cyber defense and security seminar - the official … · · 2013-12-19cyber defense and security...
TRANSCRIPT
Cyber Security Division, IMO, DND 0
Prepared by: Cyber Security Division
Information Management Office Department of National Defense
Cyber Defense and Security Seminar
Cyber Security Division, IMO, DND
Overview of Cyber Defense and Security
Dir. Nebuchadnezzar S. Alejandrino I Chief, Information Management Office
Head, Cyber Security Division, DND
Cyber Security Division, IMO, DND
Information security applied to computers and networks. It involves protecting the
Information and systems we rely on every day.
What is Cyber Defense and Security ?
Cyber Security Division, IMO, DND
The internet is a dangerous place We are an attractive target We need to protect our data and
reputation The world is faster and more connected
than ever before The increasing sophistication of threats. New attack methods are launched Cyber spies are everywhere and Cyber
espionage are real
Why Cyber Defense is Important?
Cyber Security Division, IMO, DND
The CIA Triangle
Three Coe Confidentiality Integrity Availability
You can never accomplish one of these objectives fully without sacrificing the other two to some extent. Example: If you want the data to be extremely available then you will have to reduce the confidentiality because you will have to implement fewer and easier to bypass security measures. On the other hand you might have to sacrifice some of the integrity of the data by allowing more users to edit the data.
Cyber Security Division, IMO, DND
The SFE Triad
Three Coe Security Functionality Ease of Use
An increase or decrease in any one of the factors will have an impact on the presence of the other two. Example: By increasing the amount of functionality in an application will decrease security (increase the area that a malicious user can attack).
Functionality
Security
Ease of Use
Cyber Security Division, IMO, DND
Physical Security protects personnel and property from damage or harm. It is a design to deny unauthorized access to facilities, equipment and resources.
Importance of Physical Security
Cyber Security Division, IMO, DND
Property protection Door Lightening
Structural hardening Construction
Protective Barriers Physical access control Authorized users Locks Access Control
Physical Security
Cyber Security Division, IMO, DND
Intrusion detection Guards, CCTV
Physical security procedures Escort visitors, logs
Contingency plans Generators, off site storage
Physical Security
Cyber Security Division, IMO, DND
Critical Infrastructures: Telecommunication Water supply Agriculture Hospitals Railway network, Airports, Harbors Banks Electricity Oil products Military, Police Department of National Defense
Critical Infrastructures
Cyber Security Division, IMO, DND
Cyber war is a form of war which takes places on computers and the Internet, through electronic means. Use of technological means to launch a variety of attacks (for
propaganda, espionage, and vandalism) DOS attacks can be used to shut down websites, silencing the
enemy and potentially disrupting their government and industry by creating a distraction.
16
Cyber War vs. Cyber Warfare
Cyber warfare refers to politically motivated hacking to conduct sabotage and espionage.
Cyber Security Division, IMO, DND 18
BYOD SECURITY
It is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they
connect to.
Cyber Security Division, IMO, DND 19
WHY BYOD SECURITY IS IMPORTANT?
Mobile phones are here to stay WiFi is Everywhere Data Protection is needed Identity Theft Availability of your mobile phone
Cyber Security Division, IMO, DND 20
BYOD or Mobile devices must be treated as full
fledged computers.
Cyber Security Division, IMO, DND
Enable Passcode Protection It is the first line of defense for
any iOS device. By turning this feature on, your
iPhone will require you to type in a four-digit passcode whenever you wake the handset up from sleep.
21
Security Checklist for Android, iOS and Windows Smartphone Devices
Cyber Security Division, IMO, DND
Enable SIM PIN Protection By turning this feature on, your
iPhone will require you to type in a four-digit passcode whenever you turn on the phone to unlock the SIM. This will prevent someone from making calls with your SIM in your iPhone, or removing your SIM and using it in another phone.
22
Security Checklist for Android, iOS and Windows Smartphone Devices
Cyber Security Division, IMO, DND
Enable Auto-Lock This feature will automatically
sleep your iPhone after it's been idle for a certain amount of time, requiring one to unlock the phone upon powering it back up.
