Information Security Awareness Basic Training for the Campus Community What is Information Security What are we protecting? Our personal data Students personal data
Download ReportTranscript Information Security Awareness Basic Training for the Campus Community What is Information Security What are we protecting? Our personal data Students personal data
Information Security Awareness
Basic Training for the Campus Community
What is Information Security
What are we protecting?
Our personal data Students personal data Critical systems-email, network, file storage What are we protecting them from?
Information exposure DOS-Denial of Service Malicious Editing How do these things happen?
Direct attacks Hacker gets remote control access to a computer DOS attack, such as a virus “worm” Network/email slowed or stopped Lack of physical security computer stolen or paperwork viewed
Virus/Security Stats at UWM
Virus/Security Impact at UWM Worst yet? Blaster virus, August 2003 Support Hours (non-I&MT) Employee Downtime (non-I&MT) 175 hours 149 hours
Information Security Awareness
Virus/Security Impact at UWM UWM Help Desk Virus/Security Help Request Hours
2002 2003 2004 2005 2006 485 hours 683 hours 1037 hours 421.4 hours 366.86 hours
Information Security Awareness
UWM Computer Use Policy
Harassing other users, stealing passwords and corrupting files will not be tolerated. Only UWM students, faculty and staff members are authorized to use I&MT computers. You may not permit anyone else to use your computer account. Everyone is expected to do their share of avoiding waste of limited resources. Do not attempt to break into any computers or use any other person's computer account without their permission. In general, common sense reigns.
http://security.uwm.edu
Information Security Awareness
Where do I get computer help?
Decentralized campus IT environment Ask your supervisor what their dept. policy is General information and questions?
UWM Help Desk 229-4040 Email: [email protected]
Virus or security questions?
Help desk http://security.uwm.edu
Information Security Awareness
Where do I get computer help?
When to contact Campus Police
•Feel your or others’ personal safety is at risk •Believe a law has been violated •Believe your identity or other theft has occurred •When in doubt, call campus PD x 9911
Information Security Awareness
Illegal File Sharing https://www3.uwm.edu/imt/security/alerts/news_details.cfm?item_id=1561 -What is the DMCA law?
-What is the compliance process at UWM?
-Recent Events: -Future:
Information Security Awareness
Prevention and Awareness to avoid threats • Virus Protection • System Hardening-stop hackers!
• Spyware Prevention/Awareness • Social Engineering and other threats • Email Safety Tips • Safer Surfing • Passwords • Fraud/Identity Theft • Handling Confidential Data • Physical Information Security
Information Security Awareness
Virus Protection
•
What is a computer Virus?
Generally speaking……
A virus is a computer program, usually disguised as something else, (mail, game, joke) that is designed to automatically spread itself to other computer users. Clogs networks by spreading itself Creates great expense in cleanup and downtime
Information Security Awareness
Virus Protection
•
Most common Computer Virus delivery at UWM:
–
An email with an attachment that appears to have been intentionally sent by someone you regularly communicate with
Information Security Awareness How do computers get “infected”?
Opening Email Attachments How does it work?
1.
2.
Open a bad attachment Actually a disguised program that does 2 things: a. creates an email server on your computer b. uses your address book to email itself to everyone you know, thus it looks like its from you!
Your friend opens it too and the cycle continues…..
Information Security Awareness
•
What can I do to prevent this?
Use care when opening attachments You should never open an attachment
unless
“YES” to all three of the following conditions: you can answer I know exactly what this file is I have scanned this file with my virus scan AND I have ensured that my virus scan was recently updated I have verified the identity of the sender and their intentions via email or phone call.
Information Security Awareness
•
Anti-Virus Software
Campus License of Mcafee Virus scan Can use at home Available in ccls, download Preconfigured for Auto-updates Full scans No yearly subscription fees Daily monitoring for virus trends
Information Security Awareness
•
Where do I get virus protection?
Campus Computer Labs-Resource CD Links at http://security.uwm.edu
Information Security Awareness
•
Do I already have virus protection?
Departmental computers: If you don’t see the McAfee shield (below) on your computer in the bottom right hand corner contact help person for information on what you should be using on your office computer
Virus Hoaxes
Often you will see e-mails warning of some new virus that is making the rounds and erasing people’s hard drives, or doing some other terrible damage. Odds are it’s a hoax. Forwarding these warnings to “everyone you know” only propagates misinformation, and causes unnecessary panic.
Information Security Awareness
•
How do I know if I have a virus on my computer?
Strange behavior or you get a Mcafee pop-up Unusual performance problems Suspect you clicked on ‘something bad’ •
Where can I go for help if I think I have a virus on my computer?
Your area’s computer help staff Campus help desk 229-4040 or security.uwm.edu website [email protected]
Information Security Awareness
•
If McAfee finds a virus on my computer, now what?
