Cybersecurity Threats in the Public Sector - How Prepared are you?
Rory Ebanks Symptai Consulting Ltd. Director, Information Security Advisory Certifications CCISO, CEH, CHFI, CND, CISSP, CCSP, CISM, CISA, CSX
Presenter: Rory Ebanks The internet allows an attacker to work from anywhere on the planet. Security: We must protect our computers and data in the same way that we secure the doors to our homes. Safety: We must behave in ways that protect us against risks and threats that come with technology. Importance of Cyber Security
Presenter: Rory Ebanks Some questions to ask yourself • Do you know if your organization is secure? • What security strategy does your organization have in place? • When was the last time you updated your passwords? • Do you use the same password for all of your accounts? • Do you have your data backed up and can you easily restore it? • Do you frequently use open Wi-Fi networks? • Do you have anti-virus and anti-malware software installed? • Do you always check and install the latest updates for your operating system and software?
Presenter: Rory Ebanks
Presenter: Rory Ebanks Major threats faced by Public Sector • Identity theft, fraud, extortion • Malware (spyware, Trojans and viruses) • Phishing, spamming • Social Engineering • Stolen hardware • Denial-of-service and distributed denial-of-service attacks • Malicious insiders • Human Error/Careless employees
Presenter: Rory Ebanks Major threats faced by Public Sector • Man-in-the-middle/Sniffing • Password attack (Brute force or dictionary) • Website defacement • Social Media Threat • Vulnerability exploitation • Open/Free Wireless
Presenter: Rory Ebanks Physical Security
Presenter: Rory Ebanks Wireless
Presenter: Rory Ebanks Wireless Attack
Presenter: Rory Ebanks Wireless Traffic
Presenter: Rory Ebanks Examples of Incidents this Year • Exactis - Before June 27th 2018 most people were not familiar with the Florida-based firm Exactis. The company left its database open to the public exposing nearly 340 million individual records, affecting about 230 million US consumers and 110 million businesses. • Tesla - On June 14th a disgruntled Tesla employee admitted to hacking the company’s secret trade information and sharing the data with unnamed 3rd parties. • Facebook – September 2018 Facebook shared details on a flaw in its “View As” feature that allowed hackers to takeover Facebook accounts. “View As” is what allows users to look at their profile as others see it.
Presenter: Rory Ebanks
Presenter: Rory Ebanks 2016 LOCAL INCIDENT STATISTICS Senior Advisor in the Ministry of Science, Energy and Technology, Trevor Forrest “The country lost US $100M due to cyber criminal activity” “…more than 230,000 threats were detected in the space of a month.” SOURCE: JIS (http://jis.gov.jm/everyone-risk- cybercrime) 230K x 12 months = 2.76M INCIDENTS p/yr Published: October 12, 2017 1% of of 2.76 .76M = = 27.6K .6K BR BREACHES PER ER DAY
Presenter: Rory Ebanks Who are Hackers? People committed to circumvention of computer security. • Employees • Contractors • Ethical Security professionals • Neighbors • Friends • Customers • Our Children
Presenter: Rory Ebanks The Enemy What was advanced is now average. • Well planned, strategic approach • Automation assisted manual attacks • Sophisticated Malware • Clear objectives • Lots of resources
Presenter: Rory Ebanks Passwords First Line of Defence ● Users ● Authentication (username & password) ● P@ssw0rds: How weak are they?
Presenter: Rory Ebanks Social Engineering Social engineering, or the “con game,” is the art of manipulating end users into providing confidential or personal information. Phishing: Hackers pretend to be trusted Social Media: organizations such as banks, company Similar to phishing, hackers will act as a trusted organization or friend suppliers, IT staff, or mobile carriers, in and try to obtain your personal information through messages, or get order to get your personal information, you to click malicious links through posts. such as credit card details or confidential corporate information. Piggybacking/Tailgating: Pharming: Hackers re-create websites that look identical to the original but This is when an unauthorized hacker instead contain malware and/or key loggers to gain your personal physically follows an authorized employee information. The website URL will look very similar, although it may into a restricted area (e.g. pass through have a slight typo or a slightly different domain name. E.g. URLs with a locked doors) or uses their computer to different suffix such as .net instead of .com access locked IT systems.
Presenter: Rory Ebanks Scenarios Email: Symptai Bank has noticed a problem with your account… Phone Call: This is John, the In Person: System What ethnicity Administrator. are you? Your What is your mother’s maiden password? name? I have come to repair your machine… and have some lovely software patches!
Presenter: Rory Ebanks Phishing • Keep an eye out for phony email messages . • Things that indicate a message may be fraudulent are: • misspellings, • poor grammar • odd phrasings • Web site addresses with strange extensions • Web site addresses that are entirely numbers where there are normally words
Presenter: Rory Ebanks Phishing Tips • Don’t trust the display name of who the email is coming from • Look but don’t click • Consider the Salutation • Is the email asking for personal information? • Beware of Urgency • Check the email signature • Be careful with attachments • Don’t believe everything you see
Presenter: Rory Ebanks
Presenter: Rory Ebanks Phishing Workflow
Presenter: Rory Ebanks Denial of Service
Presenter: Rory Ebanks Man in the Middle blog.trendmicro.com
Presenter: Rory Ebanks What would you do?
Presenter: Rory Ebanks Do not • Password: • Don’t use your login name • Don’t use your personal information such as last name, first name • Don’t use numbers significant to you or someone close to you • Don’t use passwords based on simple keyboard patterns • Don’t share passwords • Do not turn off security applications • Do not let unknown people touch your computer/device • Do not give out your password to anyone including IT Staff • Do not use insecure wireless connections • Do not open an unknown website or link • Do not open an email attachment unless you are certain
Presenter: Rory Ebanks Ways To Protect Yourself • Strong passwords • Keep your passwords in a safe place and try not to use the same password for every service you use online. • Stay out of Bad Neighbourhoods • Don't Fall for Pop-ups • Screen your email • Keep your devices current with the latest patches and updates • Protect your computer with security software • Backup your data
Presenter: Rory Ebanks Ways To Protect Yourself • Check your financial accounts regularly to ensure no fraudulent activity has taken place. • Do the Two-Step: Many companies now offer two-factor authentication, or two-step verification, for your online accounts. • Be wary of wireless hot-spots. • Be wary of applications and files downloaded from the internet. • When entering information on a website, check the domain’s security. • Use secure connections - Encryption: Websites should use SSL (secure socket layer) to encrypt data.
Presenter: Rory Ebanks Final Remarks • Plan for failures • Collaborate with stakeholders and even competitors on common battles • The key to protecting yourself is being aware. • Continuously perform security sensitization sessions for end users. • User is ultimately responsible. • We all have a role to play in Cybersecurity. The only system which is truly secure is one which is switched off and unplugged
Presenter: Rory Ebanks Questions
Presenter: Rory Ebanks References • https://www.gadgetsnow.com/infographics/symantecs- cybersecurity-predictions-for-2018/articleshow/61980660.cms • https://appspider.help.rapid7.com/docs/conduct-mobile-application- testing-using-wifi-pineapple • https://thebestvpn.com/cyber-security-statistics-2018/ • https://samsclass.info/123/proj10/p3-sniff.htm • https://jis.gov.jm/everyone-risk-cybercrime/ • https://ifflab.org/top-5-types-of-cybercrimes-tips-for-cybercrime- prevention/
Recommend
More recommend