23
Security Checklist for Android, iOS and Windows Smartphone Devices
Cyber Security Division, IMO, DND
Turn-off Geo-tagging in Photos Apple also makes it easy to avoid unintentional disclosures of data. To turn off geo-tagging in photos Settings > Privacy > Location Services > Camera > Off.
24
Security Checklist for Android, iOS and Windows Smartphone Devices
Cyber Security Division, IMO, DND
Thumb drive (USB Drive) is the number one leading cause of corporate penetration
26
Vectors of Attack
Cyber Security Division, IMO, DND
ATM SKIMMING
28
Vectors of Attack
Attackers are installing a device made to blend with the ATM card slot. This device acts like a photocopying machine, automatically “memorizing” the ATM card’s magnetic strip.
Cyber Security Division, IMO, DND 29
Vectors of Attack SPY Microchips - China is planting spying microchips in
Electric Iron and kettles that can scan Wi-Fi devices to serve – November 01, 2013
http://thehackernews.com/2013/11/russia-finds-spying-microchips-planted_1.html
Cyber Security Division, IMO, DND
Now your TV is watching you too!
30
Vectors of Attack
Actually, LG conducts the data collection for its Smart Ad function, which advertisers can use to see when it is best to target their products at the most suitable audience.
http://thehackernews.com/2013/11/your-tv-now-watching-you-too-lg-smart.html
Cyber Security Division, IMO, DND 31
Vectors of Attack CRYPTO LOCKER
RANSOM WARE VIRUS
- It encrypts your files
while you are surfing the internet and threatens to erase them unless you pay a ransom via bit coin.
- New variant is called “Locker Malware”.
Cyber Security Division, IMO, DND
The first Caveman use his Fist to fight Then he used Stone Then Stick Then Bow and Arrow Then Metals Then Powder Then Micro Organisms Then Chemical
Today, He is using “Digital Codes”
Evolution of Warfare
Cyber Security Division, IMO, DND
Promptly report potential computer security incidents.
INCIDENT REPORTING
Cyber Security Division, IMO, DND 37
A “best practice” is a technique or methodology that, through
experience and research, has been proven to reliably lead to a desired
result.
Cyber Security Division, IMO, DND
NEVER SHARE PASSWORDS OR PASSPHRASES Pick strong passwords and passphrases Keep passwords private Change them often Don’t share or reuse passwords
38
Best Practices
Never share your passwords or passphrases, even with friends, family, or computer support personnel.
Cyber Security Division, IMO, DND
Character category Examples Uppercase letters A, B, C
Lowercase letters a, b, c
Numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces
` ~ ! @ # $ % ^ & * ( ) _ - + = { } [ ] \ | : ; " ' < > , . ? /
39
Best Practices USE STRONG PASSWORDS • Is at least eight (16) characters long. • Must not be a dictionary word. • Is significantly different from previous passwords. • Contains characters from each of the following four categories:
Example of a Strong Password: 1. [email protected]* 2. p@(c|U<[]VG_&'.x
Cyber Security Division, IMO, DND
WORST PASSWORDS
40
Best Practices
1 password 2 123456 3 12345678 4 abc123 5 qwerty 6 monkey 7 letmein 8 dragon 9 111111 10 baseball 11 iloveyou 12 trustno1
13 1234567 14 sunshine 15 master 16 123123 17 welcome 18 shadow 19 ashley 20 football 21 jesus 22 michael 23 ninja 24 mustang 25 password1
Cyber Security Division, IMO, DND
TIME TO CRACK PASSWORD BY LENGTH
41
Best Practices
Password Length
Combinations Cracked by Ordinary
Computer
Cracked by Super
Computer
2 9,216 Instant Instant 3 884,736 88½ Secs Instant 4 85 Million 2¼ Hours Instant 5 8 Billion 9½ Days 8 Secs 6 782 Billion 2½ Years 13 Mins 7 75 Trillion 238 Years 20 Hours 8 7.2 Quadrillion 22,875 Years 83½ Days
Cyber Security Division, IMO, DND
FREQUENTLY BACK UP IMPORTANT FILES Back up your data frequently. This protects your data in the event of an operating system crash, hardware failure, or virus attack.
