Transcript Slide 1

The Importance of Internet
Safety, Security, and Education
DR. JOANNA F. DEFRANCO
SCHOOL OF GRADUATE & PROFESSIONAL STUDIES
ENGINEERING DIVISION
PENN STATE UNIVERSITY
[email protected]
Objectives of this
presentation
 Bring awareness to the issues that affect our
kids, our future workforce, and us:
 Social engineering
 Predators
 Mobile phone Safety
 Viruses
 Privacy
PCEA - Cooperative Education Conference - 2010
Native or Immigrant?
 Native: people who grew up with the
Internet. Approximately people who are 30
and younger
 Immigrant: people over the age of 30 who
did not grow up with the Internet.
Challenge – the Immigrants are raising the
natives………
Term coined by Marc Prensky
PCEA - Cooperative Education Conference - 2010
Some Positive Impacts of the
Internet
 Education
 Communication
 Business
 Socializing
PCEA - Cooperative Education Conference - 2010
Why is it suddenly OK to
talk to strangers?
 We tell our kids not to talk to stranger but yet




our kids are on the Internet doing just that.
Facebook has 500 million users
72 million are ages 0-17
54% of 13-14 year olds have Facebook pages
15-17 year old Internet users spend 19.9 hours
a week online
PCEA - Cooperative Education Conference - 2010
Burglars
Social Networks
18% of all social network users post upcoming
travel plans
*Dear Mr. Myers: In August, I innocently placed a
note on my Facebook page that said our family
would be taking an out-of-town vacation over
Labor Day weekend.
When we returned we found that thieves had
taken thousands of dollars in jewelry and
electronics from our house.
*Bucks County Courier Times, 9/25/10
PCEA - Cooperative Education Conference - 2010
“If you don’t want your information to
show up everywhere – don’t over share”
PCEA - Cooperative Education Conference - 2010
Geotags: A picture is NOT
worth revealing your address!!!
 Photos taken from your smartphone will reveal
your location
 You don’t even have to tell the criminal where
you live – just post your picture on the web in
front of your house. That will give them an exact
latitude and longitude
 Solution – TURN OFF GPS ON YOUR PHONE
when taking photos
“Geotags in web photos reveal information about you”
PCEA - Cooperative Education Conference - 2010
Lawyers
Social Networks
 Facebook is turning into the divorce layers’
secret weapon.
 1600 divorce lawyers from around the country say
Facebook was the primary source of evidence
followed by MySpace and Twitter.
 A printout of disparaging Facebook
comments is powerful in a court.
 Photos that are posted by your “friends”
PCEA - Cooperative Education Conference - 2010
Why do people do this??
 Internet is very social place – but we access it
in seclusion
 Some treat the net as a personal diary and
sometimes a confessional.
 Some (especially kids) think the dangers
“won’t happen to them”.
“The Internet should be treated more like a
shopping mall or library”– WSJ 8/7/2010
PCEA - Cooperative Education Conference - 2010
Do we have a right to
privacy?
There is a large population of people who either forgot or don’t find
privacy important
9th amendment of the constitution:
“The enumeration in the Constitution, of certain rights, shall not
be construed to deny or disparage others retained by the
people.”
1st: Freedom of Religion, Press, Expression
4th: Search and Seizure (need warrant)
5th: …nor shall be compelled in any criminal case to be a witness
against himself, nor be deprived of life, liberty, or property,
without due process of law; nor shall private property be taken
for public use ……
PCEA - Cooperative Education Conference - 2010
http://www.privacyrights.org/print/fs/fs1-surv.htm
*Be Aware *Be Assertive *Be an Advocate
1. Don’t send personal information through chat,
email, instant messages, forums, online profile
2. Wipe your computer’s hard drive before your
donate, sell or trash it
3. Protect your SS#
4. Be careful of what you say on cordless or
mobile phones
5. Read the fine print
PCEA - Cooperative Education Conference - 2010
Jobs - There Facebook page may
be more important than their
resume!!
 You say: “Be careful what you post because a
potential employer may look you up.”
“Whatever, I’ll
just delete it
later…..”
Recovering deleted
information
 File creation
 OS finds free space not yet written to, write data,
saves pointer to that file in a database.
 File deletion
 OS eliminates the pointers to that file’s location
on the hard drive in the database.
 The space that was used for the file becomes
“unallocated”,
PCEA - Cooperative Education Conference - 2010
Social Engineering
 Non-technical intrusion that relies on human
interaction and often involves tricking other
people into breaking normal security
procedures.
 Manipulate people into divulging confidential
information
PCEA - Cooperative Education Conference - 2010
Social Engineering
 by phone
 Online Social Engineering
 Reverse Social Engineering
 USB Drives
PCEA - Cooperative Education Conference - 2010
Phishing example
From "Webmail Helpdesk" <[email protected]>
"Webmail Helpdesk" <[email protected]> ⊕
Attn: User,
This message is from ITS message center to all account owners. We are currently upgrading our email
data base. We are deleting all unused account to create more space for new accounts.
We are currently performing maintenance for our Digital Webmail. We intend upgrading our Digital
Webmail Security Server for better online services.
CONFIRM YOUR ACCOUNT DETAILS
Userid:
Password
Date of Birth:
Warning!!! Any account owner that refuses to update his or her account within Three days of this
update notification will loose his or her account permanently and this procedure is attributed to a
routine webmail software
update.
Thank you for using our webmail!
ITS Support Team
Warning Code :IT67565434
PCEA - Cooperative Education Conference - 2010
EXAMPLE: Reverse Social
Engineering Example: FakeAV
 AKA Fake Antivirus, Rogue Antivirus,
ScareWare
 From 1000 – 500,000 different variants
 Sent directly to the victim as an attachment
or as a link in a spam message.
 Another form has been observed to deliver
FakeAV, such as instant messaging
applications including Google Talk.10
PCEA - Cooperative Education Conference - 2010
Social engineering
 Takes advantage of trust relationships
formed on social networking sites
 Steal personal data that will make them $
 Convince you to click on something that is
basically a virus.
PCEA - Cooperative Education Conference - 2010
Online Predators 3rd priority
of the FBI
1. Counterterrorism (international, domestic,
weapons of mass destruction
2. Counterintelligence (espionage)
3. Cyber Crime




