steps and tips to protect yourself and your private information while online. cyber hygiene

30
Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene. Shahdag, 29 November 2014 Assoc.Prof. Abzetdin ADAMOV Chair of Computer Engineering Department IEEE Computer Society Azerbaijan Chapter [email protected] www.ce.qu.edu.az/~aadamov

Upload: abzetdin-adamov

Post on 08-Jul-2015

206 views

Category:

Presentations & Public Speaking


0 download

DESCRIPTION

Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene.

TRANSCRIPT

Page 1: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Steps and Tips to Protect Yourself and your Private Information while

Online. Cyber Hygiene.

Shahdag, 29 November 2014

Assoc.Prof. Abzetdin ADAMOV

Chair of Computer Engineering Department

IEEE Computer Society Azerbaijan Chapter

[email protected]

www.ce.qu.edu.az/~aadamov

Page 2: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Content

• Malicious Code Types

• The Impact of Cybercrime

• Cybercrime as a Service (CaaS)

• Top Ten Threads for 2014

• New Urgency to Improve Networks Security

• Protect Yourself and your Private Information

• How Your Privacy can be Compromised?

• Maintaining Your Privacy

• Kids' Online Safety

• ATM Oriented Scams and Protection

Page 3: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Just Imagine!!!

• 10 years ago Skype, Facebook, YouTube, Twitter, Dropbox, and Instagram didn't exist.

• 20 years ago there were only 130 websites total, Google wasn't even around yet, and you had to pay for an email account through an ISP.

• 30 years ago there was no Internet.

What has Internet Brought to Us?

Page 4: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Malicious Code Types

• Viruses - This type of malicious code requires you to actually do something before it infects your computer.

• Worms - Worms propagate without you r doing anything. They typically start by exploiting a software vulnerability

• Trojan Horses - A Trojan horse program is software that claims to do one thing while, in fact, doing something different behind the scenes.

• Spyware - Spyware sends information about what you're doing on the Internet to a third-party

Page 5: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Malicious Code Types

Spyware Trojan Horses

Page 6: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Cyber Warfare

Page 7: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Cost of Cybercrime in five countries

range of $1.4 - $46 million

Page 8: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Types of cyber attacks

Page 9: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Everything as a Service

• Infrastructure as a Service (IaaS)

• Platform as a Service (PaaS)

• Software as a Service (SaaS)

• Network as a Service (NaaS)

• Cybercrime as a Service (CaaS)

Page 10: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Why they doing this?

• DDoS attacks cost just $10 per hour;

• For Spamming $10 to spam a million e-mail addresses;

• Malware against antivirus software $30 per month;

• A Trojan can costs from $8 to thousands;

• SMS fraud services about $150 to spam 10,000 people;

• Hacking email account (Gmail, Yandex, …) from $45

Paid services offered by hackers:

Page 11: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Cyber Security Aspects

• Information Security;

• Network Security;

• System Security;

• Application Security;

• Operating System Security;

• Database Security;

• Language Security.

Page 12: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Top Ten Threads for 2014

1. Injection 2. Broken Authentication and Session Management 3. Cross-Site Scripting (XSS) 4. Insecure Direct Object References 5. Security Misconfiguration 6. Sensitive Data Exposure 7. Missing Function Level Access Control 8. Cross-Site Request Forgery (CSRF) 9. Using Components with Known Vulnerabilities 10. Unvalidated Redirects and Forwards

According to OWASP (Open Web Application Security Project)

Page 13: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Total Security

Page 14: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

New Urgency to Improve Networks Security

• In place effective security on all networks

• Authorized users with excellent cyber hygiene techniques

• CIO’s, Network Administrators, Operations Center Directors, other IT Professionals with latest knowledge, skills

• Goal: future generation users with innate cyber security skills: – Safe in a connected environment as second nature

– Ready access to latest information and updates

– Cyber security format that becomes the default use case

• Public-Private partnership in information sharing, response actions with privacy respected

• Leaders and Managers across all enterprises with cyber vulnerability awareness knowledge

Page 15: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

USA Experience

• National Cyber Security Awareness Month (NCSAM) - October

• Data Privacy Day (DPD) - Data Privacy Day is held on January 28th every year.

