3. Wisdom Tree
Wisdom
Knowledge
Information
Data
South facing traffic lights
on corner of George and
Pitt Street has turned red
Meaning
Red, 192.234.235. 245.678Raw
I better stop the carApplied
The traffic lights I am
driving toward has turned
red
Context
4. Enterprise
• Customer Data
• Employee Data
• Financial Numbers
• IT Infrastructure
• Location of DR Site
• Business Strategy
Personal
• Driving License Number
• Address
• TFN Number
• Medical Records
• User ID and Passwords
• Banking Information
Crown Jewels
8. Case Study
What Happened?
• Jan 2016: Hackers installed malware into Bangladesh Central Bank
computers to prevent workers from discovering the fraudulent
transactions quickly. In the case of Bangladesh Bank, the malware
subverted the software used to automatically print SWIFT
transactions.
• Feb 2016: Hackers used SWIFT credentials of Bank employees to
send more than three dozen fraudulent money transfer requests to
the Federal Reserve Bank of NewYork asking the bank to transfer
$951 millions of the Bangladesh Bank's funds to bank accounts in the
Philippines, Sri Lanka and other parts of Asia.
• Thirty transactions worth $851 million were flagged by the banking
system for staff review, but five requests were granted; $20 million to
Sri Lanka (later recovered), and $81 million lost to the Philippines,
entering the Southeast Asian country's banking system on February
5, 2016.This money was laundered through casinos and some later
transferred to Hong Kong.
9. Case Study
How was it stopped/discovered?
• The hackers misspelled "Foundation" in their request to transfer the
funds, spelling the word as "Fundation".This spelling error gained
suspicion from Deutsche Bank, a routing bank which put a halt to the
transaction in question after seeking clarifications from Bangladesh
Bank.
• Sri Lanka-based Pan Asia Bank initially took notice of the
transaction, with one official noting the transaction as too big for a
country like Sri Lanka. Pan Asia Bank was the one which referred the
anomalous transaction to Deutsche Bank.The Sri Lankan funds have
been recovered by Bangladesh Bank.
10. Case Study
The impact
• $81 Millions lost
• Unrepairable reputational damage
• Loss of trust in global market
11. Information Security Survey
1. What are your responsibilities for the protection of
company assets?
a) Assist with the protection and proper use of information
assets
b) Know the processes to protect information assets
c) Build proper security practices into your day
d) All of the above
d) All of the above
12. Information Security Survey
2. When sending or forwarding email you should make sure
that it does not?
a) Create a chain mail situation
b) Have an attachment file
c) Follow general business practices
d) Send to intended recipient
a) Create a chain mail situation
13. Information Security Survey
3. When constructing a password you should?
a) You should use your family member name, sports name,
pet name and add a number on the end
b) Use phrases or misspelled words with embedded numbers
and special characters
c) Use sequenced letters and numbers from your keyboard
d) All of the above
b) Use phrases or misspelled words with embedded numbers
and special characters
14. Information Security Survey
4. What would you do if you encountered a security incident?
a) Contact your SecurityTeam or General Manager
b) Tell a co-worker
c) Call the local newspaper
d) None of the above
a) Contact your SecurityTeam or General Manager
15. Information Security Survey
5. Who or what is the weakest link in the security chain?
a) Internet
b) Banking System
c) Humans
d) Head Office
c) Humans
16. Information Security Survey
6. What is the best password for organisation’s system
a) P@sS2
b) Password12345
c) T88Sydn3y
d) J*gi97!0q
d) J*gi97!0q
17. Information Security Survey
7. You are on your holidays and one of your staff called you to
approve a $5 millions bank transfer.What would you do?
a) Unrealistic. I am unreachable on my holidays
b) My staff know my password while I am away
c) I will ignore the call
d) I will call back to the office number and ask the person to
authenticate, before taking any action.
d) I will call back to the office number and ask the person to
authenticate, before taking any action.
18. Information Security Survey
8. Your kids visited you in your office and wanted to see the
server room.What should you do?
a) Open the server room and show them the servers
b) Ask for permission from the General Manager
c) Distract my kids
d) Server room is off limit to any unauthorised individuals
d) Server room is off limit to any unauthorised individuals
19. Information Security Survey
9. There is an earthquake in your city and your office is not
available.What should you do?
a) Call my General Manager / Colleague
b) Stay at safe location till any further instructions provided
c) Arrive to the identified BCP site
d) All of the above
d) All of the above
20. Information Security Survey
10. Information send from my corporate email account is
private and no one can look at it?
a) True
b) False
b) False
23. Some Definitions
Viruses • A virus is a computer program intentionally written and released to
spread across computers and networks and disrupt your computing
experience.
• These bad-mannered programs come to your PC through email, the
Internet, downloaded files, and files you open on a CD.
• Viruses typically work by attaching themselves to another program on
your PC, and do not infect the computer until the program runs.
Worms • A worm is similar to a program but doesn't need to attach itself to
another program to run.
