Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
TNTMAX CYBERSECURITY PRESENTATIONby Frederic Farcy
SECURITY IS NOT OPTIONAL! March
2019
Who is TNTMAX?
TNTMAX is the technology partner your business needs. From IT services, cybersecurity to software development, web design and digital marketing, we have the answers and expertise to handle all your technology. Our success is driven by our excellent staff, dedicated to providing exceptional service and support. Our internal motto is, "We are not done until our customers are fully satisfied".
How Does Cybersecurity Affect My Business?
The latest government statistics show that more than four in ten (43%) of all businesses and charities experienced a cyber breach or attack in the past year. This included viruses, hacking, theft of data and theft of financial information. (This number does not reflect unreported attacks/breaches.)
It is important to protect your business – regardless of size - against these threats. A single successful attack could seriously damage your business and cause a financial burden for you and your customers, as well as affect your business’s reputation.
Some important numbers related to Cybersecurity
• Number of new malware variants for mobile devises increased 62% in 2018
• 12 billion records were estimated to be stolen in 2018 according to Juniper
• Identity theft affected 60 million Americans in 2018 (equal to 18% of total population)
• U.S. government will spent $15 billion on cybersecurity in 2019
• The United States is the No. 1 target for targeted attacks
• 92% of malware is delivered by email
• 56% of IT decision makers say targeted phishing attacks are their top security threat.
• The average ransomware attack costs a company $5 million.
STATISTICS
On average, 15+ million tracked attacks take place each day.
(NOTE: This number does not account for untracked attacks)
Norse
http://www.norse-corp.com/
Digital Attack Map
http://www.digitalattackmap.com/
STATISTICS
On average per day 1+ Million Active Bots are tracked Worldwide
(NOTE: that number does not account for untracked active Bots)
Norse
http://www.norse-corp.com/
Digital Attack Map
http://www.digitalattackmap.com/
THREAT ACTORS
• Government Sponsored
• Organized Crime
• Hacktivists
• Insider Threat
• Opportunistic
• Criminals
• Internal User Error
• Military / Warfare
CYBER CRIME MOTIVATION
• Cyber Extortion
• Personal Data Theft
• Financial Data Theft
• Corporate Espionage
• Intellectual Property Theft
• Political
• Ideological
• Cyberbullying
• Prestige / Curiosity
• Financial
MALWARE
Malware or malicious software is a serious problem that affects everyone.
Malware is a software designed to harm a user’s computer, data or to steal their information.
MALWARE TYPES
Malware comes in many different types & configurations
▪Viruses
▪Crypto-malware
▪Ransomware
▪Worms
▪Trojans
▪Logic Bombs
▪Bots
▪RAT
▪Rootkit
▪Keylogger
▪Backdoor
Above are just some examples of malware threats
▪Adware
▪Spyware
▪APT
▪Etc.
CYBER ATTACK – SOCIAL ENGINEERING
Cyber attack is an attack directed at computers and/or computer network attempting to expose, alter, disable, destroy, steal or gain unauthorized access to or make unauthorized use of an asset.
Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices in order to gain access to systems, networks or physical locations, or for financial gain.
CYBER ATTACK – SOCIAL ENGINEERING
A cyber attack is an attack directed at computers and/or a computer network attempting to expose, alter, disable, destroy, steal or gain unauthorized access to or make unauthorized use of an asset.
SOCIAL ENGINEERING TYPES
• Phishing
• Spear Phishing
• Whaling
• Vishing
• Phraming
• SMiShing
• Tailgating
• Dumpster Diving
• Shoulder Surfing
• Etc.
CYBER ATTACK – PHISHING EXAMPLE
See printed handout
“PHISHING
PROTECTION KEY
RECOMMENDATIONS
by Frederic Farcy“
CYBER ATTACK – SOCIAL ENGINEERING
Phishing - sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information.
Spear Phishing - sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information
Whaling - a phishing attack that is specifically aimed at wealthy, powerful, or prominent individuals
Phraming - Traffic redirect to a spoofed web site
SMiShing - Sending fraudulent text messages
CYBER ATTACK – SOCIAL ENGINEERING
Tailgating - sometimes referred to as piggybacking, is a physical security breach in which an unauthorized person follows an authorized individual to enter a secured premise.
