor

Bots

Malware

HackersPhishing

Rootkit Spyware

The threats most people are not aware of.

The threats many of us are aware of.

The Global Scope of the Problem

Estonia, a tiny but highly wired country on the Baltic Sea, was essentially shut down for 3 weeks during April and May of 2007 by organized cyber attacks.

The Global Scope of the Problem

2 dozen South Korean & U.S. Government agencies & others were attacked in July 2009. Targets included the DoD, FAA, Homeland Security, NYSE, NASDAQ, etc.

The National Scope of the Problem

Database breach by hackers personal information on 160,00 current and former students and alumni stolen.

530,000 medical records stolen including social security numbers.

Sensitive information on 65,000 current and former employees stolen.

A few of the many major security breaches that became public in the 2nd Quarter of 2009.

The Personal Scope of the Problem

• E-mail scams

• Identity theft

• Damage, repairs & replacements

• Productivity loss

Malware Headlines You Might Have Missed

• 10-11-09 - Spam dominates e-mail traffic (86%)• 10-11-09 - Malware threats in search engine results• 10-08-09 - FBI nets 100 people in phishing ring• 10-07-09 - Fox Sports site hacked to

serve malware• 10-06-09 - Malware flea market pays hackers

to hijack PC• 10-06-09 - Weak passwords dominate

Hotmail phishing leak

Malware Headlines You Might Have Missed

• 10-05-09 - Phony Facebook profiles spreading malware

• 09-30-09 - Malware re-writes online bank statements cover fraud

• 09-30-09 – Earthquake / tsunami searchers targeted by malware

• 09-15-09 - Malware ads hit NY Times• 09-15-09 - Operating systems not the

key security risk anymore• 08-20-09 - Malware designed to steal

IDs increased 600%

Malware – malicious software

Intent is to damage, disrupt, steal, or otherwise inflict problems on data, hosts, or networks.

The Scope of the ProblemThe number of NEW malware threats is increasing

New malicious code signatures - Symantec

2007

2008

What are the Threats?

• Tracking Cookies• Flash Cookies• Adware• Hoaxes• Scams• Phishing• Vishing

Not malware

• Backdoor• Keyloggers• Viruses & Worms• Worms• Trojans• Spyware• Rootkits• Bots

Malware

Tracking Cookies

• Not malware• Tag containing

info, sometimes useful to you

• No personal info unless offered

• Cookie storage can be limited

• May expire• Easy to remove

Flash Cookies• Largely unknown,

widely used• Installed by a

Flash plugin• Never expire• More cumbersome

to remove• Can send info w/o

user permission

Adobe Flash logo

Flash Cookies

Widely used…

…including in Extension

Adware• Free software that

plays, displays or downloads advertising

• May be toolbars, search boxes, games, utilities

• Mostly safe but some is spyware

• Read privacy policies

Social Engineering

Means: Manipulating people to do things or to divulge confidential information

Phishing

• Aim is to steal valuable information such as credit cards, social security numbers, user IDs and passwords

• Usually done by e-mail

• Social engineering

Phishing

• Often masquerades as legitimate person or business, even government

• Often contains a threat or consequence

• E-mail may look genuine, trustworthy

• Always points to different website than it appears to come from.

• Legitimate organizations never ask for sensitive information through e-mail

Pharming

Intent is to redirect a legitimate website's traffic to another, nearly identical but bogus website for the purpose of stealing sensitive information.

Scams

• Based on social engineering

• Often appeal to compassion or greed

• Disasters typically generate large numbers of scams

• Appear legitimate

Scams• Don’t click on links

in these e-mails• Typically offer

something of value, ask for money in advance

• Nearly impossible to track the monetary transactions

• Scammers are accomplished social engineers

Scams• Nigerian money fraud scams began in

1997 or before – by fax!

• These scams have spread to 80 countries or more.

• U.S. and U.K. are major targets

Scam Targets• Dating sites - exploit

the victims’ desire for a companionship

• Religious sites - seek donations from their victims for “worthy cause”

• Social websites - exploit personal info

Scams

• US - $1-$2 billion

• UK – 150 million pounds

• Australia - $36 million AUD

Estimated annual losses

Trojans• Programs that

masquerade as “good” programs

• Can spy, steal information, log keystrokes, download other malware

• Open backdoors, over write data

Trojans

• Cannot reproduce

• Must be spread by user interaction

• Many different types of trojans

Virus

• Can create files, move files, erase files

• Can consume memory and cause computer problems

• Can replicate• Can attach to other

programs• Can travel across

networks

Worms• A special type of virus • Can replicate itself and use

memory• Reproduce so fast they

overload and shut down entire systems

• Cannot attach itself to other programs.

