Embed Size (px)
Citation preview
ICT Security Seminar,
for schools & teachers.By Yusuf Brugman and Gamal Nabeeh
Before we start …….
This event will be in two languages, because I
(Yusuf) can’t talk Arabic that good, so will do the
English part, Gamal will do the Arabic part. After I
finish, he we tell de Arabic part.
Today's topics:
• Opening & introduction.
• What’s a Virus, Trojan Horses, Worms, Adware, Spam,
Malware, Phishing and Spyware.
• How to secure you’re workstation.
• It was the computer not me!!!!!!
• Easy money doesn’t exist especially with e-mail and internet
• What can your organization do.
What’s a virus
A virus is a program that can copy itself and infect a computer. A virus can spread from one computer to another, because a user sent it over a network or the Internet, or carried it on a removable medium.
Some viruses have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves.
The Creeper virus was first detected on ARPANET, the forerunner of the Internet, in the early 1970s.
"Elk Cloner" was the first computer virus to appear "in the wild" — that is, outside the single computer or lab where it was created.
The first PC virus in the wild was a boot sector virus dubbed Brain, created in 1986.
Macro viruses have become common since the mid-1990s. Viruses that spread using cross-site scripting were first reported in 2002.
What’s a Trojan Horse
Trojan horse, or Trojan, is software that appears to perform a
desirable function for the user prior to run or install but instead
facilitates unauthorized access of the user's computer system.
"It is a harmful piece of software that looks legitimate. Users
are typically tricked into loading and executing it on their
systems”. The term is derived from the Trojan Horse story in
Greek mythology.
What’s a Worm
A computer worm is a self-replicating software. It uses a
computer network to send copies of itself to other computers
on the network and it may do so without any user intervention.
This is due to security shortcomings on the target computer.
Unlike a virus, it does not need to attach itself to an existing
program. Worms almost always cause at least some harm to
the network, even if only by consuming bandwidth, whereas
viruses almost always corrupt or modify files on a targeted
computer.
What’s Adware
Adware, or advertising-supported software, is any software
package which automatically plays, displays, or downloads
advertisements to a computer. These advertisements can be in
the form of a pop-up. The object of the Adware is to generate
revenue for its author. Adware, by itself, is harmless; however,
some adware may come with integrated spyware such as key
loggers and other privacy-invasive software.
What’s Spam
Spam is the use of electronic messaging to send unsolicited bulk
messages. While the most widely recognized form of spam is e-mail
spam, the term is applied to similar abuses in other media.
Spamming remains economically viable because advertisers have no
operating costs and it is difficult to hold senders accountable for mass
mailings. The costs, such as lost productivity & fraud, are borne by the
public and by ISP, which have been forced to add extra capacity to
cope with the deluge. Spamming has been the subject of legislation in
many jurisdictions.
What’s Malware
Malware, short for malicious software, is software designed to secretly access a computer system without the owner's informed consent.
The prevalence of malware as a vehicle for organized Internet crime.
Malware is not the same as defective software, that is, software that has a legitimate purpose but contains harmful bugs. Sometimes, malware is disguised as genuine software, and may come from an official site. Therefore, some security programs, such as McAfee may call malware "potentially unwanted programs" or "PUP". Though a computer virus is malware that can reproduce itself, the term is often used erroneously to refer to the entire category. Malware is sometimes called scum ware.
What’s Phishing
Phishing is the criminally fraudulent process to acquire sensitive information such as usernames, passwords and credit card details. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.
Phishing is typically carried out by e-mail or messaging, it often directs users to enter details at a fake website whose look and feel are almost identical. Phishing is an example of social engineering techniques used to fool users and exploits the poor usability of current web security technologies.
A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing and influenced by phreaking, and alludes to baits used to "catch" financial information and passwords.
What’s Spyware
Spyware is a type of software that can be installed on computers and collects little bits of information at a time about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as key loggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.
While the term spyware suggests that software that secretly monitors the user's computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs.
How to secure your workstation
• Use only genuine software.
