Upload
challengefuture
View
1.240
Download
3
Tags:
Embed Size (px)
Citation preview
Crime*
OR
Who will be hacked tomorrow and how can we prevent it
Online
Mateusz Marszalek BY
* best viewed in fullscreen
Internet is serious business:
billion internet users 2
800 million
accounts
All of them are potential victims...
2.8 million
emails sent
every second
298 million
smartphones
sold in 2010
more than population of Americas and Africa combined
31 hours/week
spent online
by teenagers 16 billion
songs bought
from iTunes
60% customers
pay online
with credit card
2 million
Google searches
every minute
86% customers
bought something
online in 2008
every 9 seconds
one pair of shoes
is sold on eBay
103 million
PayPal
accounts value of global online transactions in 2010
bigger than GDP* of Sweden
$ 500 billion
*Gross Domestic Product
...of online fraud and identity theft:
YOU can be next...
December 2010 Login
details of 200,000 users
stolen from blog network
Gawker
April 2011 Account
information and credit
card numbers of 70 million
users stolen from Sony’s
PlayStation Network
2009 $560 million lost
because of online fraud in
United States alone
2011 Attempted hacking
attack on multiple users of
Google email account
Scared? Good. Because there is more:
Suddenly, not only internet users are in trouble...
March 2010 Stuxnet
virus targets Iranian
nuclear power plants
November 2011 Data
from Norwegian oil, gas
and defense companies
stolen by hackers
2007-2008 Hackers
interfere with two space
satelites
November 2011 Illinois
water treatment system
damaged by hackers
So, let’s brainstorm some ideas...
...but also whole cities and nations.
And as the internet expands, these
problems become more visible.
A reasonable goal would be to prevent
online crime from increasing in the next
five years – then we can think about
decreasing it.
To succeed, governments, corporations
and individuals need to be actively
involved.
Governments should be involved in cyberspace
As the internet doesn’t have boarders,
multi-national cooperation
is required. And so are
budget adjustments
on defense.
Detailed strategic plans must
be created by governments
and organizations.
Promoting online awareness
among citizens wouldn’t hurt.
The earlier the better.
We could also detect threats
before they become reality.
Monitoring the internet and its
users might prevent some
damage...
...or introduce even more.
Privacy issues are a huge
problem itself. We should
thread carefully.
Just like the UK
and their new
Cyber Security Strategy
Well done!
Corporations should think about their clients
If firms aren’t secure, neither are
their clients. Security measures at
every step are required.
But all of that will cost money. Expect customers to pay for that.
Do you keep data about your
customers? Encrypt it and make
backup.
Control who has access to it.
Always keep your infrastructure
updated. Consider going open
source* – more eyes for detecting
security holes is better.
If you want to catch criminals, think
like them. Or hire one**. Obviously
they are good at what they are
doing. And when the worst happens – be
honest about it. You’ve already lost
your data, don’t lose the trust of
your clients.
like Google
or Facebook
Kevin Mitnick is taken,
and Neo from Matrix
is fictional. But keep
looking.
* **
Be prepared for the worst – have
ready contingency plans at hand.
Individuals should always pay attention.
But human is an animal of habit. Changing habits of one
is difficult. Now, changing habits of 2 billion...
Keep your guards up all the time. If
something is too good to be true, it
probably is. Always ask questions.
Keep your software updated. Install
antivirus and firewall. Don’t open emails
and links from unknown sources.
Use strong passwords. 123abc, your
birthdate or your pet’s name – not
strong passwords. They can be easily
found on your Facebook profile.
Quiz time!
Who’s the weakest link
in security chain?
Answer:
Human
And so can the answers to your security
questions. Think about what you share
with the rest of the internet.
I have good news and bad news (Please don’t shoot the messanger)
So let’s do something. Just like with the environment, start from yourself.
If you’re using the same password
for many accounts OR
If your passwords are weak
I’ll wait.
...
Done? Great! Now tell your family and friends to do the same.
...
Done? Fantastic! Check the next slide for more ideas how you can improve
your safety online. Tell your local politicans and companies you’re dealing with
that you care about internet security.
Step by step, it will get better.
Bad news: none of these
solutions are perfect. There are
no magic bullets.
Good news: but doing
something is better than doing
nothing.
Change them now.
Not tomorrow, not later, not
after this presentation.
Now
Thanks for watching
Credits, where credits are due
All logos and registred trademarks are the property of their
respective owners. Unless stated otherwise, images are from
iStockphoto.
Other icons from slide 1: thenounproject.com
Photos of Smooth Internet Criminal from slides 1&5 were taken by
chanpipat and published by FreeDigitalPhotos.net.
Photo of water faucet (or tap for our British friends) from slide 4
was taken by Travis Forsyth and published on flickr.
Photo of a man who happened to be in the wrong place and at the
wrong time from slide 8 was published by BananaStock.
Slide 2
Facebook: Facebook Inc.
Email: about.com
Google: comscore
Time online: cybersentinel.co.uk
Smartphones: Quirksmode
eBay, PayPal and online sales volume (estimate): eBay Inc. financial
figures for 3Q 2011
iTunes: Engadget
Credit card and online sales: Nielsen; Trends in Online Shopping
2008
Internet users: internetworldstats.com/stats
GDP: World Bank
World population: United Nations
Slide 3
PlayStation Network: Wired
Gawker: PCWorld
US online fraud: Wired
Google mail: Reuters
Slide 4
Stuxnet: CBS News
Norway: BBC News
Satellite: Business Week
Illinois: BBC News
Further reading
FBI tips on protecting from internet fraud: http://www.fbi.gov/scams-
safety/fraud/internet_fraud
Choosing a smart password:
http://www.google.com/support/accounts/bin/answer.py?answer=32040
&hl=en
Tips to prevent online fraud:
http://peoples.rbsnb.com/preventiontips.html
Internet crime prevention tips: http://www.ic3.gov/preventiontips.aspx
Live long and prosper