Text of Healthcare forum perry-david m-everything you know is wrong!
1. By David Perry
2. From companies that make education solutions From researchers that have noticed the problem Because everyone knows users are the weakest link Because you cant patch stupid. But there is a better reason to focus on user educationmany better reasons
3. What assets they are protecting? What threatens those assets? What measures can be taken against those threats? How can they tell that they are compromised? How can they tell that they are protected? How long will any prescription be valid? In fact, where users are concerned
4. The following slides were written fifteen years ago for a presentation at EICAR 2001, they accompany my paper on virus misinformation disinformation and myth The same is true today, maybe even more so, as todays, more complex world proves even harder to describe Todays users face more threats, more dangeous ones, and have even less understanding of the world around them
5. The Other Virus There is another virus that was not written in visual basic, assembler or even C. This virus does not operate on any hardware or software platform developed in this century. This virus has no limits to its infectious perfidy, and its payloads are capable of anything!
6. This virus is..
7. Is the imaginary virus worth examining? Not just hoaxes, but three categories of error Misinformation (Getting it wrong, plain and simple) Disinformation (Lies, exaggeration and practical jokes) Myth (The oral tradition meets the silicon wave)
8. The Canon of Misinformation: Everyone Knows Viruses destroy hardware. Viruses are written by: Antivirus companies. Thirteen year olds. Spies and agents provocateur. All system crashes, data loss and mysterious behavior are caused by viruses. And. And. And.
9. The Canon of Disinformation I heard it through the grapevine Urban Legends: Once a strictly oral tradition are now made both global and nearly instantaneous by the addition of internetworked personal computers. Who creates virus hoaxes? Who hypes viruses to the press? How far do these memes reach?
10. The damage done by bad semantics (jargon and restricted use) The confusion of map and territory (damage equals virus, action equals virus) Associative confusion As biological viruses are associated with greater danger (AIDS, Ebola) computer viruses in general take on the cachet of that danger. Extensional relation (actions guided by language)
11. The Canon of Myth Popular fiction, movies and television all portray viruses with a decidedly different twist.
12. Viruses always have animated GUIs
13. Viruses Crash Alien Spacecraft!
14. The malware of today is still sometimes a virus, sometimes a worm, frequently a trojan horse But the meanings of these terms is still generally misunderstood by the general public, and still by at least one person in this hall So in interest of that person, we will stop and do a basic taxonomy of malware
15. 'Malware' is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software. Malware is often disguised as, or embedded in, non- malicious files. As of 2011 the majority of active malware threats were worms or Trojans rather than viruses. (Wikipedia)
16. The term malware was first coined in July,1990 by Yisrael Radaiit means all malicious or unwanted software. Although we already had the terms virus Trojan and worm at the time (along with others) the word Malware has come to include all other forms. The most basic of taxonomy follows, along with the sources of the names and what they imply.
17. 6/20/201 5 18Classification We are not emotionally prepared to handle the constant rate of technological change New technologies require new ways of thinking A new tool can extend our reach in many ways Sometimes, new technologies have negative effects mixed in with their blessings
18. 6/20/2015 Patterns and language and perspective=taxonomy
19. 6/20/2015 20 Classificati on
20. 6/20/2015 21 Classificati on
21. 6/20/2015 22 Classificati on A Trojan is a program that hides under a false pretense Or A Trojan is a non replicating malware Or A Trojan is a back door to the system Even Inside this field of studythe word has three different meanings
22. 6/20/2015 23 Classificati on The expert; This particular piece of malware is a password stealing trojan, delivered by a downloader connected via a multiple web redirect using iframe and (ad infinitum) End user hears: blah blah blah blah blah End user says: What does this mean? What is the purpose of this malware? The expert hears: I am a dummy, ignore me.
23. 6/20/2015 24 Classificati on
24. 6/20/2015 An example of teaching the basics...
25. 6/20/2015 26 Classificati on The original computer virus was not located on a pc It was not on an apple It was not on a mini or mainframe It was not located on computer hardware or software of any kind
26. 6/20/201 5 27Classification It was in a work of fiction!
27. 6/20/2015 28 Classificati on RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
28. 6/20/2015 29 Classificati on Elk Cloner: The program with a personality It will get on all your disks It will infiltrate your chips Yes it's Cloner! It will stick to you like glue It will modify RAM too Send in the Cloner! Written by a 9th grader, named RICH SKRENTA
29. 6/20/2015 30 Classificati on RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
30. 6/20/2015 31 Classificati on RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
31. 6/20/2015 32 Classificati on Sometimes getting too close to an object obscures Its place in the greater scheme
32. 6/20/2015 33 Classificati on How does it get on to the victims computer? (method of access) What unwanted activities does it perform on the victims computer? (economic purpose) How does it technically accomplish its purpose? (method of accomplishment) How does it protect itself from being detected, blocked or removed? (self- defense)
33. 6/20/2015 34 Classificati on Is this already too complicated for the end user to understand? Can we fix that? Do we want to?
34. To the end user, the computer is a single, homogenized unit that is used to connect to the internet, which is a homogonized place. To the expert, a computer is a vast galaxy of hardware, firmware, operating system, drivers, applications, browser, web apps, scripts BHOs and any variety of cloud based computing and storage elements, a galaxy with as many as a trillion distinct elements. Far too complex to describe to anyone in any depth.
35. The Advanced Persistent Threat is not some new kind of malware It is an extended attack that might include all manner of malware, other hacking skills and possibly the infiltration of your network by rogue insiders It is a term we take from the intelligence community, and it names any attack that goes on for a long time with varying techniques
36. The Value of data and the possible repercussions of insecurity The nature of internet bad actors and how you might be a target for many reasons The nature of vulnerabilities, rather than the starring vulnerability of marketing The difference between vulnerability, exploit, and attackand so many other things The basics of protection and the need for continuous education
37. And that, dear listener, is the beginning of wisdom.