hiroshima university information security & compliance 2017

Information Security& Compliance2017

Introduction

Aims of the Information Security & Compliance Course:• Revise your knowledge of information security• Enhance your knowledge with the latest

in information securityThis lecture is divided into three sections:

1. Recent threats to information security2. Important routine measures3. Additional good behaviors

2

Improving your knowledge of information security

3

1．Recent threats to information security

• Phishing scams• Virus infections• Unauthorized access

Risks of phishing scams

The damage caused by phishing scams that make unauthorized use of Internet banking and credit card information is increasing.

4

1. Deceptive emails

2. Entering ID, password, credit card, and account details

Phishing site

3. Collecting information

4. Malicious use of obtained information

Genuine site

Check your transaction statements for signs of improper use.

How to identify suspicious emails: Point (1)

5

Email address is suspicious.Strange domain ending in “ru”

Attached file name is suspicious.

This is a real email which we have received.

If an email seems suspicious, it can be helpful to do a web search.

How to identify suspicious emails: Point (2)

6

Email address is suspiciously long

URL is suspicious.“http” instead of “https”

This is a real email which we have received.

Check URL before inadvertently clicking.

Example of clever phishing site

Many recent phishing sites look exactly like genuine sites.Never open links in suspicious emails.

7

It’s difficult to tell if a site is fake!

Countermeasures and Behaviors against phishing scams

8

Check that your devices are not used without your knowledge.

Install antivirus software and keep it updated.

Keep your OS and applications updated.

Manage your IDs and passwords carefully.

Countermeasures Behaviors

Keep informed of the latest threats and attack methods.

Don’t click inadvertently on file attachments or URLs.

Risks of virus infections

The damage caused by ransomware has grown markedly since 2015.What is “ransomware”?

9

An infected PC or files on the PC are encrypted to make them unusable.

à You are asked to pay a “ransom” to regain access to your PC or files.

Files are encrypted, so they cannot be used!

Examples of ransomware

10

Infection screen of“CryptoLocker”

Infection screen of“AndroidOS_Locker”

Online banking information was also stolen!

Nonexistent organization, “National Security Department”

If you are infected by ransomware

• Never pay a ransom.• Disconnect from the network.• Reinitialize the PC, then restore from a

backup.

11

restore

Make regular backups in case this ever happens!

Virus infection routes

12

Phishing emails

Browsing web sites and Clicking on banner ads

USB flash drives

Downloaded programs

Countermeasures and Behaviors against virus infections

13


Do not install suspicious applications.



Make regular backups.



Damage due to unauthorized access

14

Sending spam emails

Hijacking of social media accounts

Data leaksModifying web sites

Unauthorized access is access to computers and systems from a network by someone not intended to have access privileges

Viewing,modifying, and deleting files

Viewing, modifying, and deleting emails

Things that increase the risk of unauthorized access

15

Continuing to use old versions of OS and applications

Using easy-to-guess passwords

Repeatedly using the same passwordConnecting to

suspicious free public Wi-Fi networks

Entering personal information on sites with URLs not beginning with “https”

Leaving old accounts active

Letting someone else use your smartphone

Not checking the usage status of your services

Countermeasures and Behaviors against unauthorized access

16


Use only secure communications channels.






Take care not to lose your PC or smartphone, or have it stolen.

17

2. Important routine measures

• Antivirus software• Updating software• Strong passwords• Regular backups• Knowing the latest threats and attack methods

Antivirus software

New computer viruses are discovered every day.Set your antivirus software to update automatically!

18

It is not possible to protect against unknown viruses…

The virus definition list of your antivirus software needs to be updated.

Updating software

• Set the “automatic updates” option!• Update your OS as well as your applications!

19

Always use the latest version!

Strong passwords

The common password for your Hiroshima University ID and accounts should– Be at least 8 characters long– Include numerals, symbols, and both

upper and lowercase letters– Not be an easy-to-guess character

string

20

It is dangerous to repeatedly use the

same password!

Regular backups

21

Make sure to back up regularly in case your PC malfunctions or gets infected by a virus.※ You can use OneDrive for Business (1TB) free of charge for your data and OS backups.

You can access OneDrive from the list of Office 365 applications.

Knowing the latest threats and attack methods

Make the effort to keep informed about the latest security threats.

