Transcript Nextgov - Federal technology news, best practices, and web 2.0 tools

Internet Security & Safety
Overview
•What makes up the internet?
•Protecting and securing your password
•Protecting your identity
•What is social networking?
•Benefits and risks associated with social networking
Internet (1 of 2)
•Origin of the internet dates back to?
•1960’s
•Network
•A system containing any combination of computers,
computer terminals, printers, audio or visual display
devices, or telephones interconnected by
telecommunication equipment or cables: used to transmit
or receive information.
•Internet
•A network of networks that can be used to disperse
information throughout the world
Internet (2 of 2)
• Approximately ¼ of Earth’s population uses the internet
• Popular uses include:
– E-mail
– Advertising
– Social Networking
– Search Engines
• Accessing the Internet:
– Computers
– Phones
– Game Consoles
Password Protection
• Why use a
password?
– Protect personal
information
– Prove identity
– Restrict access
• When would you use
a password?
– Accessing programs
– Checking e-mail
– Logging into websites
Los Alamos Weak Computer Security
• Los Alamos has been under fire for weak
computer security
– Did not always manage passwords securely
on the classified computer network
• As a result of this weakness, increased risk exists
that insiders with malicious intent could guess the
passwords of other individuals and use them to
gain inappropriate access to classified information.
– Users were granted access to more computer
files than needed to perform their duties
How to choose a password
• 8.3 rule
– Include letters
– Include numbers
– Include non-alphanumeric characters
• Use lower case and upper case letters
• Different passwords for different sites
• No such thing as a perfect password
Protecting your identity: Examples
• FBI: Online Banking Attacks Reach $100 Million Mark
– Victims receive a phishing e-mail with an infected attachment or
malicious link
– If the recipient falls for the trick, they end up downloading a key
logger that swipes their business or corporate bank account
credentials.
• Stealth Keylogger Used to Invade Victim Bank Accounts
– The electronic thefts occurred by infecting the victims’ computers
with a key logging program embedded in emails and malicious
web sites.
– key logging software was stealthy and remained inactive until a
victim used their computer to contact their bank online. It would
record login and password information and send to the computer
crime gang.
Protecting your Identity (1 of 2)
• Https vs. Http websites
– Https: Secure
– Http: Unsecure
• What information can be stolen?
– SSN, Address, password, DOB, Credit and
Banking information
– Any information on the internet can be stolen
Protecting your Identity (2 of 2)
• How is information stolen?
– Malware
– Keyloggers
• How to protect your information?
– Up to date antivirus, firewall, and spyware
– Be careful who you give personal information to
– Put as little information as possible on the internet
Social Networking (1 of 2)
• Defined:
– Constructing a public or semi-public profile
– Connecting with others based on shared
interests, activities, etc…
– Viewing your list of connections and those
made by others within the system
Social Networking (2 of 2)
• Sites:
– Facebook
– MySpace
– Twitter
Phony Facebook Email
• Facebook Users Targeted By Banking Trojan
– Facebook users receive an e-mail informing them that Facebook
is updating its log-in system to make things more secure.
– The e-mail then urges them to click on what appears to be an
update button embedded in the message
– Once users click on the link, they are directed to a bogus
Facebook log-in page, then asks for their password to allegedly
complete the update.
– Then, after "logging in," victims are taken to a page offering them
an "update tool," which is, in actuality, the Trojan updatetool.exe.
Once victims' click on the tool, their computers become infected
with the Zeus Trojan, known for targeting banking accounts and
designed to swipe personal and financial information.
Risks
• Increased visibility
• Cyberstalking
• Identity theft
• Spy ware, malware, viruses
Benefits
• Easy to make friends
• Connect with others
around the world
• Learn about new
cultures
• Develop technical
skills
Cyberstalkers: Real Example
• How Cyberstalkers Obtain Your Personal
Information-Part 2
– Cyberstalker sent harassing emails
– Put up fake ads in her name saying she
wanted sex
– Questioned her legitimacy at her workplace,
and endless other torments.
– He turned out to be an ex that she had broken
up with 14 years earlier.
Social Networking Safety
• What information is
acceptable?
– Name?
– Address?
– Phone number?
• How can someone
else use information?
• What steps can you
take to ensure
privacy?
How Pedophiles Think
• The Internet: A Breeding Ground for Online
Pedophiles
– Chicken hawk: which refers to an online pedophile
who uses chat lines and member profiles to locate
potential victims, sometimes posing as another youth
to establish a bond
– They listen to and empathize with the problems of
children.
– They will be aware of the latest music, hobbies, and
interests of children
– Try to gain children’s trust
– Many of these offenders ultimately seek to sexually
exploit the children they encounter online.
Common Social Networking Rules
• Never give away personal information
• Be careful what photos are posted
• Make sure you only accept people to be
friends that you know well
• Never plan a face-to-face meeting
• Restrict information on profile page so only
friends can see it
References
•
•
•
•
•
•
"Los Alamos National Lab again under fire for weak computer security - Nextgov." Nextgov Federal technology news, best practices, and web 2.0 tools. Web. 10 Nov. 2009.
<http://www.nextgov.com/nextgov/>.
“Stealth Keylogger Used to Invade Victim Bank Accounts | Shafer Consulting” Small Business
Computer Consultants. Web. 17 Nov. 2009. <http://www.shaferconsulting.com/news.>.
“FBI: Online Banking Attacks Reach $100 Million” Web. 14 Nov. 2009.
<http://www.eweek.com/c/a/Security/FBI-Online-Banking-Attacks-Reach-100-Million-Mark785125/>.
"Facebook Users Targeted By Banking Trojan - Security - IT Channel News by CRN." Channel
News, Technology News and Reviews for VARs and Technology Integrators--ChannelWeb. Web.
12 Nov. 2009. <http://www.crn.com/security/>.
"How Cyberstalkers Obtain Your Personal Information - Part 2." Women's Issues - All About
Women's Issues. Web. 12 Nov. 2009.
<http://womensissues.about.com/od/violenceagainstwomen>.
“The Internet: A Breeding Ground for Online Pedophiles.” Crime Scene Investigator Network.
Web. 16 Nov. 2009. <http://www.crime-scene-investigator.net/>.