It may clean it automatically It may not be able to clean it because it is a program that is running Restart in “safe mode” (hit f8 during pre-windows boot up) Run scan again or manually clean it up Check for documentation about the virus it identifies http://vil.mcafee.com
http://securityresponse.symantec.com
Information Security Awareness
•
Practical McAfee Skills
Right Click on the “McAfee Shield in the System Tray Note the “Update Now” option Choose “VirusScan Console” Know how to start a full scan Know how to view logs Vil.mcafee.com
Know how to scan a single file Know how to do simple research on a virus Virus detection vs virus infection
Spyware
Information Security Awareness
Spyware is software that is installed on a computer to covertly gather information through your internet connection.
-used by Advertisers and Market Researchers
Information Security Awareness
Spyware
Spyware lurks on as many as 80% of computers nationwide, according to the National Cyber Security Alliance, a trade group.
.
LA Times article http://www.latimes.com/business/la-fi-fedup14jan14,0,111456.story?coll=la-home-headlines
Information Security Awareness
Spyware vs. Viruses
Viruses: Mostly designed to propagate itself and damage network and computer performance .
Spyware: Designed to gain information from your computer by running unnoticed or providing some other service.
Information Security Awareness
I have an anti-virus program. Will this stop spyware?
Some spyware is detected by anti virus products such as McAffee and Norton, but for the most part this is not the case.
Spyware has the potential to share personal information with third parties without your knowledge or consent
.
Information Security Awareness
•Spyware type attack gains financial information:
( http://www.eweek.com/article2/0,1759,1619842,00.asp
) An attack in June of 2004 which had the ability to monitor web traffic for the purposes of gaining account numbers and passwords for victims online banking accounts.
Information Security Awareness
Spyware
two kinds:
voluntary vs involuntary
Voluntary: Programs installed intentionally to server a purpose that also report personal information to a third party browser toolbars browser help windows free screensavers internet speed optimizers Anti-spyware programs
.
Information Security Awareness
Spyware
Voluntary Examples: Weatherbug Webshots Marketscore How to avoid this?
1. Google new things before installing 2. Read your EULA
Information Security Awareness
Marketscore (voluntary) Promises to increase your internet speed. Passes ALL of your internet traffic through their servers
Information Security Awareness
Marketscore (voluntary) Evil Eula Accept Marketscore-provided software upgrades or changes to your system settings Make reasonable efforts to configure all of the computers having Internet access that are used at home by anyone in your Household to use the Marketscore Network and, where allowed by company policy, on all such computers having Internet access that are used at work by anyone in your Household Provide complete and accurate information about yourself and your Household as requested during registration for the Marketscore Network Allow Marketscore to combine the information that you provide with information such as credit or prescription information from third parties
Information Security Awareness
Spyware
Involuntary: Programs you accidentally pickup on the internet that hook into your browser symptoms include: Changed homepage sluggish performance new toolbars lots more pop ups How to avoid this?
1. Stop using Internet Explorer 2. Use a reputable anti-spyware program
Information Security Awareness
NUMEROUS ANTI-SPYWARE PRODUCTS ARE ACTUALLY SPYWARE!!
http://www.security2k.net/ How to tell the difference?
http://www.spywarewarrior.com
•
Suggested Anti-Spyware Products
•Spybot •Ad-Aware •Giant Anti Spyware (Now Microsoft product) •Pest Patrol •Webroot Spy Sweeper
Information Security Awareness
•
Spybot
•
http://www.safer-networking.org/en/index.html
-real-time monitoring -free product •
Trend Micro Anti Spyware
• http://www.trendmicro.com/spyware-scan/
Spybot- Main Screen
Spybot- Immunization
Spybot- Immunization
Spybot- Update Screen
Spybot- Update Screen
.
Information Security Awareness
Spyware
Prevention in detail: 1. Use Anti- Spyware software 2. keep PC updated 3. Use Firefox for day to day browsing 4. read your EULA’s 5. “Google” software that you are considering installing (app. Name + term ‘spyware’) 6. Avoid software that is advertised via pop-ups or SPAM.
Information Security Awareness Stopping Hackers
–All these steps help, but there are additional steps Windows PC users should take •1. Secure all accounts on your PC and limit the number of accounts •2. Ensure your PC is up to date and enable Auto Updates •3. Use a software firewall •4. At home, deploy a router between you and the internet
Information Security Awareness A note about Botnets:
–a collection of compromised machines running programs, usually referred to as worms , Trojan horses , or backdoors –under a common command and control infrastructure. A botnet's originator (aka "bot herder") can control the group remotely –Used to attack other networks or simply to use their resources for sending spam or other bad things.