Impersonation – an emailed attack that attempts to impersonate a trusted individual or company in an attempt to gain access to corporate finances or data. Business email compromise (BECs) also known as CEO fraud is a popular example of an impersonation attack.
Dumpster diving - is looking for treasure in someone else's trash. In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network.
Shoulder surfing - is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or type in an account password.
PASSWORD MANAGER / SAFE
A password manager assists a user in storing passwords, usernames and other confidential information in an encrypted database that uses advance encryption security (AES). The user utilizes one very strong password they need to memorize to get into the password safe. This provides the user with a secure place to store sensitive information. It especially helps users in using different usernames and passwords for every site without having to memorize all their logins - making their online life a little safer.
https://www.tntmax.com/tntmax-top-10-password-safe-software/
MULTIFACTOR AUTHENTICATION
Multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism. Example, something you know like a "Password" and something you have with you, like a "Cell phone that receives a pin“. Two-factor authentication is a type, or subset, of multi-factor authentication.
We strongly recommend you always use Multi-Factor Authentication when available.
CYBER ATTACK – NETWORK / WIRELESS ATTACKS
Attacks used to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.
Denial-of-service attacks, also known as distributed denial-of-service attacks (DDoS), are third on the list on the list of network security attacks, and they continue to grow stronger every year.
CYBER ATTACK – NETWORK / WIRELESS ATTACKS
A wireless attack is a malicious action against wireless system information or wireless networks; examples can be denial of service attacks, penetration, and sabotage.
NETWORK / WIRELESS ATTACK TYPES
• DoS / DDoS
• Man-in-the-middle
• Amplification
• DNS Poisoning
• Domain hijacking
• ARP poisoning
• Initialization Vector (IV)
• Evil twin
• Rogue AP
• Jamming
CYBER ATTACK – NETWORK / WIRELESS ATTACKS
Jamming - Jamming attacks are severe Denial-of-Service attacks against wireless medium. In this work, considering the role of wireless adversary, which targets the packets of high importance by emitting radio frequency signals and do not follow underlying network architecture.
Bluejacking - Bluejacking is the practice of sending messages between mobile users using a Bluetooth wireless connection. People using Bluetooth-enabled mobile phones and PDAs can send messages, including pictures, to any other user within a 10-meter or so range.
Bluesnarfing - Bluesnarfing is an attack to access information from wireless devices that transmit using the Bluetooth protocol. With mobile devices, this type of attack is often used to target the international mobile equipment identity (IMEI). ... Because Bluesnarfingis an invasion of privacy, it is illegal in many countries.
CYBER SECURITY – PROTECTION
Protections you must do when addressing cyber security threats
• Backup – Securely backup all systems - both on-site & off-site
• Updates – Install updates to operating systems, anti virus updates, etc.
• Firewall – Use stateful firewall or unified threat management appliance to protect your company from the internet
• Training – Train staff to recognize common threats and adhere to company security polices
• Polices – Roll-out information on security policies to protect company and customer data
CYBER SECURITY – BACKUP
• Make sure you have on-site backup and off-site backup
• Make sure your backups are encrypted using AES
• Make sure your backups are tested monthly to ensure they work well
• Make sure you monitor your backups daily to ensure they take place
• Make sure your backups include all the data critical to the company and your customers’ operations.
CYBER SECURITY – LIFE CYCLE
• Monitor Safeguards
• Respond to Security Incidents
• Make Adjustments
In today’s threat environment, the sheer number of cyber threats, from advance persistent threat (APT) to known and unknown malware, will not decrease. Every business must have an ongoingcyber security strategy to protect their business. Example of a standard cyber security life cycle:
• Identify Assets
• Evaluate Threats and Risks
• Apply Safeguards
CYBER SECURITY - PROTECTION
Cyber Security Protection – How do we protect ourselves and our business?
▪We need make sure we have secure backup of all our data and systems
▪We need to utilize the security software and hardware tools to protect our business, our client data and our assets
▪We need to have security procedures and policies in place that are required when handling company or client data and our intellectual property - and we must educate all of our staff on them.