• Spreads mostly by e-mail

Backdoor

• Malware that allows access to a computer without knowledge of the user’s password and user name.

• Allows attackers easy remote access

Spyware

• Purpose is to capture information

• Email, usernames, passwords, credit card info, etc.

• Can transmit this information

Rootkit

• Help intruders gain access to systems

• Avoid detection

• Subversion & evasion

• May avoid anti-virus or anti-spyware scan

Bots or Zombies• A computer infected with

malware, controlled remotely without the knowledge of the user

• Combined into networks called botnets

• Rented or sold to criminal interests

Bots or Zombies

• Can be used to propagate malware or for cyber attacks

• Botnets may consist of thousands of machines worldwide

• Used to send about 80% of all spam and to attack commercial websites and other systems

Bot Network

Intermission When we return…

how do we protect our computers and our data?

Part 2 – The Protection

We’ve covered the threats, but how do we protect ourselves?

UseBest Practices

Data

Router w/ hardware firewall

ZoneAlarmsoftware firewall

Spybot w/ tea timer

Super Anti Spyware

Anti virus software

Backup

Data

Best Practices

• Physical computer security

• Legal agreements - read the fine print

• Use good passwords

• Keep passwords safe

• Use a flash drive capable of “read-only”

• Update your operating system (OS)

• Update your applications

Best Practices

• Use a hardware firewall

• Use a software firewall

• Use and update security products ie: anti-spyware, anti-virus, etc.

• Clean the system regularly

• Backup system regularly (after cleaning)

• Suggest using FireFox w/ security plugins

Physical Computer Security

• Limit physical access to computers

• especially laptops

Physical Computer Security

• All users should be required to log in, even at home

• A PC with no log-in password is like a car with the keys in the ignition.

Legal Agreements• A software license

agreement is a legal contract between a producer and a purchaser of computer software.

• Called End User Licensing Agreements (EULA) or Terms of Use (TOU)

• Privacy Agreements

Read the Fine Print

• Agreeing to these electronic documents means you are signing a legal contract.

• Read them before agreeing

• Suggest you keep a copy (paper or digital)

Use Good Passwords

• Great Internet security means nothing if the bad guys can guess your passwords

Keep Passwords Safe

• Need a “system” of choosing and using good passwords or…

• Password management software

• Examples: Roboform, KeePass, others

KeePass

RoboForm

Password Management Software

• Password generator

• Master password

• Encrypted database of passwords

• Desktop, portable, Web-based

USB Malware• Flash drives

banned by US Army in 2008 due to malware and security concerns.

• An estimated 10% of malware was written to move on a flash drive.

USB Flash Drive w/ Read-Only• May be difficult to

find• Have a physical

switch that prevents writing (and spreading malware) to the flash drive

• useful on unknown / unfamiliar computers

Upgrade vs Update

• An upgrade – from v2.5 to v2.6 for example is simply a major update

• “Upgrading is taking your vitamins; fixing a hack is open-heart surgery.” Matt Mullenweg, founding developer of WordPress

Update Your Operating System

• Install all security patches

• Go to Windows Update website

Update Your

Operating System

• Set auto updates to download but not install unless you approve

Update/ Upgrade Your Applications

• Hackers are finding waysto embed malware in everyday programs

• In July 2009 it happened to Adobe PDF files. Adobe issued a patch.

• Unless you install the patch, you’re vulnerable when viewing PDFs

Update Your Applications

• Average computer holds 80+ programs

• How to keep them all updated?

• If offered, turn the auto-update on

• Update often-used programs manually

• Helper programs for the rest - Secunia

• Free, checks your programs, notifies you when updates are needed

Update Your Applications

Data

Router w/ hardware firewall

ZoneAlarmsoftware firewall

Spybot w/ tea timer

Super Anti Spyware

Anti virus softwareUse

Best Practices

Backup

Data

Hardware Router w/Firewall

• First line of defense

• Available in wired or wireless versions

• Wired is more secure

• Protects against incoming attacks

• $100 - $150

Software Firewall

• Protects against intrusion – scanning or attacks

• Protects against outbound communication by malware

Outbound Communication

Software Firewall

• Use the pre-installed Windows firewall only if you have no other options.

• Turn it off before installing a better product.

• If you have the XP operating system you MUST obtain a software firewall DO NOT use XP’s firewall.

