2. Security…what is it and why do we
need it?
• Kizza defines security as “…a means to prevent
unauthorized access, use, alteration, and theft
or physical damage to property.” (Kizza, 2010)
• only “6 incidents in 1988” (Kizza, 2010).
• it is estimated that “34,754 incidents’ of
computer crimes reported between Q1-Q3”
(Kizza, 2010)
• That’s a 5792 percent increase in 13 years!
3. Protecting yourself
• Most common types of security:
– Passwords
– Anti-virus/spyware/malware
– Social engineering the new threat!
4. HATE MALWARE?
• Have you ever encountered viruses, Trojan
Horses, hacked backgrounds, malware and
false positives, or scare ware.
• If you haven’t heard of these terms give your
wallets/purses to a stranger
• Consequences of ignorance:
– Identity theft
– Corrupted files
– Theft of personal data
5. Is this your password?
• If for any reason you see your • Nicole
password here please change • Daniel
it: • babygirl
• 123456 • monkey
• 12345 • Jessica
• 123456789 • lovely
• password • Michael
• i love you • 654321
• princess • Ashley
• rockyou • Qwertz
• 1234567 • Source: (Stine1, 2010)
• 12345678, • These are one fifth of all
• abc123, passwords in use
6. Complex passwords: How To
• “An ideal password is long and • “Complex passwords are
has letters, punctuation,
symbols, and numbers.” safer.
(Microsoft) • Complexpasswordsaresafer.
• “Start with a sentence or two.
• Remove the space between
• ComplekspasswordsRsafer.
the words in the sentence. • ComplekspasswordsRsafer2
• Turn words into shorthand or 011.”
intentionally misspell a word.
• Add length with numbers. Put
numbers that are meaningful
to you after the sentence.”
(Microsoft)
• Personal recommendation add
special characters: &*%#*
7. Why do we need Anti-Virus?
• Kizza defines a computer virus as “A computer
virus, defined as a self-propagating computer
program designed to alter or destroy a
computer system resource…” (Kizza, 2010).
• It gets worse according to PRLog “… in 2008, it
was estimated the number of known
computer viruses stood at in excess of 1
million, an increase of 468 per cent on the
previous year…” (PRLog, 2011)
8. Why do we need Anti-Virus? (cont.)
• How bad is it really?
• “Figures suggest at least five malware samples
emerge on the Internet every two minutes
and 15 to 20 new Trojans are released every
half an hour.” (PRLog, 2011)
• That’s 3600 new malware samples and 720 to
960 Trojans in one day!
9. Financial Help
• Anti-virus is very cheap
• “30-50 dollars (basic) to 60-80 dollars
(comprehensive)” (CostHelper, 2011)
• Cost effective
• “Virus & Spyware Removal: $199.99” (Geek
Squad).
• 120 dollar savings
10. Social Engineering or how to hack a
human
• “We define it as the act of manipulating a person to
accomplish goals that may or may not be in the
“target’s” best interest. This may include obtaining
information, gaining access, or getting the target to
take certain action.” (Social Engineer)
• “Virus writers use social engineering tactics to
persuade people to run malware-laden email
attachments, phishers use social engineering to
convince people to divulge sensitive information, and
scareware vendors use social engineering to frighten
people into running software that is useless at best and
dangerous at worst.” (Search Security, 2011)
12. The myth of cyber security
• "The only thing you can do is build the fence
higher and higher so that eventually it's not
worth it to climb over." (Goldman, 2011).
• Basically don’t make it easy the harder a
target you are the less they’ll want to try
13. Notable Attacks
• This is not meant to scare you however
• NASDAQ computers have been penetrated
• "So far, [the perpetrators] appear to have just
been looking around," said one person involved
in the Nasdaq matter. Another person familiar
with the case said the incidents were, for a
computer network, the equivalent of someone
sneaking into a house and walking around but—
apparently, so far—not taking or tampering with
anything.” (Barrett, 2011)
14. CA Hacking
• A CA (certification authority) was hacked by
an independent Iranian student loyalist.
• Certification authorities are organizations that
certify if a site is trustworthy or not so you can
ensure your data is safe, secure, and
confidential
15. Hard to say goodbye
• After such an eventful and exciting
presentation this report leaves you with one
last thought
• If we go forth with a vigilant, aware, and
renewed spirit in security we can hopefully
one day take back the privacy of our data and
end this age of fear and uncertainty.
16. Questions
• Do you feel we will ever be 100% secure?
• Do you think companies are doing enough to
protect data?
• What security measures/software do you
employ?
• What do you think of social engineering
17. Works Cited
• Barrett, D. (2011, February 5). Hackers Penetrate Nasdaq Computers. Retrieved November 13,
2011, from WSJ.com:
http://online.wsj.com/article/SB10001424052748704709304576124502351634690.html
• Bright, P. (2011, March 28). Independent Iranian Hacker Claims Responsibility for Comodo Hack.
Retrieved November 13, 2011, from Wired.com:
http://www.wired.com/threatlevel/2011/03/comodo_hack/
• CostHelper. (2011, June). Anti-Virus Software Cost. Retrieved November 6, 2011, from CostHelper:
http://www.costhelper.com/cost/computers/anti-virus-software.html
• Geek Squad. (n.d.). Virus & Spyware Removal . Retrieved November 6, 2011, from Geek Squad:
http://www.geeksquad.com/services/computers-networking/virus-and-spyware-removal.aspx
• Goldman, D. (2011, August 5). Online security doesn't exist . Retrieved November 13, 2011, from
CNNMoney.com:
http://money.cnn.com/2011/08/05/technology/cybersecurity_myth/index.htm?source=yahoo_quo
te
• Kizza, J. M. (2010). Ethical and Social Issues in the Information Age. London: Springer.
• Microsoft. (n.d.). Create Strong Passwords. Retrieved November 6, 2011, from Microsoft.com:
http://www.microsoft.com/security/online-privacy/passwords-create.aspx
18. Works Cited
• PRLog. (2011, July 24). Number of known computer viruses exceeds
1 million. Retrieved November 6, 2011, from PRLog:
http://www.prlog.org/10814398-number-of-known-computer-
viruses-exceeds-1-million.html
• Search Security. (2011, March). What is Social Engineering.
Retrieved November 6, 2011, from Search Security:
http://searchsecurity.techtarget.com/definition/social-engineering
• Social Engineer. (n.d.). The Official Social Engineering Portal.
Retrieved November 2011, 6, from Social Engineering:
http://www.social-engineer.org/
• Stine1. (2010, November 3). 20 Worst and Most used Passwords.
Retrieved November 6th, 2011, from Computer Sight:
http://computersight.com/communication-networks/security/the-
20-worst-and-most-used-passwords/