▪We must review our security plan, policies, procedures and training on a yearly basis to stay compliant and current
▪We must understand that we will never be too prepared
CYBER SECURITY - PROTECTION
Turn your biggest weakness into your biggest asset. Educate and train your staff on cyber-security awareness. Be sure your staff:
▪Knows how to recognizing a Phishing scam email
▪Does not click on any link in an email or on social media, etc.
▪Uses Strong Passwords
▪Never gives personal or company information to an untrusted source. If someone calls you, they are an untrusted source. Call the number you trust and confirm the request.
CYBERSECURITY – TOP 15 RECOMMENDATIONS
TOP 15 CYBERSECURITY RECOMMENDATIONS FOR INDIVIDUALS
“I am a target for cybercriminals/hackers”
1. UPDATES – MAKE SURE YOU INSTALL SECURITY AND SOFTWARE UPDATES
2. PASSWORDS - USE STRONG PASSWORDS
3. TWO-FACTOR AUTHENTICATION - MULTI-FACTOR AUTHENTICATION
4. ANTI-VIRUS – USE ANTI-VIRUS SOFTWARE
5. BACKUP – MAKE SURE YOU BACKUP ALL YOUR DATA
6. FIREWALL – PROTECT YOUR HOME NETWORK
7. WIRELESS – PROTECT YOUR HOME WIRELESS NETWORK
8. SOCIAL MEDIA – LIMIT PERSONAL INFO YOU POST ONLINE
9. TRUSTED SOURCE - ONLY USE TRUSTED SOURCES
10. SHREDDER - USE A CROSS-CUT PAPER SHREDDER
11. EDUCATE – LEARN HOW TO SPOT PHISHING EMAILS AND HOW TO PROTECT YOURSELF
12. DIGITAL BILLS & STATEMENTS - SWITCH ALL YOUR BILLS & STATEMENTS TO EMAIL DELIVERY
13. PASSWORD MANAGER TOOL – USE AN AES ENCRYPTED PASSWORD MANAGER
14. MONITOR YOUR CREDIT REPORTS – CREDIT BUREAU
15. IDENTITY THEFT PROTECTION SERVICE – LIFELOCK
TOP 15 CYBERSECURITY RECOMMENDATIONS FOR SMALL BUSINESSES
“My business is a target for cybercriminals/hackers.”
1. FIREWALL – PROTECT COMPANY PERIMETER
2. UPDATES - END-POINTS AND APPLICATION SOFTWARE UPDATES
3. ANTI-VIRUS / ANTI-MALWARE – USE ANTI-VIRUS SOFTWARE ON ALL END-POINTS
4. POLICIES – IMPLEMENT INFORMATION SECURITY POLICIES
5. IDS/IPS - IMPLEMENT PERIMETER INTRUSION DETECTION and/or PREVENTION SYSTEM
6. ENCRYPTION – USE ENCRYPTION IN TRANSIT and/or AT REST
7. BACKUP – BACKUP ALL COMPANY AND CLIENT DATA
8. TRAINING – TRAINING STAFF ON SECURITY AWARENESS
9. WIRELESS – PROTECT YOUR OFFICE WIRELESS NETWORK
10. MULTI-FACTOR AUTHENTICATION & STRONG PASSWORDS
11. MONITORING & AUDITING
12. BASELINE SECURITY AND APPLICATION REQUIREMENTS
13. THIRD PARTY STAFF AWARENESS TESTING & PEN TESTING
14. NETWORK SEGREGATION / SEGMENTATION / ISOLATION
15. NEVER LEAVE DEVICES UNATTENDED – CLEAN DESK POLICY
CYBERSECURITY - CONCLUSION
If you already have a solid cybersecurity strategy for your business, then look for ways to improve it each year in order to stay ahead.
If you do not have a cybersecurity strategy, get one. Take the first step today and get started.
If you need professional help with any and all aspects of your cybersecurity strategy, call TNTMAX (201) 891-8686 or email us at [email protected]
REFERENCES
We use the following references:• https://www.owasp.org/
• https://searchsecurity.techtarget.com/
• https://resources.infosecinstitute.com/
• https://quizlet.com/
• https://en.wikipedia.org/
• https://www.csoonline.com/
• https://www.sans.org/reading-room/
• https://www.crowdstrike.com/
• https://www.fireeye.com/
• https://www.juniper.net/
• https://www.gdatasoftware.com