–A bot typically runs hidden
Information Security Awareness Stopping Hackers
•1 . Secure all accounts on your PC and limit the number of accounts •Computer accounts should be –Password protected –Limited to fewest possible number (this is different on different versions) –Go to start/settings/control panel –Choose Users and groups –Choose “Users” Rename the “administrator” account Disable “guest” unless using Windows file sharing
Information Security Awareness Stopping Hackers
•2. Ensure your PC is up to date and enable Auto Updates –Go to start, and Windows Update –Alternately, open Internet Explorer and go to http://windowsupdate.microsoft.com
-Windows XP Service Pack 2 AutoUpdate feature May not be available on I&MT or other campus machines right click on “My Computer”, choose “properties” and choose the “Automatic Updates” tab
Microsoft Updates
Microsoft is continuously patching security flaws in its operating systems and other software. Without being up-to-date with security fixes, you leave your computer open to not only viruses, but also to hackers.
To ensure that you have the latest updates: 1.
Connect to the Internet 2.
3.
Click on START Go to Windows Update 4.
5.
6.
Allow the updater to be installed Click on Scan for Updates Select the updates you wish to download (Ensure that you get any
Critical
7.
8.
Updates
or
Security Updates
) Click on
Review and Install Updates
Click on
Install Now
Service Pack Critical Update Security Update
Microsoft Updates
Select YES to this security warning to allow the Windows updating program to be installed.
Information Security Awareness
Stopping Hackers
•3. Use a Firewall
Firewall:
A computer “Firewall” helps filter traffic and limits the kinds of communications your computer/network can have with the world
Information Security Awareness
Stopping Hackers
Software Firewall Norton Personal Firewall $50 Zone Alarm free/$40
Information Security Awareness
Stopping Hackers
Use a Router helps “hide” your computer and may have firewall-type features.
Suggested if you are using Broadband at home Includes: Roadrunner, DSL D-Link DI-604 $30 Linksys BEFSR41 $40
Information Security Awareness
Email Safety Tips
Be careful with email attachments! - They can be an open door to your computer!
Avoid links to jokes, free downloads, etc. (Do you REALLY know where that link goes?) Be aware of virus hoaxes (jdbgmgr.exe) Do not submit personal data over email Ssn Address Phone
Information Security Awareness
•
Email Safety Tips
Forged email addresses. i.e. From: [email protected]
This is simply text-can be forged for purposes of gaining personal information.
Do you REALLY know who you are sending that email to?
Information Security Awareness
•
Email Safety Tips
Your bank will not ask for personal information via unsolicited email Neither we nor Microsoft will email you a patch to install via email attachment Do you REALLY know who you are sending that email to?
Information Security Awareness
•
Internet Browser Safety Tips
Use an alternative browser Mozilla Firefox ( http://www.mozilla.org/) Look for the Lock Icon/HTTPS when sending personal information over the internet (Panthermail Example)
Information Security Awareness
Passwords
Use strong passwords and change them regularly!
•
What are Strong Passwords?
Minimum 8 characters Capitalized/lower case Some non-letter characters like%,# and * The “trick” to making passwords
Information Security Awareness
Passwords
•
Epanther ID password characteristics
Do not use your name or variations of your name.
Do not use your address or other sequences of characters that someone may guess about you. Use exactly 8 characters. Include upper case as well as lower case letters, digits and non-alphanumeric characters. Please do not use the backslash character.
Information Security Awareness
Fraud/Identity Theft
Identity Theft is the use of someone else’s good name and credit to obtain things you will never pay for.
Fraud/Identity Theft
Identity Fraud vs Identity Theft Identity Theft: When someone gathers personal information about you and assumes your identity as your own Identity Fraud: Consists mainly of someone making unauthorized charges to your credit cart
Information Security Awareness According to the BBB (2006) - 90% takes place off the internet via lost or stolen wallets, checkbooks or credit cards -47% of ID theft is perpetrated by someone we know -majority of victims between age of 35-44 -Averages $9,435 per incident
Information Security Awareness What are some methods of stealing identities?
Stealing records from employer Abusing access to credit reports (landlords, employers) Email Scams (Phishing) http://www.uwm.edu/~sab2/Classes/Infosec/sample.htm
Simply stealing your mail Computer Hacking/Theft Skimming Dumpster diving Credit Card information theft Lost/Stolen Wallets Bogus change of address requests Pretext Calling
Information Security Awareness What do thieves do with this information?
Open credit card and bank accounts in your name/credit Change the billing address for current accounts Take out auto loans File for bankruptcy in your name Identify themselves as you when being arrested Obtain ID’s/ driver licenses in your name Open cell phone or utility bills, then not pay
Information Security Awareness What does it take to steal someone's identity?
Name Social Security Number D.O.B.
