Monday, September 21, 2015

October is Cyber Security Month

- these notes were passed to us by ALSDE.
Scott Crews
Coordinator, Networking and Operations
Information Systems
Alabama Department of Education

Vulnerabilities are bugs in software programs that hackers exploit to infect computers.
Security vulnerabilities can be found in any software product, leaving users open to attacks. Responsible software vendors, when aware of the problem, create and issue patches to address the problem. There are companies that pay researchers or ethical hackers for new vulnerabilities. There are also hackers that sell new vulnerabilities on the black market. These zero-day attacks refer to exploiting vulnerabilities before a patch is available.
To reduce vulnerabilities, you should run the latest available patches on your operating system and any installed applications.

Spyware is software that permits advertisers or hackers to gather sensitive information without your permission.
You can get spyware on your computer when you visit certain websites. A pop-up message may prompt you to download a software utility that it says you need, or software may be downloaded automatically without your knowledge. When spyware runs on the computer, it may track your activity (e.g., visits to websites) and report it to unauthorized third parties, such as advertisers. Spyware consumes memory and processing capacity, which may slow or crash the computer.
Good antivirus and endpoint security solutions can detect and remove spyware programs, which are treated as a type of Trojan.
Social Engineering
Social engineering refers to the tricks attackers use to fool victims into performing an action. Typically, these actions are opening a malicious webpage or running an unwanted file attachment.
Many social engineering efforts are focused on tricking users into disclosing usernames or passwords, allowing attackers to send messages as an internal user to further their data stealing attempts. In April 2012, hackers distributed a malware campaign pretending to be an email about a revealing photo of the recipient that was posted online. The email body featured a variety of messages with an attached ZIP file, which contained a Trojan.
Subject lines used in the spammed-out malware campaign included: RE: Check the attachment you have to react somehow to this picture FW: Check the attachment you have to react somehow to this picture RE: You HAVE to check this photo in attachment man RE: They killed your privacy man your photo is all over Facebook! NAKED! RE: Why did you put this photo online? Keep your wits about you, and your antivirus up to date, and you should have little to fear.

Phishing refers to the process of tricking recipients into sharing sensitive information with an unknown third party.
Typically, you receive an email that appears to come from a reputable organization, such as:  Ì Banks Ì Social media (Facebook, Twitter) Ì Online games Ì Online services with access to your financial information (e.g., iTunes, student loans, accounting services) Ì Departments in your own organization (from your technical support team, system administrator, help desk, etc.) The email includes what appears to be a link to the organization’s website. However, if you follow the link, you are connected to a phony copy of the website. Any details you enter, such as account numbers, PINs or passwords, can be stolen and used by the hackers who created the bogus site.
Sometimes the link displays the genuine website but superimposes a bogus pop-up window.  You can see the address of the real website in the background, but the details you enter in the pop-up window can be stolen. To better protect against phishing attacks, it’s a good practice not to click on links in email messages. Instead, you should enter the website address in the address field and then navigate to the correct page, or use a bookmark or a Favorite link. Phishing attacks via email are beginning to include an offline aspect to convince well-trained users to still leak information. We have seen phishing schemes use phone numbers and fax numbers in addition to websites. Anti-spam software can block many phishing related emails, and web security software can block access to phishing-related websites.

Cookies are files placed on your computer that allow websites to remember details.
When you visit a website, it can place a file called a cookie on your computer. This allows the website to remember your details and track your visits. Cookies can be a threat to confidentiality, but not to your data. Cookies were designed to be helpful. For example, if you submit your ID when you visit a website, a cookie can store this data so you don’t have to re-enter it the next time. Cookies also have benefits for webmasters, as they show which webpages are most used, providing useful input when planning a redesign of the site. Cookies are small text files and cannot harm your data. However, they can compromise your confidentiality. Cookies can be stored on your computer without your knowledge or consent, and they contain information about you in a form you can’t access easily. And when you revisit the same website, this data is passed back to the web server, again without your consent. Websites gradually build up a profile of your browsing behavior and interests. This information can be sold or shared with other sites, allowing advertisers to match ads to your interests, display consecutive ads as you visit different sites, and track the number of times you have seen an ad. If you prefer to remain anonymous, use the security settings on your Internet browser to disable cookies
Browser Hijacker
Browser hijackers change the default homepage and search engine in your Internet browser without your permission.
You may find that you cannot change your browser’s homepage once it has been hijacked. Some hijackers edit the Windows registry so that the hijacked settings are restored every time you restart your computer. Others remove options from the browser’s tools menu, so that you can’t reset the start page. Browser hijacking is used to boost advertising revenue, as in the use of black hat SEO, to inflate a site’s page ranking in search results. Browser hijackers can be very tenacious, as well as sneaky. Attackers use clickjacking, also known as a UI redress attack, by inserting multiple transparent, or opaque, layers on a webpage.  This technique can trick a user into clicking on a button or link on a page other than the one they were intending to click on. Effectively the attacker is hijacking clicks meant for one page and routing them to other another page, most likely owned by another application, domain, or both. Although these threats don’t reside on your PC, they do affect your browsing experience.

No comments:

Post a Comment