Transcript Operating System Images

Computer Security
Chris Hughes
Chairman NTC
TAX-AIDE
TAX-AIDE
NLT Meeting Aug 2014
1
Computer Security
● Physical security

Stolen computers
● Electronic security

Theft via software

Theft via networks
TAX-AIDE
NLT Meeting Aug 2014
2
2014 Security Incidents
● This year in the AARP Foundation Tax-Aide
program there were:
 35 taxpayer forms lost
 Eight (8) confirmed laptops reported
stolen/lost
 There was data and a disclosed password
on one of the stolen computers
● Many state laws do not require
notification when computers and/or
devices are encrypted
TAX-AIDE
NLT Meeting Aug 2014
3
Consequences of Data Loss
● Affected taxpayers individually contacted
and given free credit monitoring for a
year at program’s expense
TaxWise Online - no data stored on computers
TAX-AIDE
NLT Meeting Aug 2014
4
Security – What You Can Do
● ALL computers used for Tax-Aide
must be password protected.

Passwords must not be shared outside the
program.

Written password reminders must be
kept away from the computers.
TAX-AIDE
2014 SMT/TCS Training - Dallas
5
Data Security Password
● Password guidelines:
● Minimum length – eight (8) characters for
Windows, and TaxWise™ accounts.
● At least one letter and one number in the
password.
● Choose a password that is not a dictionary
word or someone’s name.
● Do not use TaxWise, TW, Tax-Aide, AARP or any
word in the password similar to something that
is obviously related to the program.
TAX-AIDE
2014 SMT/TCS Training - Dallas
6
The Rising Malware Threat
TAX-AIDE
NLT Meeting Aug 2014
7
http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime.pdf
TAX-AIDE
NLT Meeting Aug 2014
8
What is Malware?
● Trojan, Virus, Worm, Backdoor,
Botnets
● RansomWare
● Personal and account information
theft

Bank account withdrawal, credit
card usage, loan falsification
● Ad clicking for Dollars
TAX-AIDE
NLT Meeting Aug 2014
9
Methods of infection
● Email attachments
● Email web links
● Infected web sites
● Flash drives
● Adding an infected system to a
network (Windows XP)
● Java installed – rapidly becoming
one of biggest risks (this is different
than javascript).
TAX-AIDE
NLT Meeting Aug 2014
10
Nightmare Scenario
● A key logger
● Captures every account login
● Sends every keystroke made on
the computer to a criminal
enterprise Server.
● Every tax return done on the
computer will result in identity
theft on those SSNs
TAX-AIDE
NLT Meeting Aug 2014
11
Effects of Identity Theft
● For victims of identity theft,
consequences can last for years; causing
financial problems, credit issues, benefit
losses, and legal problems.
● Cost to the AARP Foundation Tax-Aide
program reputation and the good work
that you all do.
● Cost of credit protection.
TAX-AIDE
NLT Meeting Aug 2014
12
Infected System Recognition
● Anti-virus software increasingly ineffective

Polymorphic and “kit” virus production
● Where one virus exists there will be many due to
backdoor access
● Look for

Excessive ads, multiple IE toolbars, unusual home
pages, slow system performance, problems running
anti-virus scans
● Silent key loggers are the most dangerous and most
undetectable

If Tax-Aide becomes “targeted”, we will be infected and
there is nothing we can do except re-image
IF IN DOUBT RE-IMAGE
TAX-AIDE
NLT Meeting Aug 2014
13
Windows XP
● The tech industry is assuming
that every single existing
Windows XP system will become
infected with malware over the
next few months.

Infected websites

Flash drives

Email
TAX-AIDE
NLT Meeting Aug 2014
14
What Can You Do
● Make sure all computers are running
the Windows 7 or 8; this includes
personal and site computers.
● Windows Vista not supported by CCH
● If a personal or site computer cannot
be upgraded

They must not be used for Tax-Aide purposes.

They cannot be on the same network segment as Taxaide
computers.
If necessary contact the National Office.

TAX-AIDE
NLT Meeting Aug 2014
15
What Can Be Done?
● Do all Windows, Adobe updates immediately
● Use anti-malware software like MSE and
MalwareBytes
● If installed, remove Java
● Stick to mainstream, branded websites on Tax-
Aide systems
● Re-Image systems regularly
● Run as a “standard” user – see later
Too much effort for many – we have infected systems
in the program right now!!
TAX-AIDE
NLT Meeting Aug 2014
16
Site Visits
● All site visits by RCs and SCs should
include the question
● “Are any Windows XP systems being
used?”

If yes take whatever action necessary
to remove them
● “Are any systems behaving oddly?”

Request technical help to check out
the system.
TAX-AIDE
NLT Meeting Aug 2014
17
What else can be done?
● A policy change

Windows user account passwords
must be changed yearly
● 90% plus of malware will be
stopped by using a “standard”
Windows account!! – this includes
silent key logger installation!!
TAX-AIDE
NLT Meeting Aug 2014
18
Windows Users
● Administrative User (e.g. Volunteer)
 Our everyday default, allows easy
program and update installation
● Standard User
 Allows all usage of TaxWise and other
software
 Does NOT allow any software
installation or updating to be done.
 An Administrator user password must
be entered to allow installation and
updates
TAX-AIDE
NLT Meeting Aug 2014
19
NTC Recommendation
● Use a standard User Volunteer
Account for all everyday purposes
● Only a best practice
recommendation, not mandatory
● Will be in this fall’s Sharenet
documents update.
TAX-AIDE
NLT Meeting Aug 2014
20
Why Recommendation
● The changes are simple if the user is
comfortable using Windows Control Panel

Many of our volunteers are not capable of
this!!
● The change causes the inconvenience of
having to type in a password to do the
required Windows updates

Many volunteers will find this unacceptable
● This change ONLY prevents new infections!
 Re-imaging is the only way to remove
existing anti-virus proof infections!
TAX-AIDE
NLT Meeting Aug 2014
21
Discussion & Questions???
TAX-AIDE
NLT Meeting Aug 2014
22