• Worms, a sub-class of viruses, are replicated automatically without
human help (like an email address book attack).
• Worms can bog down networks and web sites.And, the scary part is
that you don't have to do anything but turn your computer on!
Trojans • ATrojan poses as a legitimate program but is designed to disrupt
computing on the PC it infects. It is not designed to spread to other
computers.
Backdoor
Trojans
• This type of code allows other computer users to gain access to your
computer across the Internet.
24. Anti Malware Software
Definition
Anti-malware software is a program or set of programs that are designed to prevent, search
for, detect, and remove software viruses, and other malicious software like virus, worms,
trojans, adware, and more.
What is the risk ?
• Lock / Delete your data
• Use your machine to infect other machines
• Steal your personal information
• User your machine to launch cyber attacks
25. Anti Malware Software
What to do ?
• Compare all Anti malware software available and choose which you can manage
• Update your Anti malware software regularly
• RunAnti malware scan on your device periodically (at least monthly)
• Do not turn it off to install new software.
Avast Eset Malwarebytes McAffee Avira Kaspersky AVG
26. Data Backup
Definition
A backup, refers to the copying and archiving of computer data so it may be used
to restore the original after a data loss event.
What is the risk ?
• Unable to recover data after its loss, be it by data deletion or corruption.
• Unable to recover data from an earlier time
Is Backup and Disaster Recovery Same?
• No, backup should be part of any disaster recovery plan, backups by themselves should
not be considered a complete disaster recovery plan as not all backup systems are able to
reconstitute a computer system or other complex configuration.
27. Data Backup
What to do ?
• Backup, Backup and more Backup
• Backup Medias:
• External hard drive
• Flash Drive
• Cloud Storage
• Periodically check that your backup files can be restored.
28. Portable Storage Devices
Definition
Portable Storage Devices (PSDs) are small, lightweight, portable devices capable of storing
large amounts of data.The most common kinds of PSDs are USB flash drives (also called
USB keys or thumb drives), portable external hard drives, tablets (iPad, GalaxyTab), smart
phones (iPhone, Android) and some MP3 players (iPod, Zune). Additionally, netbooks are
often considered to be PSDs.
What is the risk ?
• Easy to carry in and out of enterprise
• Most of the time no encryption
29. Portable Storage Devices
What to do ?
• Scan these devices, prior to use to look for malicious software.
• Label these devices indicating their use.
• Disable autorun and autoplay features for removable media devices.These
automatically open removable media files when it is plugged into your system.
• Define procedures for ensuring secure disposal of, or deletion of information from,
PSDs.
• If possible, encrypt or password protect these devices.
30. Weak Passwords / PINs
Some Facts
• Top 5 passwords are 123456, 123456789, qwerty, 12345678, password
• Top 5 PINs are 1234, 1111, 0000, 9999, person’s year of birth
• Above list is not changed for last five years
• Two-thirds of people use no more than two passwords for all their online accounts
• When people are asked to include a number in a password, the majority simply add a “1”
or a “2” at the end.
• The minimum password length experts now recommend to avoid being compromised by
brute-force cracking is 13
• About 40% of organizations store privileged and administrative passwords in aWord
document or spreadsheet.
31. Weak Passwords / PINs
What to do ?
• Where ever possible use 2 factor authentication or biometric
• Don't use your login or user name in any form (as-is, reversed, capitalized, doubled, etc.)
• Don't use your first, middle, or last name in any form.
• Don't use your spouse's, significant other's, children's, friend's, or pet's name in any form.
• Don't use other information easily obtained about you, including your date of birth,
license plate number, telephone number, social security number, make of your
automobile, house address, etc.
• Don't use a password of all digits or all the same letter.
• Don't use a word contained in English or foreign language dictionaries, spelling lists,
acronym or abbreviation lists, or other lists of words.
• Don't use a password containing fewer than six characters.
• Don't give your password to another person for any reason.
32. Wireless Network Security
Definition
A wireless network is a computer network that uses wireless data connections
between network devices such as laptops, mobile phones.
What is the risk ?
• Your neighbour can use free internet
• Impersonation
• Connected Devices may get attacked
33. Wireless Network Security
What to do ?
• ChangeYour RouterAdmin Username and Password
• Hide your wireless router (if possible)
• Put strong password
• Set strongWi-Fi Network Key
Security Rank
WEP Basic
WPA Personal Strong
WPA2 Personal Strongest
34. Phishing
Is it fishing or phishing ?
“Well the motive is same but the targets are different”
35. Phishing
Definition
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and
credit card details (and, indirectly, money), often for malicious reasons, by disguising as a
trustworthy entity in an electronic communication.
What is the risk ?
• Install Malware
• Lock / Delete your data
• Use your machine to infect other machines
• Steal your personal information
• User your machine to launch cyber attacks
37. Phishing
What to do ?