22

http://www.ipa.go.jp/security/kokokara/study/international.html

23

3. Additional good behaviors

• Do not attach files to emails• Use multi-factor authentication• Share information with people

you know• Report problems immediately• Other precautions

Do not attach files to emails

24

Virus infections caused by opening a file attachment are increasingly common.When exchanging files, avoid email file attachments as far as possible. Instead, place the file in the cloud and send a link to the file in the email.

To: Taro Hirodai,From: Momiji Saijo

I uploaded the created file to ownCloud. Please check it.Folder name: Work FolderFile name: 20170401ver1.docx

Use the cloud to exchange files

25

<For people without a university account>Check “Share with URL.”Share by sending the URL to the recipient.

<For people with a university account>Share by specifying an account

ownCloud can be used free of charge at Hiroshima University.http://www.media.hiroshima-u.ac.jp/services/fileshare

Files are automatically deleted after one month, so the service is suited only for temporary file exchanges.

Use multi-factor authentication

To enhance security, multi-factor authentication can be used with Office 365 at Hiroshima University.

26

When using a smartphone mobile app,Log in with [email protected] + password + smartphone* Authentication is also possible with an SMS or telephone call.

I got hold of an ID and password! Let me try and log in now!

What’s this…?It’s asking me for authentication to log in…I wonder why. I’ll refuse. What the hell?

I can’t log in…

Something doesn’t seem right. I better change my password.

Share information with people you know

27

Actively exchange information with family and friends.

Helping the people around you understand security will help protect you all from harm.

PC starts sending spam emails.

unauthorized access

Data leaks

virus infections

Symptoms that indicate a security incident

28

PC starts suddenly malfunctioning.

Nothing happens when clicking on an email file attachment.

Virus detection window appears.

It suddenly becomes impossible to open folder or file.

Promptly reporting security incidents

29

This handy card lists emergency contacts and precautions.The cards are distributed free of charge by the Media Center. Carry one with you, together with your student/staff ID!

E-mail: [email protected]　TEL: 082-424-6082，080-1906-2982

When you find an incident,

http://www.hiroshima-u.ac.jp/en

Contact your affiliated faculty / graduate school or CSIRT, immediately!

Information Security Quick Guide

・ My web site seems to be tampered.・ My laptop was stolen.・ Suddenly my file has become inaccessible.・ I lost my USB memory containing personal 　 information.・ I received a complaint saying “I received a junk e-mail from your address”.

Computer Security Incident Response Team (CSIRT)

Knowing emergency contacts at all times is a useful security measure .

Other precautions (1)

30

Use of file sharing software is prohibited at Hiroshima University!

Always encrypt sensitive information when you carry it around.Be careful not to lose or misplace your devices!

Never leave your bag unattended!

Let's encrypt

Other precautions (2)

31

When using social media, take care not to post inappropriate content or leak sensitive information!

Using public Wi-Fi networks puts you at risk of unauthorized access!Avoid using them as far as possible!

Free Wi-Fi

Countermeasures and behaviors

32

Many things have been explained, but fundamentally, you can protect yourself against security breaches by practicing “5 countermeasures” and “5 behaviors”.

5 countermeasures

5 behaviors

5 countermeasures

33




Make regular backups.


5 behaviors

34


Do not install suspicious applications.

Check that your devices are not used without your knowledge.

Use only secure communications channels.

Take care not to lose your PC or smartphone, or have it stolen.

Conclusion

We are at the end of this online workshop.After this, you must take an evaluation test.16 correct answers out of 20 questions is a pass.

If you pass the evaluation test make sure to• 1st year: Check that your account is working.• 2nd and later years: Update your account for the

current year

35

Reference documents and materials

• “Top 10 Threats to Information Security 2017,” IPAhttps://www.ipa.go.jp/security/vuln/10threats2017.htm

• Trendmicrohttp://www.trendmicro.co.jp/jp/security-intelligence/threat-solution/ransomware/http://blog.trendmicro.co.jp/archives/13041

Materials• Human Pictogram2.0

http://pictogram2.com/• FLAT ICON DESIGN

http://flat-icon-design.com/• ICOOON MONO

http://icooon-mono.com/36

37

Issued in April, 2017Information Media Center, Hiroshima University

Attribution 4.0 International

hiroshima university information security & compliance 2017

Education