Computer Intrusions
Online predators
Piracy/intellectual property theft
Internet fraud
4. Public Corruption (government fraud, election
crimes, foreign corrupt practices
5. Civil Rights (hate crime, human trafficking…..)
PCEA - Cooperative Education Conference - 2010
PCEA - Cooperative Education Conference - 2010
Is your child the target of
a predator?
 Look for signals
 Large amounts of time online
 Child receives phone calls from people you don’t
know
 Child turns computer monitor off when you come
into the room.
 Child becomes withdrawn from the family
 Receiving gifts through the mail
PCEA - Cooperative Education Conference - 2010
Suggestions from the FBI
 Keep computer in a common room
 Communicate with your kids about the
dangers
 Maintain access to your child’s account and
randomly check his or her email
PCEA - Cooperative Education Conference - 2010
New generation of Mobile
phones
 Use of 3G phones has increased illicit
activities.
PCEA - Cooperative Education Conference - 2010
Teens’ texting behavior*
(surveyed 1017 teens and 1049 parents)
What teen
Admits to
Texting Practices
What
parents
believe
41%
Sent received or forwarded a text that said
something sexual
11%
52%
Read someone else’s texts or had their texts read by
someone without permission
8%
43%
Put someone down or insulted someone in a text
10%
45%
Texted while driving
45%
* Philadelphia Inquirer, 7-22-2010
PCEA - Cooperative Education Conference - 2010
Sexting
 Teens don’t realize the ramifications:
 Send to one person – that person sends to friends
– those friends send to friends – becomes viral.
 Once you send it out – you can’t take it back.
 Affect future careers (it won’t happen to them)
PCEA - Cooperative Education Conference - 2010
What can parents do?
 Check your child’s mobile phone.
 Look at picture sent and received.
 If your teen acts overly possessive of their
phone – don’t back off. Find out what they
are doing!!
 TALK to your teen about the dangers of
sexting and the potential legal consequences.
PCEA - Cooperative Education Conference - 2010
Texting while driving
 Laws are not enough
 People can put the phone in there lap and text
 Once the accident occurs the police will know
 Technology is already in the market
 iZUP
 DriveAssist for Teens
 ZoomSafer
“INSIDE MOBILE: Using Mobile Technology to
Prevent Texting While Driving” March, 2010
PCEA - Cooperative Education Conference - 2010
Skill level of hacker
Viruses/Hackers
Sophistication of viruses
PCEA - Cooperative Education Conference - 2010
Avoiding viruses
 Practice careful Web browsing habits
 Don’t be so quick to click
 Don’t click on pop-up windows
 Be careful of scams
 Especially coming through email – “Phishing”
 Avoid clicking on hyperlinks in e-mail messages
 Be careful when downloading/installing
applications
 Facebook (“FACEBOOK in PRIVACY BREACH” WSJ
10/18/2010)
 Mobile phones
PCEA - Cooperative Education Conference - 2010
Phishing Example
From "C. Y. Ling"<[email protected]> ⊕
Subject Partnership
Date Sun, Oct 17, 2010 10:06 PM
Good day, I am Mr. C.Y. Ling, alternate CEO of the
operations of CITIC Bank International, China. I
have a proposal for you in the tune of One
Hundred & Five Million EUR, after successful
transfer, we shall share in the ratio of forty for
you and sixty for me. Please reply for specifics.
Yours, Mr. C.Y. Ling.
PCEA - Cooperative Education Conference - 2010
From "Disc Super Store"<[email protected]> ⊕
Subject iPhone Order Confirmation
Date Thu, Oct 14, 2010 11:41 PM
Hello,
Your credit card has been successfully charged. Please click
on the link below and open it to view a copy of your receipt:
View The Receipt
Thank you for buying the new iPhone 4, we shall send you a
shipping confirmation e-mail immediately your order has
shipped out.
Sales Team,
Disc Super Online Store
PCEA - Cooperative Education Conference - 2010
On-line Banking
 80% US households have come to do their