42
Best Practices
We recommend saving your files in multiple places using different forms of media (e.g., Cloud Storage [Google Drive or Microsoft SkyDrive], DND File Server, or USB flash drive).
Cyber Security Division, IMO, DND
DO NOT CLICK RANDOM LINKS Do not click any link that you can't verify. To
avoid viruses spread via email or instant messaging (IM)
43
Best Practices
Think before you click; if you receive a message out of the blue, with nothing more than a link and/or general text, do not click it. If you doubt its validity, ask for more information from the sender.
Cyber Security Division, IMO, DND
BEWARE OF EMAIL OR ATTACHMENTS FROM UNKNOWN PEOPLE, OR WITH A STRANGE SUBJECT LINE
Never open an attachment you weren't
expecting, and if you do not know the sender of an attachment, delete the message without reading it To open an attachment, first save it to your
computer and then scan it with your antivirus software
44
Best Practices
Cyber Security Division, IMO, DND
DO NOT DOWNLOAD UNFAMILIAR SOFTWARE OFF THE INTERNET
Do not download : KaZaA, Bonzi, Gator, HotBar,
WhenUSave, CommentCursor, WebHancer, LimeWire, Torrent and other Gnutella programs. Most of these software contains spyware, which will damage your operating system
45
Best Practices
Do not violate copyright laws. Downloading or distributing whole copies of copyrighted material is against the law.
Cyber Security Division, IMO, DND
DO NOT PROPAGATE VIRUS HOAXES OR CHAIN MAIL: Never send uninvited email to large numbers of
strangers (such messages are considered spam). Junk email wastes both system resources and the time of those who receive it.
46
Best Practices
Chain mail is a form of junk mail. Forging a message so that it appears to come from another user is a “Spoofing attack”.
Cyber Security Division, IMO, DND
LOG OUT OF OR LOCK YOUR COMPUTER WHEN STEPPING AWAY, EVEN FOR A MOMENT
Forgetting to log out poses a security risk with
any computer that is accessible to other people, because it leaves your account open to abuse
47
Best Practices
Someone could sit down at that computer and continue working from your account, doing damage to your files, retrieving personal information, or using your account to perform malicious actions
Cyber Security Division, IMO, DND
SHUT DOWN COMPUTERS AFTER YOU ARE FINISHED WITH THEM
Shutting down a computer prevents others from
hacking it remotely, among other risks
48
Best Practices
Cyber Security Division, IMO, DND
DO NOT USE TORRENT FILE SHARING
Popular BitTorrent clients pose a security risk to users. BitTorrent clients are vulnerable to a remote denial-of-
service attack aside from: Virus, Trojan, Worm, Keylogger program attachments,
and IP signature tattlers.
49
Best Practices
Torrent is used to download ILLEGAL software.
Cyber Security Division, IMO, DND
A type of attack that uses email to send a carefully crafted email with a malicious link to trick users into disclosing private information.
51
PHISHING
Cyber Security Division, IMO, DND
Voice Phishing (Vishing) is a type of Phishing which involves voice.
52
VISHING
If you receive an e-mail telling you to verify your bank account immediately by calling a number, watch out. You may be dialing a scammer.
Cyber Security Division, IMO, DND
Similar to phishing scams. You get a message from a bank or service provider asking you to disclose your private information.
53
SMiShing
Cyber Security Division, IMO, DND
Running malicious code on your machine due to system or application vulnerabilities or improper user actions
Carrying infected machines (laptops)
MALICIOUS CODES
Cyber Security Division, IMO, DND
Social Engineering - being fooled into giving someone access when the person has no business having the information.
SOCIAL ENGINEERING
Cyber Security Division, IMO, DND
Being skeptical - A user should not believe everything that may be presented.
57
Summary
Cyber Security Division, IMO, DND
Be careful – Lock your smartphone when
it is not in use Do not leave your device
unattended Do not trust applications Do not store sensitive data Encrypt sensitive data that
can not be separated from the device.
58
Summary