• Install firewall first, then install other security software – antivirus, antispy

• Do not install multiple software firewalls

• ZoneAlarm Pro is adequate - $40

• Does require system resources

Software Firewall

Data

Wireless Router w/ hardware firewall

ZoneAlarmsoftware firewall

Spybot w/ tea timer

Super Anti Spyware

Anti virus softwareUse

Best Practices

Backup

Data

Spybot Search & Destroy

• Eliminates adware, spyware, Trojans, keyloggers, dialers

- Free- Real-time protection

Spybot Search & Destroy

• Malware often changes the registry

• Spybot warns of potential registry changes with “Tea-timer”

• Legitimate software installations also change the registry and may cause false alarms

Spybot Search and Destroy

• Will “immunize” the system

• Like a “Do Not Call” list of websites for your browser

Super AntiSpyware

• Removes spyware, Adware Trojans, Dialers, Worms, HiJackers, KeyLoggers, Parasites, Rootkits

- Free- Real-time protection- Can be scheduled

MalwareBytes

• Free version

• Full version (one time fee of $24.95) includes real-time protection.

Antivirus Software

• Many software options

• Many are free, or free trial

• UF faculty has access to McAfee for free

Data

Wireless Router w/ hardware firewall

ZoneAlarmsoftware firewall

Spybot w/ tea timer

Super Anti Spyware

Anti virus softwareUse

Best Practices

Backup

Data

How to Use These Tools Effectively

• Pick one day of the week (Sunday AM?)

• Use the tools in this order: Spybot, SuperAntispyware, Antivirus

• Start one tool, go read the paper

• When one tool has finished, start the next, go read the paper

• When all tools are done, do a complete backup and label it w/ date & “clean”

Backup Your Data• Why backup?

• Data loss or corruption

• Human error, fire, flood, malware

• Backing up is cheaper, easier than re-creating the data

Backup Your Data

• Many ways to backup

• Data only, whole system, online, local

• Compressed, uncompressed,automated

Data-Only Backup

• Dozens of software choices for every budget & free

• Backs up selected files• Typically uses

proprietary compression

• SyncToy – Free MS program – no compression

Back2Zipfree software

Whole-System Backup

• Takes an “image” of the whole system not each file individually

• Several choices including Acronis, Norton Ghost, others

• Backup in 15-20 min, restore - 30 min to 1 hr

Online Backup Service

• Advantages

• Inexpensive

• Some operate in the background

• Disadvantages

• Monthly fee

• Depends on Internet access

Local External Backup• Advantages• Low one-time cost• Multi-purpose• Easily accessible• Disadvantage• Risks similar to

original data• Note – keep unit

unplugged unless in useExternal Hard Drive

FireFox with Security Plugins

• A plugin is an additional component or feature that can be added to a larger program

• NoScript – to stop web scripts from running

• Better Privacy – to control Flash cookies

Virtual PC Products

• These programs create a “virtual PC” within your real PC.

• When programs run in the virtual PC, they can’t make changes to the real PC

• Requires some technical knowledge• Requires extra processing power• Extremely safe – if the Virtual PC gets

infected, simply delete it and create a new one.

Virtual PC Software

• Microsoft Windows Virtual PC

• VMware

• Connectix Virtual PC

• Sun VirtualBox

• Creates a small “virtual space” inside your computer called a “sandbox.”

• Can run a program or browser inside the sandbox.

• Smaller learningcurve than aVirtual PC

• Less processing power neededthan a Virtual PC

Sandboxie

You

CommercialRepair

Local PC Users Groups

Friends & family

CompUSA

Geek Squad

Local repair shop

Etc.

When you need help…

When You Need Help

• You are a key component

• Become knowledgeable about basic computer problems – what’s serious, what’s not

• Understand who your resources are, who can deal with which problems

• Ask around about commercial repair options – who’s recommended?

• 50+ organized groups around the state. Dues avg $25-$35/yr

• FACUG – Fla Assn of Computer User Groups is the umbrella organization - list is at http://www.facug.org/

• Members help members w/ problems

• Attend meetings occasionally – build relationships

PC Users Groups

Disclaimers• Information presented here is based on

currently available information.• This information changes frequently. No

guarantee of accuracy is possible.• Hardware, software, companies and techniques

discussed are options, not recommendations.• You alone are responsible for software and /or

hardware choices and use of any techniques. • Please read all legal agreements, instructions,

user agreements and privacy terms associated with any hardware, software or websites.

Thanks to…

• Bill Black – IT Support Ninja

• Brent Broaddus – Local IT Jedi

• DarryD – Obi-Wan & IT Master