Mothers maiden name Address Phone number
Information Security Awareness
Fraud/Identity Theft
•
How Can I Tell if I'm a Victim of Identity Theft?
•Monitor the balances of your financial accounts. Look for unexplained charges or withdrawals. Other indications of identity theft can be: •failing to receive bills or other mail signaling an address change by the identity thief; •receiving credit cards for which you did not apply; •denial of credit for no apparent reason; or •receiving calls from debt collectors or companies about merchandise or services you didn't buy.
-
(UWM Police Department)
Information Security Awareness
•
credit reports offer best detection Online
Fair and Accurate Credit Transactions Act of 2004.
www.annualcreditreport.com
gets you all 3 reporting agencies (actually have to type the address in!) Stick with that site. There are many reporting companies, some with strings or costs attached
By Phone
877-322-8228
By Mail
Fill out the form (linked below) and mail it to: Annual Credit Report Request Service, PO Box 105281, Atlanta, GA 30348-5281. www.ftc.gov/bcp/conline/edcams/credit/docs/fact_act_request_form.pdf
.
Information Security Awareness
Fraud/Identity Theft
•
How can I prevent it?
Shred everything with you information on it that you don’t need Place passwords on bank and credit cards Store card information separately Don’t write pin #’s anywhere Don’t provide personal info unless you initiated the contact More email cautions: Secure personal information in your home
Information Security Awareness
•
What can I do if I think it’s already happened to me?
–
Contact the fraud departments
the clearinghouse mentioned earlier to place a fraud alert on your credit file.
of any one of the three credit bureaus or –
Close the accounts
that you know or believe have been tampered with or opened fraudulently. –
File a police report
. Get a copy of the report to submit to your creditors and others that may require proof of the crime. –
File a complaint with the FTC using the ID Theft Affadvit
agencies for investigations. . The FTC maintains a database of identity theft cases used by law enforcement
Information Security Awareness Handling Confidential Data at UWM
Preventing ID theft for others Know where confidential data is Data Inventory Checklist https://www3.uwm.edu/imt/security/alerts/news_details.cfm
?item_id=1301 Cornell “Spider” program http://www.cit.cornell.edu/computer/security/tools/ Don’t store SSN’s, addresses and DOB’s unnecessarily If you have to have this data, encrypt it http://www.kryptel.com/
Information Security Awareness Handling Confidential Data at UWM
Preventing ID theft for others Don’t store credit card data!
Be aware of pertinent legislation HIPAA http://hipaa.uwm.edu
FERPA http://www3.uwm.edu/des/web/records/ WA 138 https://www3.uwm.edu/IMT/security/policies/Disclosur eProtocol.pdf
Information Security Awareness
•
What can I do to physically secure my information?
Lock your workstation Lock down your laptop or take it with you Don’t leave stuff laying around Lock up when possible Surplus equipment properly Shred documents
Information Security Awareness
•
Surplus Equipment
Disposal
EHS/RM Disposal Program
http://www.uwm.edu/Dept/EHSRM/HAZEXCEPTIONS/escrap.html
Cascading Equipment (giving to other staff)
Use Dban or similar BIT LEVEL hard drive data destruction tool.
Information Security Awareness
•
Basic Home Computer Security Steps
–
Run Virus Scan and keep up to date
–
Run Anti-Spyware program and keep up to date
–
Password protect your PC and use strong passwords
–
Keep your Operating System and other software up to date
–
Limit physical access to your computer
–
Install a firewall
–
Install a router
–
Use an alternative browser
–
Backup your files on a regular basis Behaviour Checklist: ( I don’t need to hack you if it’s easer to fool you!)
–
Be cautious with email attachments
–
Research new programs you are thinking of installing
–
Know where to go for help
–
Available at http://security.uwm.edu
Information Security Awareness Resource List
–
Virus Protection
•
http://security.uwm.edu
–
Hacker Thwarting
•
http://www.cert.org/tech_tips/before_you_plug_in.html#III
•
http://www.microsoft.com/security/default.mspx
–
Spyware
•
http://spywarewarrior.com/
•
http://www.safer-networking.org/en/index.html
•
http://www.mozilla.org/
•
http://www.pcmag.com/category2/0,1738,1639157,00.asp
–
Email Safety
•
https://www3.uwm.edu/IMT/security/practices/index.cfm
•
Identity Theft
•
http://ftc.gov/bcp/edu/microsites/idtheft/
–
Physical Security
• http://www.uwm.edu/Dept/EHSRM/HAZEXCEPTIONS/escrap.html
• http://dban.sourceforge.net/ • http://www.uwm.edu/Dept/police/
-UWM Acceptable Use Policy
https://www3.uwm.edu/IMT/campus/policies/computing_policy.cfm