Working from home technology
implementing a plan to protect your digital life
l recognising threats to online safety
l taking steps to reduce the risk of online threats
l concepts including malware, viruses and Trojans
l network security, cryptography and identity theft
Companies work on the principle of Protection, detection, and response
malware examples are
Ransomware
Botnet software
Spyware
Cybercrime Is Big
why online payment secure by cryptocurrcy
darknet
the dark net youtube video
- surface web
- deep web
- dark web
You can check to see if your own email has been part of a data breach by visiting https://haveibeenpwned.com/
password
brute force attack time
10 minutes all lowercase
8 char upper lower and symbol
use many passwords
Rotate every 90 days
be read by only the right people (confidentiality)
only be changed by authorised people or processes (integrity)
be available to read and use whenever we want (availability).
Online banking – for example, to check the balance in your account or make a payment. confidentiality only the account user can see this information/data about money. Only the account holder can change processes as they are authorised and they can do this at all times
Online shopping – think particularly about buying something from a new store that you don’t recognise and haven’t shopped from before. Is there integrity can they be trusted with confidentiality data for payments of good and services.
Social networking – think about whether you would add someone as a ‘friend’ if you hadn’t met them in person. Integrity is keep. Are posts, other actions etc by the authorised person only.
Working from home - consider the need to transfer documents that contain confidential information between members of your team. confidentiality to work team only. Changes can only be made by the team authorised this is integrity, Data and information must be availability to the team at all times.
Having confidence an email message has been received from whom the sender claims to be.
authentication
Prevents an email sender from claiming that a message was not from them.
non-repudiation
Prevents a retail customer from claiming they didn’t place an order.
non-repudiation
Verification of the identity of a user.
authentication
Threats come from
insider attacker
Cybercriminals are those carrying out cyber attacks for personal financial gain.
Spies may be both commercial or governmental,
and hacktivists carry out attacks as a form of protest against organisations or governments.
Cybercriminals are those carrying out cyber attacks for personal financial gain.
Spies may be both commercial or governmental,
and hacktivists carry out attacks as a form of protest against organisations or governments.
6 char minutes and hours to days
7 char hours and days to years
8 char days to many years to crack
use African words for password as the language has been suppressed by the rest of the world.
LastPass of Dashlane Enable 2FA
cyber security
vulnerability management (risk based) can be automated
Penetration testing (5 days or more focused) ethical hacking Methodical standards measurable, --> network, os software skills, law and regulations
reports technical to non technical (offence and red teams, purple) threat intell
Steal data, distribution
wiki is a good place to start
pREVENTIVE
pROACTIVE
vulnerability – a point at which there is potential for a security breach
threat – some danger that can exploit a vulnerability
countermeasure – action you take to protect your information against threats and vulnerabilities.
Staying informed
keep ourselves up to date with the latest cyber security news
https://www.ncsc.gov.uk/cyberaware/home
https://www.wired.com/category/threatlevel/
https://www.computerweekly.com/resources/IT-security
https://www.infosecurity-magazine.com/
https://searchsecurity.techtarget.com/
https://nakedsecurity.sophos.com/
https://www.ncsc.gov.uk/section/keep-up-to-date/ncsc-blog
https://grahamcluley.com/
Set up feeds from media sources or signup to news letters or subscribe to a blog via email or updates via Twitter
@GCHQ, @NCSC, and @NSAGov
trends and overload screening https://feedly.com/i/welcome
https://www.shodan.io/ search engine for Internet-connected devices collecting information about the operating systems they use, their configurations and even in some cases default user names and passwords for accessing them. (also default passwords)
Programable logic controllers research use e.g Smart TVs and internet connected home security cameras vulnerabilities
-out of date operating systems or software applications
- devices that do not use any cryptography to protect their communications
email biggest place for attacks phishing email or called social engineering. relates to trust
Darkweb search
store data on oneDrive in the cloud
O or 0
I or l
virustotal.com files and url known threats
restart computer of pending updates and installs
window 10 is at least twice as secure as window 7
buy a new computer
jail break phone lose security
Backup
3 copies 3 places
What is ethical hacker training? Ethical hacker training is about security.
Use approved software.
Standardize across the business
Make people feel safe
Hacking
Penetration testing
Footprinting
Network scanning
Malware
Sniffing
SQL injection
What Is SSL (Secure Sockets Layer) and What Are SSL Certificates?
Find out more
Hacked through your kettle!
Award for most pointless
WiFienabled gadget?
Possible to hack the kettle from outside your house without knowing your wireless password
Once hacked it provides your wireless password in clear text
Hacker can then access your home or work network
Parental Control App For Families
Slim, Sleek, Smart. Order your mobile phone from West Africa Phones but be safe online by understanding internet security.
Qustodio is a revolutionary approach to information. It provides actionable intelligence for parents, enabling parents to make quick decisions and take control.
