cyber defense and security seminar - the official … · · 2013-12-19cyber defense and security...

Cyber Security Division, IMO, DND 0

Prepared by: Cyber Security Division

Information Management Office Department of National Defense

Cyber Defense and Security Seminar

Cyber Security Division, IMO, DND

Overview of Cyber Defense and Security

Dir. Nebuchadnezzar S. Alejandrino I Chief, Information Management Office

Head, Cyber Security Division, DND


“In GOD we trust. All others, we virus scan.”


Information security applied to computers and networks. It involves protecting the

Information and systems we rely on every day.

What is Cyber Defense and Security ?


The internet is a dangerous place We are an attractive target We need to protect our data and

reputation The world is faster and more connected

than ever before The increasing sophistication of threats. New attack methods are launched Cyber spies are everywhere and Cyber

espionage are real

Why Cyber Defense is Important?


…because this is D.N.D.

Why Cyber Defense is Important?


AWARENESS IN CYBER SECURITY


The CIA Triangle

Three Coe Confidentiality Integrity Availability

You can never accomplish one of these objectives fully without sacrificing the other two to some extent. Example: If you want the data to be extremely available then you will have to reduce the confidentiality because you will have to implement fewer and easier to bypass security measures. On the other hand you might have to sacrifice some of the integrity of the data by allowing more users to edit the data.


The SFE Triad

Three Coe Security Functionality Ease of Use

An increase or decrease in any one of the factors will have an impact on the presence of the other two. Example: By increasing the amount of functionality in an application will decrease security (increase the area that a malicious user can attack).

Functionality

Security

Ease of Use


WHAT IS OUR “SHARED RESPONSIBILITY?”

C Y B E R S E C U R I T Y


Importance of Physical Security in relation to

Cyber Security


Physical Security protects personnel and property from damage or harm. It is a design to deny unauthorized access to facilities, equipment and resources.

Importance of Physical Security


Property protection Door Lightening

Structural hardening Construction

Protective Barriers Physical access control Authorized users Locks Access Control

Physical Security


Intrusion detection Guards, CCTV

Physical security procedures Escort visitors, logs

Contingency plans Generators, off site storage

Physical Security


Critical Infrastructures: Telecommunication Water supply Agriculture Hospitals Railway network, Airports, Harbors Banks Electricity Oil products Military, Police Department of National Defense

Critical Infrastructures


Cyber War vs. Cyber Warfare


Cyber war is a form of war which takes places on computers and the Internet, through electronic means. Use of technological means to launch a variety of attacks (for

propaganda, espionage, and vandalism) DOS attacks can be used to shut down websites, silencing the

enemy and potentially disrupting their government and industry by creating a distraction.

16

Cyber War vs. Cyber Warfare

Cyber warfare refers to politically motivated hacking to conduct sabotage and espionage.


BYOD SECURITY


BYOD SECURITY

It is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they

connect to.


WHY BYOD SECURITY IS IMPORTANT?

Mobile phones are here to stay WiFi is Everywhere Data Protection is needed Identity Theft Availability of your mobile phone


BYOD or Mobile devices must be treated as full

fledged computers.


Enable Passcode Protection It is the first line of defense for

any iOS device. By turning this feature on, your

iPhone will require you to type in a four-digit passcode whenever you wake the handset up from sleep.

21

Security Checklist for Android, iOS and Windows Smartphone Devices


Enable SIM PIN Protection By turning this feature on, your

iPhone will require you to type in a four-digit passcode whenever you turn on the phone to unlock the SIM. This will prevent someone from making calls with your SIM in your iPhone, or removing your SIM and using it in another phone.

22



Enable Auto-Lock This feature will automatically

sleep your iPhone after it's been idle for a certain amount of time, requiring one to unlock the phone upon powering it back up.

23



Turn-off Geo-tagging in Photos Apple also makes it easy to avoid unintentional disclosures of data. To turn off geo-tagging in photos Settings > Privacy > Location Services > Camera > Off.

24



VECTORS OF ATTACK


Thumb drive (USB Drive) is the number one leading cause of corporate penetration

26

Vectors of Attack


ATM SKIMMING

28

Vectors of Attack

Attackers are installing a device made to blend with the ATM card slot. This device acts like a photocopying machine, automatically “memorizing” the ATM card’s magnetic strip.


Vectors of Attack SPY Microchips - China is planting spying microchips in

Electric Iron and kettles that can scan Wi-Fi devices to serve – November 01, 2013

http://thehackernews.com/2013/11/russia-finds-spying-microchips-planted_1.html


Now your TV is watching you too!

30

Vectors of Attack

Actually, LG conducts the data collection for its Smart Ad function, which advertisers can use to see when it is best to target their products at the most suitable audience.

http://thehackernews.com/2013/11/your-tv-now-watching-you-too-lg-smart.html


Vectors of Attack CRYPTO LOCKER

RANSOM WARE VIRUS

- It encrypts your files

while you are surfing the internet and threatens to erase them unless you pay a ransom via bit coin.

- New variant is called “Locker Malware”.


EVOLUTION OF WARFARE


The first Caveman use his Fist to fight Then he used Stone Then Stick Then Bow and Arrow Then Metals Then Powder Then Micro Organisms Then Chemical

Today, He is using “Digital Codes”

Evolution of Warfare


STANDARD PROCEDURES IN CYBER DEFENSE AND

SECURITY


Promptly report potential computer security incidents.

INCIDENT REPORTING


BEST PRACTICES


A “best practice” is a technique or methodology that, through

experience and research, has been proven to reliably lead to a desired

result.


