FoothillDe Anza College Security Awareness Catherine Blackadar Nelson

Agenda • • • • Introduction Security In 2005 Vulnerabilities and Exploits Social Engineering and Identity Theft Physical Security Desktop/Laptop Security Data Classification and Protection File System Security Account and Password Security Protecting Your Network Wireless Best Practices FHDA Policy Contacting ETS Appendices Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 2

Introduction Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 3

How Secure is Secure enough? “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards. ” Gene Spafford Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 4

Security in 2005 Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved.

Global Internet Usage • What dot-com bust? Internet growth is still phenomenal! World Regions Population % of world Internet Usage Internet population penetration Usage % of world Usage Growth 2000 -2005 Africa 896, 721, 874 14. 0 % 23, 917, 500 2. 7 % 2. 5 % 429. 8 % Asia 3, 622, 994, 130 56. 4 % 332, 590, 713 9. 2 % 34. 2 % 191. 0 % Europe 804, 574, 696 12. 5 % 285, 408, 118 35. 5 % 29. 3 % 171. 6 % Middle East 187, 258, 006 2. 9 % 16, 163, 500 8. 6 % 1. 7 % 392. 1 % North America 328, 387, 059 5. 1 % 224, 103, 811 68. 2 % 23. 0 % 107. 3 % Latin America 546, 723, 509 8. 5 % 72, 953, 597 13. 3 % 7. 5 % 303. 8 % Oceania/ Australia 33, 448 0. 5 % 17, 690, 762 52. 9 % 1. 8 % 132. 2 % Totals 6, 420, 102, 722 100. 0 % 972, 828, 001 15. 2 % 100. 0 % 169. 5 % Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 6

The Macroscopic BGP Autonomous System Catherine B. Nelson © 2006 Cisco Systems, Inc. All

New People, New Systems = New Targets • 2004: 817 Million online • 2005: 972 Million online • 155 Million new people online • 155 Million new targets • 155 Million people who need to know about phishing, spyware, viruses, and patching Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 8

Online Crime and Costs • According to the FBI, Online crime in the US alone caused $67. 2 bn in damages last year • Cyber crime is more profitable than drug sales, $105 Billion – US Treasury Dept. December 29, 2005 • Of 2, 066 polled organizations, nearly 90 per cent experienced a computer security incident over the past 12 months • Over 64 per cent of the respondents incurred a financial loss as a result of the incident, at an average $24, 000 per case • Viruses (83. 7 per cent) and spyware (79. 5 per cent) posed the most common problems. Other incidents included port scans and data sabotage • Companies and individuals spent $18 billion on computersecurity hardware and software in 2005, up 19. 2% from 2004 Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 9

Vulnerabilities and Exploits Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved.

The Vulnerability Flood Continues • CERT/CC: 3, 780 vulnerabilities in 2004 http: //www. cert. org/stats/cert_stats. html • 5, 990 vulnerabilities in 2005, a 12% increase • The National Vulnerability Database (CVE) published avg 20 vulnerabilities per day • SANS Top 20 now includes network devices, Macintosh, Mozilla, application-level, security software and other non-Windows, non-UNIX issues http: //www. sans. org/top 20/ Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 11

Vulnerabilities are being exploited faster Patch: MS 05 -051 Oct 11, 2005 MSTDC /COM+ 0 Days Patch: MS 04 -011 Apr. 13 th, 2004 Apr. 30, 2004 Sasser. A 17 Days Patch: MS 03 -026 Jul. 16, 2003 Aug. 11, 2003 MSBlaster. A 26 Days Patch: MS 00 -078 Oct. 17, 2000 Sept. 18, 2001 336 Days Nimda Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 12

2005 in Viruses and Malware • Virus infections down 50%, even though number of viruses grew 40%. Anti-virus efforts seem to be working • There were only six major outbreaks in 2005, vs 33 in 2004 • But the threat is becoming more aggressive, 97% of the hosts got infected with slammer the first 15 minutes • But is “The death of the global computer virus” good news? • Motivations of virus writers have changed. “Noisy” viruses and worms do not create useful botnets or spam relays Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 13

There are New Targets and Attackers • Viruses now in the wild for mobile phones • Some are past the ‘proof-of concept’ stage • Cabir was found on mobile phones in 23 countries, tens of thousands infected • Trojans have been found for the Nintendo DS and the PSP Skulls. l, a Symbian phone virus • Sony compromised machines on ~568, 200 networks Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 14

Viruses, Worms, Trojans, Bots & Spyware What is the difference and how do they work? • • • Virus – executable bad code, that needs you to do some action to activate and propagate it Worm – can activate and propagate by itself Trojan – backdoor program installed on the system Bot – automated program, often dormant, installed on system to be activated at a later time action Spyware – sends info back to mothership about you and your uses What type of damage can they cause? • Loss of data, stolen passwords & personal info • Damage to the system • Installation of programs for nefarious purposes • Use of system for CPU power and propagation Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 15

Viruses, Worms, Trojans, Bots & Spyware cont. How do they get on my computer? • Downloading from the internet • Visiting bad Websites • Opening Email attachments • Using Filesharing programs • Through software and OS vulnerabilities How do I stop them? • Stay on top of system updates/patches • Stay on top of virus updates • Cleaning programs (Ad aware, Spybot) Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 16

Virus Specific snap shots Mac/Windows Norton Updater See Appendices A&B for Virus update details

Social Engineering & Identity Theft Catherine B. Nelson © 2006 Cisco Systems, Inc. All

Beware the Social Engineer! • Social engineering is still the #1 way to bypass security • Be suspicious if anybody asks you for: Your password Credit card numbers Your co-workers names/extensions Your salary Information about your projects • Be suspicious if anybody calls claiming to represent management or to know a colleague Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 19