• National Cyber Security Education Council (NCEC)

• Cyber Security For National Security (CS4NS) www.cs4ns.com

• Job fairs for Security-Cleared professionals www.techexpousa.com

Page 16: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

USA Experience

Page 17: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Protect Yourself and your Private Information

Page 18: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

How Your Privacy can be Compromised?

• Not using a secure email or webmail account.

• Using a work email account for personal email

• Website interactions can be monitored

• Via phishing

• Via vishing (short for 'voice phishing')

• Using unsecured WiFi networks

• Using unencrypted links for sensitive communications (VPN)

• Not using secure websites when banking or paying online

• Not using strong passwords

Page 19: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Use Secure Websites for Sensitive Information

None Secure

Secure

Page 20: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

How Your Privacy can be Compromised? (Cont…)

• Staying logged in to a website or email account

• Via spyware and viruses

• Via physical keystroke loggers

• Not storing personal or financial documents securely

• Not shredding unwanted personal or financial documents

• Being taken into people’s confidence too easily

Page 21: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Ways of Getting Your Phone Number and eMail

• You overshare your number

• You accept Terms of Use without reading or understanding them

• Big data has killed privacy

• Technology can dial billions of random numbers

• The credit bureaus give away your information

• Charities take all the fun out of being philanthropic (get deeper access to your wallet just for $5)

Page 22: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Maintaining Your Privacy

1. Use effective and updated antivirus/antispyware software

2. In a public or work, check your computer physically

3. Use secure websites when shopping or banking online

4. Log out of secure websites when you have finished transaction

5. Use strong passwords and change them regularly

6. Avoid using a work email address for personal use

7. Make sure your home/office WiFi network is secured

8. Store personal and financial documents securely

9. Be careful to whom you disclose personal information

10. Where possible, avoid using your real name online

11. Be offline, if not using Internet

Page 23: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Maintaining Your Privacy (Cont…)

12. Be cautious about who is trying to befriend you online

13. Use an anonymous webmail account for website registrations

14. Keep your social network activity private

15. Lie when setting up password security questions

16. Only give out as much personal information as you need to

17. Never install potentially unwanted programs (PUPs) or unknown programs

18. Do not answer chain email even came from friends

19. Make regular backups of critical data

20. Set clear guidelines for children about information sharing

21. Monitor your children’s online activity

Page 24: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Special Recommendations

1. Don’t fill out your social media profile (don't complete)

2. Turn on private browsing (Chrome - New Incognito Window, IE - InPrivate Prowsing)

3. Lock down your hardware (require a password after sleep or boots up)

4. Use passcode on mobile devices (also lock or wipe status)

Page 25: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

What if Your Online Privacy is Compromised?

• Contact your financial institution immediately

• Close any accounts that may have been compromised

• Inform your closest friends and coworkers

• Watch for any unexplainable charges to your account

• Report your situation to local police

Page 26: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Kids' Online Safety

• Talk to your kids about bullying

• Talk Early and Often

• As soon as your child is using a computer, a cell phone

• Types of Virtual Worlds - virtuality under control

• Talk about private information

• Too much gaming is not good

• Teach to use computer purposely

Page 27: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

ATM Oriented Scams

• Attached card reader

• Card blocking and "helpful" person

• WiFi scanners and fake ATM machines

• ATM is out of order - manual Cash deposits

• Stealing an entire ATM - easiest way

Page 28: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Protect Yourself at ATM

• Cover your password with your hand

• Use familiar ATMs and limit your visits

• Check bank balances frequently

• Observe the ATM

• Prefer to use chip-and-PIN cards

Page 29: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

SECURITY IDEA

The Internet is a shared resource

and securing it is Our Shared

Responsibility.

Page 30: Steps and Tips to Protect Yourself and your Private Information while Online. Cyber Hygiene

Thank you…

www.ce.qu.edu.az/~aadamov