NEVER SHARE PASSWORDS OR PASSPHRASES Pick strong passwords and passphrases Keep passwords private Change them often Don’t share or reuse passwords

38

Best Practices

Never share your passwords or passphrases, even with friends, family, or computer support personnel.


Character category Examples Uppercase letters A, B, C

Lowercase letters a, b, c

Numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9

Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces

` ~ ! @ # $ % ^ & * ( ) _ - + = { } [ ] \ | : ; " ' < > , . ? /

39

Best Practices USE STRONG PASSWORDS • Is at least eight (16) characters long. • Must not be a dictionary word. • Is significantly different from previous passwords. • Contains characters from each of the following four categories:

Example of a Strong Password: 1. [email protected]* 2. p@(c|U<[]VG_&'.x


WORST PASSWORDS

40

Best Practices

1 password 2 123456 3 12345678 4 abc123 5 qwerty 6 monkey 7 letmein 8 dragon 9 111111 10 baseball 11 iloveyou 12 trustno1

13 1234567 14 sunshine 15 master 16 123123 17 welcome 18 shadow 19 ashley 20 football 21 jesus 22 michael 23 ninja 24 mustang 25 password1


TIME TO CRACK PASSWORD BY LENGTH

41

Best Practices

Password Length

Combinations Cracked by Ordinary

Computer

Cracked by Super

Computer

2 9,216 Instant Instant 3 884,736 88½ Secs Instant 4 85 Million 2¼ Hours Instant 5 8 Billion 9½ Days 8 Secs 6 782 Billion 2½ Years 13 Mins 7 75 Trillion 238 Years 20 Hours 8 7.2 Quadrillion 22,875 Years 83½ Days


FREQUENTLY BACK UP IMPORTANT FILES Back up your data frequently. This protects your data in the event of an operating system crash, hardware failure, or virus attack.

42

Best Practices

We recommend saving your files in multiple places using different forms of media (e.g., Cloud Storage [Google Drive or Microsoft SkyDrive], DND File Server, or USB flash drive).


DO NOT CLICK RANDOM LINKS Do not click any link that you can't verify. To

avoid viruses spread via email or instant messaging (IM)

43

Best Practices

Think before you click; if you receive a message out of the blue, with nothing more than a link and/or general text, do not click it. If you doubt its validity, ask for more information from the sender.


BEWARE OF EMAIL OR ATTACHMENTS FROM UNKNOWN PEOPLE, OR WITH A STRANGE SUBJECT LINE

Never open an attachment you weren't

expecting, and if you do not know the sender of an attachment, delete the message without reading it To open an attachment, first save it to your

computer and then scan it with your antivirus software

44

Best Practices


DO NOT DOWNLOAD UNFAMILIAR SOFTWARE OFF THE INTERNET

Do not download : KaZaA, Bonzi, Gator, HotBar,

WhenUSave, CommentCursor, WebHancer, LimeWire, Torrent and other Gnutella programs. Most of these software contains spyware, which will damage your operating system

45

Best Practices

Do not violate copyright laws. Downloading or distributing whole copies of copyrighted material is against the law.


DO NOT PROPAGATE VIRUS HOAXES OR CHAIN MAIL: Never send uninvited email to large numbers of

strangers (such messages are considered spam). Junk email wastes both system resources and the time of those who receive it.

46

Best Practices

Chain mail is a form of junk mail. Forging a message so that it appears to come from another user is a “Spoofing attack”.


LOG OUT OF OR LOCK YOUR COMPUTER WHEN STEPPING AWAY, EVEN FOR A MOMENT

Forgetting to log out poses a security risk with

any computer that is accessible to other people, because it leaves your account open to abuse

47

Best Practices

Someone could sit down at that computer and continue working from your account, doing damage to your files, retrieving personal information, or using your account to perform malicious actions


SHUT DOWN COMPUTERS AFTER YOU ARE FINISHED WITH THEM

Shutting down a computer prevents others from

hacking it remotely, among other risks

48

Best Practices


DO NOT USE TORRENT FILE SHARING

Popular BitTorrent clients pose a security risk to users. BitTorrent clients are vulnerable to a remote denial-of-

service attack aside from: Virus, Trojan, Worm, Keylogger program attachments,

and IP signature tattlers.

49

Best Practices

Torrent is used to download ILLEGAL software.


INTERNET COMMUNICATION RISKS


A type of attack that uses email to send a carefully crafted email with a malicious link to trick users into disclosing private information.

51

PHISHING


Voice Phishing (Vishing) is a type of Phishing which involves voice.

52

VISHING

If you receive an e-mail telling you to verify your bank account immediately by calling a number, watch out. You may be dialing a scammer.


Similar to phishing scams. You get a message from a bank or service provider asking you to disclose your private information.

53

SMiShing


Running malicious code on your machine due to system or application vulnerabilities or improper user actions

Carrying infected machines (laptops)

MALICIOUS CODES


Social Engineering - being fooled into giving someone access when the person has no business having the information.

SOCIAL ENGINEERING


SUMMARY


Being skeptical - A user should not believe everything that may be presented.

57

Summary


Be careful – Lock your smartphone when

it is not in use Do not leave your device

unattended Do not trust applications Do not store sensitive data Encrypt sensitive data that

can not be separated from the device.

58

Summary


“In IMO we trust. All others, we virus scan.”


Questions?

cyber defense and security seminar - the official … · · 2013-12-19cyber defense and security...

Documents