safe computing practices. why would anyone want to hack me? 1 krebs, brian - “the scrap value of a...
TRANSCRIPT
Safe Computing Practices
Why would anyone want to hack me?
2Krebs, Brian - “The Scrap Value of a Hacked PC, Revisited”, 12 Oct 2012, http://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/
Why would anyone want to hack me? - Online Card Shops
“... the site is offering a pack of 1,245 cards stolen two months ago from stores in Massachusetts and Connecticut for the bargain price of USD $10,500.”
3
Krebs, Brian, “Peek Inside a Professional Carding Shop”, 14 Jun 2014, http://krebsonsecurity.com/2014/06/peek-inside-a-professional-carding-shop/
Phishing Example 1
4
Phishing Example 1 - Red Flags
5
Phishing Example 2
6
Emails sent from a compromised @middlebury.edu email account!
Phishing Example 3
7
Phishing Example 4 - Malicious Attachment
8
Drive-By Downloads
9-- http://www.microsoft.com/security/sir/glossary/drive-by-download-sites.aspx
Data Classification – What to Collect and How
12
● http://go.middlebury.edu/sensitivedata● http://go.miis.edu/sensitivedata
Resources on Information Security
Policies:• Privacy Policy =Confidentiality of
Datahttp://go.middlebury.edu/privacy
• Network Monitoring Policy = Protection of College Technology Resourceshttp://go.middlebury.edu/netmon
• Technical Incident Response Policy = Response to Information Security Eventshttp://go.middlebury.edu/tirp
• Data Classification Policy = Defines Data Types
http://go.Middlebury.edu/dcp
• Red Flags Policy = Identity Theft ProtectionNot presently in hand book
• PCI Policy = Payment Card Data Handling
http://go.middlebury.edu/pcipolicy
Web Sites:• Middlebury’s Information
Securityhttp://go.middlebury.edu/infosec
• Phishing Information http://go.middlebury.edu/phish http://www.phishing.org/
• Protect Yourself On-linehttp://www.onguardonline.gov/
• Parents Resource for Kids On-line
http://getnetwise.org/
• Best Practices for Home and Workhttp://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf
Discussion and Links
Please share your thoughts!Information Security Resources:
http://go.middlebury.edu/infosechttp://go.miis.edu/infosec
http://go.middlebury,.edu/infosecneo
Report Information Security Events To: [email protected]