• Use strong passwords.
• Be up to date with your software.
• Make use of a virus scanner.
• Make sure Windows Firewall is turned on.
• Never install programs unless you are fully confident they are safe.
• E-mails
• Be careful where you surf.
• Always lock your workstation or use a password protected screen saver.
Use only genuine software
Always make use of official software because the following reasons:
1. It’s illegal.
2. The changes that a device get infected or hacked is very high.
3. Software companies are doing there best to stop this, this can
mean the device stops working, no updates or other.
Use strong passwords
Passwords are an integral aspect of computer security. Passwords are the front line of protection for user accounts. A poorly chosen password may result in the compromise of critical resource
I divined them in two sections:
• IT Support Professional.
• General Users.
IT Support Professional.
All system-level passwords (e.g., root, enable, admin, application administration accounts, etc.) must be changed every 90 days. All systems administrative-level passwords for production environments must be part of an ITSS administered global password management database.
User accounts that have system-level privileges granted through group memberships or programs must have a unique password from all other accounts held by that user.
General Users
All user-level passwords (e.g., email, web, desktop computer, etc.) must be changed every 90 days. Passwords must not be included in email messages or other forms of electronic communication. Passwords must be at least 8 characters in length. All user-level and system-level passwords must conform to the guidelines described below.
Guidelines:
General password construction guidelines are used for various purposes, i.e. user level accounts, web accounts, email accounts, screen saver protection, voicemail password, and local router logins). It is important that everyone be aware of how to select strong passwords.
Poor, weak passwords have the following characteristics
• The password can be found in a dictionary
• The password is a common usage word such as: Names
of family, pets, friends, co-workers, fantasy characters,
computer terms and names, commands, sites, companies,
hardware, software, birthdays and other personal
information such as addresses and phone numbers.
• Word or number patterns like aaabbb, qwerty, zyxwvuts,
123321, etc.
• Any of the above spelled backwards. Any of the above
preceded or followed by a digit (e.g., secret1, 1secret).
Strong passwords have the following characteristics:
• Contain both upper and lower case characters (e.g., a-z, A-Z) • Have digits and punctuation characters as well as letters e.g., 0-9,
!@#$%^&*()_+|~-=\`{}[]:";'<>?,./) • Are at least eight alphanumeric characters long.
Are not a word in any language, slang, dialect, jargon, etc. • Are not based on personal information, names of family, etc. • Try to create passwords that can be easily remembered. • Change passwords at least once every 90 days. • Do not write down passwords • Do not store passwords on-line without encryption. • Do not share passwords with anyone, including administrative assistants or
secretaries. All passwords are to be treated as sensitive, confidential information.
• If someone demands a password, refer them to this document or have them call the IT Service Desk.
• Don't reveal a password over the phone to ANYONE • Don't reveal a password in an email message • Don't reveal a password to the boss • Don't talk about a password in front of others Don't hint at the format of a
password (e.g., "my family name") • Don't reveal a password on questionnaires or security forms • Don't share a password with family members • Don't reveal a password to co-workers while on vacation
Don't use the "Remember Password" feature of applications (e.g., Instant Messenger, Internet Explorer, Mozilla).
• If an account or password is suspected to have been compromised, report the incident to IT.
• Password cracking or guessing may be performed on a periodic or random basis by security personnel. If a password is guessed or cracked during one of these scans, the incident will be documented and the user will be required to change their password.
Be up to date with your software.
Microsoft releases regular security updates and patches for the
Windows operating system and its various software the first
Tuesday of every month. These “Patch Tuesdays” updates, it is
nevertheless important to ensure that approval is given to
update your system should your permission be requested.
Also other software on your pc like Adobe, Java, Virus scanner
has updates it wise to do this frequently to minimize the
change of vulnerabilities and changes of viruses ect.
This applies also to your software drivers of your pc.
Make use of a virus scanner.
A virus scanner is used to prevent, detect, and remove computer viruses,
worms, and Trojan horses. It may also prevent and remove adware,
spyware, and other forms of malware.