• Learn to Identify Suspected Phishing Emails: They duplicate the image of a real
company, Copy the name of a company or an actual employee of the company.,
Include sites that are visually similar to a real business, Promote gifts, or the loss of
an existing account.
• Check the Source of Information From Incoming Mail:Your bank will never ask you
to send your passwords or personal information by mail. Never respond to these
questions, and if you have the slightest doubt, call your bank directly for
clarification.
• Never Go toYour Bank’sWebsite by Clicking on Links Included in Emails
• Enhance the Security ofYour Computer
• EnterYour Sensitive Data in SecureWebsites Only (‘https://’)
• Periodically CheckYour bank accounts to see any suspicious activity
• Phishing KnowsAll Languages: Phishing knows no boundaries, and can reach you
in any language. In general, they’re poorly written or translated, so this may be
another indicator that something is wrong.
• Have the Slightest Doubt, Do Not Risk It
38. Social media
Definition
Social media use web-based technologies, desktop computers and mobile technologies
(e.g., smartphones and tablet computers) to create highly interactive platforms through
which individuals, communities and organizations can share, co-create, discuss, and modify
user-generated content or pre-made content posted online
What is the risk ?
• IDTheft
• Social Profile Hacked
• Letting Burglars KnowYourWhereabouts
• Scams
• Malicious Apps
39. Social media
What to do ?
• Don’t put accurate personal information such as Date of Birth, Address etc.
• Have a strong password
• Be careful with your status updates.
• Don’t reveal your location.
• Check shortened links by hovering your mouse over them before clicking
• Activate “Do NotTrack” feature
• Avoid posting specific travel plans. Never post when, where, or how long you’ll be
gone.
• Wait until you are home to post pictures to a vacation album.
• Use highest privacy control. Only let certain groups, like a family group, view your
photos.
• Be selective with the status updates.You can use an audience-selector dropdown
menu on Facebook to choose certain groups to see your status updates.
Confidentiality
Confidentiality is the protection of information from unauthorized access. This goal of the CIA triad emphasizes the need for information protection. Confidentiality requires measures to ensure that only authorized people are allowed to access the information. For example, confidentiality is maintained for a computer file if authorized users are able to access it, while unauthorized persons are blocked from accessing it. Confidentiality in the CIA triad relates to information security because information security requires control on access to the protected information.
Integrity
The CIA triad goal of integrity is the condition where information is kept accurate and consistent unless authorized changes are made. It is possible for information to change because of careless access and use, errors in the information system, or unauthorized access and use. In the CIA triad, integrity is maintained when the information remains unchanged during storage, transmission, and usage not involving modification to the information. Integrity relates to information security because accurate and consistent information is a result of proper protection. The CIA triad requires information security measures to monitor and control authorized access, use, and transmission of information.
Availability
The CIA triad goal of availability is the situation where information is available when and where it is rightly needed. The main concern in the CIA triad is that the information should be available when authorized users need to access it. Availability is maintained when all components of the information system are working properly. Problems in the information system could make it impossible to access information, thereby making the information unavailable. In the CIA triad, availability is linked to information security because effective security measures protect system components and ensuring that information is available.
As the first process, authentication provides a way of identifying a user, typically by having the user enter a valid user name and valid password before access is granted. The process of authentication is based on each user having a unique set of criteria for gaining access. The AAA server compares a user's authentication credentials with other user credentials stored in a database. If the credentials match, the user is granted access to the network. If the credentials are at variance, authentication fails and network access is denied.
Following authentication, a user must gain authorization for doing certain tasks. After logging into a system, for instance, the user may try to issue commands. The authorization process determines whether the user has the authority to issue such commands. Simply put, authorization is the process of enforcing policies: determining what types or qualities of activities, resources, or services a user is permitted. Usually, authorization occurs within the context of authentication. Once you have authenticated a user, they may be authorized for different types of access or activity.
The final plank in the AAA framework is accounting, which measures the resources a user consumes during access. This can include the amount of system time or the amount of data a user has sent and/or received during a session. Accounting is carried out by logging of session statistics and usage information and is used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities.
the first known computer virus appeared in 1971 and was dubbed the "Creeper virus".[5] This computer virus infected Digital Equipment Corporation's (DEC) PDP-10 mainframe computers running the TENEX operating system.[6][7]
The Creeper virus was eventually deleted by a program created by Ray Tomlinson and known as "The Reaper".[8] Some people consider "The Reaper" the first antivirus software ever written
the first known computer virus appeared in 1971 and was dubbed the "Creeper virus".[5] This computer virus infected Digital Equipment Corporation's (DEC) PDP-10 mainframe computers running the TENEX operating system.[6][7]
The Creeper virus was eventually deleted by a program created by Ray Tomlinson and known as "The Reaper".[8] Some people consider "The Reaper" the first antivirus software ever written
Data loss can be a common experience of computer users; a 2008 survey found that 66% of respondents had lost files on their home PC.
Data loss can be a common experience of computer users; a 2008 survey found that 66% of respondents had lost files on their home PC.