Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
CYBER SECURITY
IS INDIAN COUNTRY SAFE FROM
CYBERCRIMINALS?
TOPICS
What is Cyber Security
Common Types of Threats
Recognizing Threats
Prevention
Issues Unique to Indian Country
Questions
WHAT IS CYBER
SECURITY?
Protecting our computers, systems and data
the same way you protect your homes,
securing the doors and windows and
preventing intrusion.
Why are we concerned? Monetary loss, data
loss, system and computer damage.
CNET.com 12/5/2019
COMMON TYPES
OF THREATS
Viruses
Worms
Trojan Horses/Logic Bombs
Social Engineering
The .ishings
Ransomware
VIRUSES
A virus attaches itself to a program, file, or disk.
When the program is executed, the virus activates
and replicates itself.
The virus may be benign or malignant but executes
its payload at some point (often upon contact).
Viruses can cause computer crashes and loss of
data.
In order to recover or prevent virus attacks:
Avoid potentially unreliable websites/emails.
System Restore.
Re-install operating system.
Use and maintain anti-virus software.
WORMS
Independent program that
replicates itself and sends
copies from computer to
computer across network
connections.
Upon arrival, the worm may be
activated to replicate.
LOGIC BOMBS /
TROJAN HORSES
Logic Bomb: Malware logic executes upon
certain conditions. The program is often used
for otherwise legitimate reasons.
Examples: “If This Than That”
Software which malfunctions if maintenance fee is not paid.
Employee triggers a database erase when he is fired.
Trojan Horse: Masquerades as a benign
program while quietly destroying data or
damaging your system.
Download a game: It may be fun but contains hidden code that
gathers personal information without your knowledge.
SOCIAL
ENGINEERING
Social engineering manipulates people into performing
actions or divulging confidential information. Like a
confidence trick or simple fraud, the term applies to
the use of deception to gain information, commit
fraud, or access computer systems.
Phone calls, ex. IT Department, Vendor, Government,
etc.
In Person, ex. Personal questions to assist with
security questions.
Email, ex. Requesting bank account info.
THE .ISHINGS
Phishing
Spear Phishing
Smishing and Vishing
Whaling Phishing
PHISHING
Phishing is the fraudulent attempt to obtain sensitive
information such as usernames, passwords and credit
card details by disguising oneself as a trustworthy
entity in an electronic communication.
Usually email based.
Click on a link.
Open an attachment.
PHISHING EXAMPLES
SPEAR PHISHING
Spear phishing is an email or electronic
communications scam targeted towards a specific
individual, organization or business. Although often
intended to steal data for malicious purposes,
cybercriminals may also intend to install malware on a
targeted user’s computer.
Email based like Phishing Attack.
SMISHING AND
VISHING
Smishing and vishing are types of phishing attacks that
try to lure victims via SMS message and voice calls.
Both rely on the same emotional appeals employed in
traditional phishing scams and are designed to drive
you into urgent action. The difference is the delivery
method.
Both cell phone based.
Smishing-SMS Messages with malicious links. Ex.
update account or personal info, etc.
Vishing-Voice Call. Ex. Social Security, Jury Duty, IRS,
Accident, Police, Kidnapping scams.
SMISHING
EXAMPLE
WHALING
PHISHING
Whaling is a common cyber attack that occurs when
an attacker utilizes spear phishing methods to go after
a large, high-profile target, such as the c-suite.
Malicious actors know that executives and high-level
employees (like public spokespersons) can be savvy to
the usual roster of spam tactics; they may have
received extensive security awareness
training because of their public profile, and the
security team may have more stringent policies and
heftier tools in place to protect them. This leads
attackers who try to phish these targets to look
beyond the same old tried-and-true tactics to more
sophisticated, targeted methods.
WHALING PHISHING EMAIL EXAMPLE
RANSOMWARE
Ransomware is a of malware that encrypts documents, pictures and other files, making them unreadable. The attacker then holds the decryption key for ransom until you agree to pay money, usually through a method such as BitCoin, other digital currency, or gift cards.
Contact law enforcement.
Ransomware assumes that you’ll pay to recover your files – if you back them up regularly, you have no need to pay the ransom. However….
Computer systems can be “Locked” requiring the purchase of entire systems at significant cost.
“Cyber Insurance” may pay attacker to release data but could make you target for future attacks.
You can negotiate with hacker to reduce cost, don’t pay opening bid. Average cost to realease is $700.00.
No guarantee hacker will release data.
RANSOMWARE
DEMAND
INSTRUCTIONS
ADVANCE-FEE SCAMS
Most other email scams involve advance-fees and check fraud, attempting to gain your confidence to move money
on the criminal’s behalf.
Nigerian “419” (Nigerian Criminal Code) scams are the classic example – your help is needed to move a large
amount of money out of a foreign country because someone is ill, has died, or the country’s government is after
it. The victim wires money to assist and never receives anything in return.
New variations include job offers – a sizable wage is sent in advance for a low amount of work, deposited, then
requested to be transferred to another source for payment of some debt. Original check bounces and the victim
has just wired their own money to the criminal.
Precious metal, diamond, gold mine shares, etc.
EMAIL SECURITY
Email is one of the most common and most successful attacks on the internet. Recent statistics cite
up to 90% of successful attacks against businesses begin with a malicious email.
Emails can contain malicious files like virus and malware, link to malicious web sites, or try to coerce
or convince you to give away personal information, like your username and password.
Cybercriminals using email to attack businesses are becoming more and more effective at evading
detection – technology alone is only marginally effective at blocking these new email threats.
Thousands if not millions of emails can be sent in a key stroke, only one needs to work to make it
profitable, Law of Averages.
EMAIL DO’S AND DON’TS
Do: Always verify the sender of a message.
Always hover over web page links (URLs) in email messages to see where they link to – beware URL shortening services (like bit.ly) that may obscure the final web site destination.
Be skeptical of messages with odd spelling/grammar, improper logos or that ask you to upgrade or verify your account.
Report suspicious emails to IT Administrator.
Don’t: Open an attachment from an unknown sender. Consider the source and whether or not the file was
expected.
Click on a link from an unknown sender.
Email someone your username or password.
INDIAN COUNTRY ISSUES
Location
Resources (Investment made in hardening systems, training, etc.)
Wealthy Tribes Attractive Targets (Casino’s, Natural Resources, etc.)
Computer Dependent/Not Computer Dependent
Insider Threat (Any organizations problem.)
PREVENTION,
WHAT CAN YOU
DO
Virus/Malware
SoftwareFirewalls
Up to date software
Employee
Awareness and
Regular Training
Active
Countermeasure
Participate in MS-
ISAC and DHS
Programs
RESOURCES TO
LEARN MORE
DHS Webinar on YouTube
https://www.youtube.com/watch?v=D8kC07tu27A
HOW TO SIGN UP FOR MS-ISAC
https://learn.cisecurity.org/ms-isac-registration
It’s free of charge!
More than 40 tribal governments participate.
QUESTIONS?
Michael J. Donohoe (FBI-Retired)
Live Oak Investigations
P.O. Box 971
Jupiter, FL 33468
www.liveoakpi.com