A variety of strategies are typically employed. Signature-based detection
involves searching for known patterns of data within executable code.
However, it is possible for a computer to be infected with new malware for
which no signature is yet known. To counter such so-called zero-day
threats, heuristics can be used. One type of heuristic approach, generic
signatures, can identify new viruses or variants of existing viruses by
looking for known malicious code, or slight variations of such code, in
files. Some antivirus software can also predict what a file will do by
running it in a sandbox and analyzing what it does to see if it performs any
malicious actions.
No matter how useful antivirus software can be, it can sometimes have drawbacks. Antivirus software can impair a computer's performance. Inexperienced users may also have trouble understanding the prompts and decisions that antivirus software presents them with. An incorrect decision may lead to a security breach. If the antivirus software employs heuristic detection, success depends on achieving the right balance between false positives and false negatives. False positives can be as destructive as false negatives. Finally, antivirus software generally runs at the highly trusted kernel level of the operating system, creating a potential avenue of attack.
Nowadays there are free and paid software, my view is better to go for the paid software like McAfee, Sophos. I don’t believe in the free ones, they will work but not fully.
What to do when you have a virus!
1. As soon as you suspect that your computer has a virus, remove your computer from any networks it might be on, as well as from the Internet, so that you don't inadvertently spread the bug to others. Unplug your network cable if you have to.
2. If you have anti-virus software installed, run it.3. If you don't have anti-virus software, you'll need to obtain some. If you
can't get it from a network administrator or download it from an uninfected computer, you can mail-order it from a retailer.
4. Start your computer (still not connected to a network) and follow the instructions that came with the anti-virus software.
5. Keep running the virus-scanning software until your computer comes up clean.
6. Reconnect your computer to the Internet and check with the anti-virus software's publisher to make sure you have the latest updates. If not, download them now.
7. After updating the anti-virus software, run it again until your computer comes up clean.
Make sure Windows Firewall is turned on.
In general all companies have a hardware device that’s called a Firewall, but it will never hurt to turn on the Windows Firewall.
A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices that is configured to permit or deny network transmissions based upon a set of rules and other criteria.
Firewalls can be implemented in either hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which inspects each message and blocks those that do not meet the specified security criteria.
Installing programs
Never install programs unless you are fully confident they are safe. In particular, only download files from trusted sources and never install programs that friends give you on removable media unless you have verified that they are safe.
This can be done based on 3 things:
1. Scan the program before installing
2. Is it illegal or not.
3. What is said on the Internet about this product.
E-mails
• Never click on e-mail attachments from no trusted
sources however tempting and attractive such
attachments may seem.
• Never click on links in e-mail from unknown
correspondents.
• Make sure the e-mail and the attachments in the e-
mail of friend or co-workers are safe.
Be careful where you surf.
Most problems starts on pc by surfing behavior.
1. It’s very important to go to safe sites.
2. Don’t go to sites where illegal software.
3. Don’t go to sites non morale movies are on.
4. Read what you click on.
5. Don’t put pictures of children on the net.
6. Be careful with personal information's, most of the
time this will be used for id theft.
Always lock your workstation or use a
password protected screen saver.
Always when you leave your workspace lock your PC.
This can be done by pressing the Windows button and the
L button.
A other way is to use a password protected screensaver
and set the timing after 5 min to be turned on.
There a to much cases that things happened because
people walked a way from the pc without these steps.
It was the computer not me!!!!!!
As an ICT Specialist, I always hear from the end users
it’s the pc who does it.
1. A pc doesn’t do anything without any handling of a
person
2. Read carefully where you click on.
3. When you finish close down the open programs and
save your work and then shutdown the pc properly.
Easy money doesn’t exist especially with e-
mail and internetMost offers on the net or by mail offering you large amount of money or asking you for to park a couple of million dollars on your bank account.
These examples are a hoax. It's a deliberate attempt to trick people into believing or accepting something which the hoaxer (the person or group creating the hoax) knows is false.
Properly you will have to buy some amount of money or have to give credit card details.