- Block pornography
- View Social Network Activity
- Monitor time spent on Facebook, Twitter, Instagram, WhatsApp and more
- Balance Screen Time
- Control Games & Apps
- Track Calls & SMS*
Regulations and Compliance
GDPR
– a window of opportunity
General Data Protection Regulation
•
European Commission regulation to strengthen and unify data
protection for
individuals personal data
within the European Union
•
Organizations
will be expected to
report a breach within 72
hours
, and give data owners the right to request and/or erase
personal data they
hold
(avg
today 188 days)
•
Even non–
EU businesses offering services to EU citizens with
personal data must comply
•
Severe breaches of EU data privacy law will be subject to
potential fines of
€20m or up
to 4%
of worldwide
turnover
•
The burden of understanding and implementing
“state of the art
security”,
is on the corporations handling personal data
•
Enforcement begins in May 2018
Attacks are moving down the stack!
Hardware
Applications
Operating System
Virtual Machine
(Optional)
Attacks disable
security products
OS infected
with APTs:
Threats are hidden
from security
products
Traditional attacks:
Focused primarily on
the application layer
Ultimate APTs:
Compromise
platform and
devices below
the OS, using
rootkits as
cloaks
Compromise
virtual
machine
New stealth
attacks:
Embed themselves
below the OS and
Virtual Machine, so
they can evade
current solutions
Protect, Detect, Correct
Shifting emphasis, given large
volume and complexity
of attacks
PROTECT
Prevent attacks, often by reducing exposure or detecting and blocking via
countermeasures
Encryption | Anti
-
Virus | Firewall
DETECT
Iterative process to find compromises, usually with a cycle of hunting, assessing, and
prioritizing
Security Information and Event Management | Sandboxing
CORRECT
Process of remediating an attack, restoring normal operations, reporting impact, and
adapting for the future
Remediation | System Restore | Incident Response
Sophistication of attacks leads to increased emphasis on detect and correct.
Work Securely
-
Intel
Authenticate...
Secure to the Core
Requirements
: 6th
Gen Core/Core
vPro
with Corporate (6MB) firmware,
Intel Authenticate software, & phone companion app (optional)
Intel
vPro
™ platforms include additional security & scalability capabilities
for best Intel Authenticate implementation
Multi
-
Factor
Authentication
Enterprise
Policy Controls
Microsoft* Active Directory &
Group Policy, System Center
Configuration Manager,
Enterprise Mobility Suite,
Intune
McAfee*
ePolicy
Orchestrator
“Hardened”
Identity
chipset
-
based functions “below” the
operating system reduce exposure to
malicious attacks
IntelAuthenticate
to harden youridentity with 6th
Gen Core™ and Core™
vPro
Intel Enterprise Digital Fence
–
How It Works
Enterprise Digital Fence
-
based solution wakes the platform to perform periodic defined “safe zone” checks.
The safe zones are wireless network connections that are pre
-
configured by IT. So when the system is NOT connected to
a network with a certain SSID and security attributes, the PC hibernates to protect its data.
Users can add other networks, such as their home network, as safe zones so they can leave their system in sleep mode
and not in hibernation mode.
An exclusive feature of SSD Professional Family
Smarter Security On The Go
Security Overview
first, cloud
-
first reality
Data breaches
63% of confirmed data breaches
involve weak, default, or stolen
passwords.
63%
90%
Mobility
90% of enterprises will have two or
more mobile operating systems
to support in 2017
Shadow IT
More than 80 percent of employees
admit to using non
-
approved
software as a service (SaaS) applications
in their jobs.
80%
Is it possible to keep up?
Employees
Business partners
Customers
Is it possible to stay secure?
Apps
Devices
Data
Users
Data leaks
Lost device
Compromised identity
Stolen credentials
Is it possible to keep up?
Employees
Business partners
Customers
The Microsoft vision
Secure and protect against new threats
Maximum productivity experience
Comprehensive and integrated
Apps
Devices
Data
Users
User freedom
Secure against new threats
Do more with less
Customers need
Identity
–
driven security
Productivity without
compromise
Comprehensive
solutions
Microsoft solution
ENTERPRISE MOBILITY + SECURITY
1. Protect at the front door
Safeguard your resources at the front door with innovative and
advanced risk
-
based conditional accesses
2. Protect your data against user mistakes
Gain deep visibility into user, device, and data activity on
-
premises and in the cloud.
3. Detect attacks before they cause damage
Uncover suspicious activity and pinpoint threats with deep
visibility and ongoing behavioral analytics.
Three steps to comprehensive security!