banking over the Internet
Surprisingly many customers believe online
banking is every bit as safe as branch banking
2009 – 4,295 malicious software apps
2010 – 65,098 malicious software apps
2009 - 85% of big banks incurred losses
stemming from cyber-attacks
PCEA - Cooperative Education Conference - 2010
PCEA - Cooperative Education Conference - 2010
Botnets
 Definition: multiple computers infected with
remote-controlled software that allows a
single hacker to run automated programs on
the botnet behind the users’ back.
 “robot networks”
 Malware that makes your computer a robot
 Perpetuates phishing scams
*”Cyber-Threat Proliferation Today’s Truly Pervasive
Global Epidemic” , Tom Kellermann, Security
PCEA - Cooperative Education Conference - 2010
On-Line Banking
“Banks seek HELP to stop online thieves”
HOW?
“they urge CUSTOMERS to be vigilant as
threats rise”
*USA TODAY – Friday July 30, 2010
PCEA - Cooperative Education Conference - 2010
“Hackers Steal millions from
British Bank Accounts” 9/29/2010
 Police arrested 19 people over the fraud
 Virus infected computers stealing passwords
and other sensitive details from the
CUSTOMERS.
 Then they siphon money from the accounts.
 Customers need to
 Update their security systems/set firewalls
 Look for unusual or different log on experience
PCEA - Cooperative Education Conference - 2010
What is a firewall?
 A combination hardware and software
intended to prevent unauthorized access to a
company’s internal computer resources of
hardware and software
How does this happen?
 They look for security holes in a web browser
 Online banking systems are at least one full generation
behind the current techniques employed by cyber crooks.
 News Flash: They don’t target big banks – they go
after mid sized companies, and YOU!
1.
2.
3.
Zeus virus carried in an email
Software installed
Captures passwords, account numbers and other data
used to log into online bank accounts
** STOLE $70 million ->
What to do:
“ABA (American Bankers Association) is now
asking customers to “partner” with banks to
keep cyber-robbers in check”
1. Monitor your own accounts for unauthorized
transactions – on a continuous (daily) basis.
2. Check your contact information often
3. Protect your password information.
4. Don’t open emails from people you don’t
know – if you open it – don’t click on any
attachments or web links.
PCEA - Cooperative Education Conference - 2010
“Cybercrooks use Web apps to
infiltrate smartphones”USA Today 8/3/2010
 Smartphone shipments topped 54 million in
the first 3 months this year (57% jump in one
year)
 Hackers took notice
 Virus for Droid will harvest phone numbers
and data that can be used to disclose your
location.
 There were 80 infected Droid web apps
discovered last week
PCEA - Cooperative Education Conference - 2010
Smartphone
 Smartphone apps harvest, spread personal
information
PCEA - Cooperative Education Conference - 2010
“Take A Ways”
 Technology is great taken with a big dose of caution.
 The best way to protect your children is to teach them to
protect themselves.
 Lets teach our young adults the reasons why we need to be
paranoid while using technology.






Job applications
Privacy
Identity Theft
Banking
Thieves
http://www.Ic3.gov
PCEA - Cooperative Education Conference - 2010
Questions?
PCEA - Cooperative Education Conference - 2010
References
1. Plagiarism – Canelli, R., “Internet makes
cheating easier”, Bucks County Courier Times
2.
3.
4.
5.
August 22, 2010
Sexting – Steinberg, S., “Sexting surges
nationwide, and it’s not just teens doing it”,
Philadelphia Inquirer, July 22, 2010
Facebook – Schroeder, Laurie Mason,
“Facebook turning into divorce lawyers’ secret
weapon”, Courier Times, August 15, 2010.
http://www.netsmartz.org/safety/risks.htm
Lawyers.com “Sexting: Pornography or High
Tech Flirting?”
PCEA - Cooperative Education Conference - 2010
References continued
6.http://federalcriminaldefenseinvestigator.blo
gspot.com/2010/08/geotags-in-web-photosreveal-secrets.html (retrieved 10/12/2010)
7. “Popularity of social networking sites leading
to more home burglaries” Bucks County
Courier Times 9/25/2010
8. “The Great Privacy Debate” , The wall street
journal August 7th 2010
PCEA - Cooperative Education Conference - 2010