Protect at the front door
Conditions
Allow access
Or
Block access
Actions
Enforce MFA
per user/per
app
Location
Device state
User/Application
MFA
Risk
User
Managed
apps
Personal
apps
Personal apps
Managed apps
Corporate
data
Personal
data
Multi
-
identity policy
Personal apps
Managed
apps
Copy
Paste
Save
Save to
personal storage
Paste to
personal
app
Email
attachment
Protect at the front door
SonicWALL
The Threats and the Fix
Alex Michael
Systems Engineer
Underlying foundation of threats:
Basic nature of threats is constant change
•
Individual
computers
•
Modem
•
Security
•
Firewall 101
•
TSRs
•
Viruses
•
Internet
•
Worms
•
Trojans
•
DOS/ DDOS
•
Physical again
(Portable media)
•
Financial gain
•
Espionage
- intel
gathering
•
Nefarious purpose
•
Competitive advantage
•
Homeland security threats
•
Advance Persistent Threat
•
Morphing and complex threats
•
AI (learn) hacking
•
XSS, SQL Injection attacks
•
Delivery via Web 2.0 and social
networking sites
•
Gov’t Healthcare Spam / Phishing
•
Watering
-hole attacks
•
Ransomware
•
System hopping malware
•
Sophisticated Smartphone Attacks
1980
1990
2000
2016
Global infrastructure
Individual computers
Individual networks
Multiple
networks
Regional
networks
Expanding complexity and reach of threats
Denial
-of-
service
Distributed denial
-of-
service
An attempt to make a
computer or network
resource unavailable to
its intended users.
DOS & DDOS
Cyber Warfare
Politically motivated
hacking to conduct
sabotage and espionage.
Threat Landscape
Compliance
Increasing pressure to maintain Industry compliance standards across more parts of the
business including process and technology. Requires skilled and experienced staff to manage
compliance.
Malware
Malicious software that
disrupts computer
operation, gather sensitive
information, or gain
unauthorised access to
computers.
Computer viruses, worms,
trojan horses, spyware,
adware.
Advanced Persistent
Threat
A sophisticated and
organised
cyber attack
to access and steal
information from
compromised
computers.
APT
The pertinent points....
The General Data Protection Regulation (GDPR)
•
New Legislation effective from 2018 that simplifies processes and legal obligations for any country dealing with
an EU state and its citizens
•
It concerns any information relating to an identified person or information that makes a person identifiable
•
GDPR Defines data breach as the loss, destruction, alteration, disclosure and unauthorized access to personal
data, accidental or otherwise
•
Encrypted data loss does not constitute a data breach
•
Continual compliance required
•
Fine for non-
compliance!
•
Damage to reputation
Threats are evolving and adapting to the ever changing environment...
Past, present & future...
•
Ransomware
Hardening it’s vulnerabilities
– adopting SHA 2 certificates
•
Malvertising
Nowhere is safe
– Forbes, BBC and New York Times
•
Internet of Things (IOT)
No product security –
Products ship with malware
•
HTTP to HTTPS
Security becoming a vulnerability
– Un-scanned traffic
Ransomware/
Malvertising
- the day zero threat
•
New strains and variants go undetected
Exploit unknown vulnerabilities
Zero Visibility
•
Current signatures will not work
•
There is always a patient zero
•
Window of vulnerability is short
lived
•
Local day zero protection is needed
“...redirection code planted in the malicious
advertisements uses SSL/TLS (Secure Sockets
Layer/Transport Layer,...”
...”
By Jeremy Kirk, IDG News Service, Jul 27, 2015
Ransomware
Petya
Ransomware
arrives: March 2016
•
Encrypts MFT and replaces MBR
•
Renders OS unusable
JIGSAW / BitcoinBlackmailer.exe arrives : April 2016
•
Adds pressure by deleting files if you don’t pay
•
Punishes reboots with mass file deletion
Killer Locker: October 2016
•
Encrypts
Files and sends ransom note in
portugese
•
48 hour countdown
•
Based on Jigsaw. Earlier
templates being used
Malvertising
Forbes: January 11
th
2016
•
Forces Ad
-blockers off for “30 under 30” article
•
Security researchers compromised by
ransomware
BBC.co.uk: March 16
th
2016
•
Compromised ads lead to thousands infected
New York Times: March 16
th
2016
•
Infected advertisements lead to mass malware infection
Internet of Things (IOT)
Products compromised directly from factory
•
Security Cameras
•
Malicious code in software
Smart devices
•
Light bulbs, web cams
•
No security, easily hacked
Mobile devices
•
Phones & Tablets
•
Android
- Stage Fright
http://map.norsecorp.com/#/
Calculating Password Complexity
Time to crack a password
10 characters long and include a mix of numbers, lowercase letters, uppercase letters and symbols takes a supercomputer or botnet years to crack.
https://thycotic.force.com/support/s/article/Calculating-Password-Compl…
https://www.limevpn.com/brute-force-cracking-can-reveal-password/
- Log in to post comments