Privacy Takes Center Stage • Privacy and identity theft is a hot issue • 130 major breaches exposed the information for 55 million people • Disclosure laws having an effect and becoming more prominent • Phishing and pharming attacks grew, and have started to target non-US, non-English speakers • Education and vigilance are still the best ways to maintain privacy AFP published this untouched photograph of a Hurricane Katrina evacuee and her debit card. What happened next was no surprise Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 20

Identity Theft • What is Identity Theft, Phishing, Pharming? • What makes a site secure? – Data transmission – Data Storage • How do I protect myself and my confidential data while using the Internet? – Entering credit cards and personal data – Protect confidential email’s with encryption – Protect personal databases with encryption • Keep secure personal practices off the Internet (mailboxes, document disposal, providing information over phone, paper etc) Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 21

Your Role In Security… Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights

Physical Security Physical access to equipment means “game over” • The main computer center, and other secured areas, Admissions and Records, information systems, any secure voice data closet, need a card/key • If someone needs access like a vendor, call ETS for access. • Don’t prop open doors or let people in behind you • Challenge strangers - if you are uncomfortable with this, call campus police FH x 7313, DA x 5555 • Escort all visitors all the time Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 23

Desktop/Laptop Security Protecting data on your systems is as important as physical protection To minimize risk to your data: • Maintain your system properly 1. Run a standardized operating system image on your computer 2. Use provided security tools for additional protection 3. Make sure your system stays updated with current patches 4. Never turn off virus checking and keep it updated Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 24

Desktop/Laptop Security cont. • Screen Lock your system when you walk away from your desk • Physically lock all computers (including laptops) to your desk with a lock cable. ETS will help with this • Shut down your computer when you leave • If you use sleep mode – make sure you use a password • Keep track of portable devices such as PDAs and smart phones, MP 3 players, PSPs, USB Keys • Be very careful with systems used both at home and work • Control the media you back up to. ETS is looking at a centralized way to do this for future Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 25

Data Classification and Protection • • • Public: Open to the public Confidential: Information that is okay for FHDA staff and general college. This might be college processes, policy etc. Private: Information limited to a need to know only basis - student grades/records, performance reviews, any personnel information • What happens if the data becomes lost or stolen • What happens if the data becomes unavailable • What happens if the data becomes modified • Contact the call center to help protect any private data Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 26

File Security • File sharing is dangerous • Do not leave open file shares on your computer • If you must share a file only do it when needed, then turn it off • Don’t use file-sharing tools (Morpheus, Kazaa, Limewire etc. ) on the network • Do not down load music and movies or have file sharing servers Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 27

Account and Password Security • Why is protecting your account and password so important? • How can a weak or missing password be exploited? • Everyone has their own account – it’s your personal identity – don’t share it! • Nobody is allowed to know your password except you Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 28

Good Password Practices • Password cracker can do 65, 000 words per second • 25% of the passwords are “crackable” – don’t be one of them • Choose good passwords • Change them often • Keep them a secret! - Don’t write them down • Use different passwords for work and home • Put a good password on all Guest and Admin accounts Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 29

Choosing Good Passwords • Don’t have a password that contains a word that might be found in any dictionary (any language) or personal information • Minimum of eight characters, uses letters (both cases), numbers, punctuation, and isn’t a recognizable pattern. • Use a song lyric or phrase as a mnemonic to remember… • Use number/character substitution for. (“ 5” for “s”, “@” for “a”, “ 7” for “t” etc. ) • “Just Sit Right Back And You’ll Hear a Tale” becomes “J 5>b&Yh@7” – and you can’t forget this so long as you remember the Gilligan’s Island theme. Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 30

Protecting Your Network • You are allowed unlimited access to the Internet - be responsible! • Do not put the college at risk by bad behavior on the Internet • Do not post information that may be confidential, illegal, or violate privacy laws • Do not download software that is dangerous, or violates copyright laws • Do not unplug lab machines and connect personal machines. Report it if you see it to ETS or police • Don’t bring in hubs for extra ports – this can bring down networks, and be hard to track down • Do not use the system for large uploads or downloads • Don’t use it for personal or any type of business Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 31

Wireless • Access point vs. wireless on your laptop • There a small number of hotspots for specific classrooms on both campuses and also some guest access at the KCI at Foothill • It is important not to hook up rogue wireless devices • Be aware of wireless at home. Make sure it is properly secured • Cities, airports, hotels and internet café’s are actively installing hotspots and these can be dangerous Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 32

Best Practices • Patch your systems • Use antivirus software • Use a firewall at home, ETS manages firewalls for FHDA • Use good passwords and change often • Beware the social engineer, via email, snailmail, your PSP/phone or a party • Shred your documents • Protect your wireless • Be careful traveling • … And don’t panic Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 33

Good Internet Practices • Internet Cafés, airports, public terminals, public Wi. Fi networks, Internet telephony can be dangerous • Be wary of any service that provides something automatically to your computer – data storage backups – auto updating services • Search engines, like Google, Yahoo, store everything, and once posted on the net, can find anything • Think before you click! – E-mail attachments can contain viruses – Think before you visit any site or download any software – Make sure it’s what you think it is and from a trusted source Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 34

Learning About FHDA Policy It’s your responsibility to become familiar with the FHDA Network and Computer Use policy http: //ets. fhda. edu/etac/stories/story. Reader$151 The policy covers proper use of : • Proper network and Internet use • Computer and communication systems usage • Voicemail, email and telephones usage • Harassment • Commercial use Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 35

Contact ETS when …you suspect FHDA confidential information has been compromised …you suspect that your computer or network has been hacked (or is being attacked!) …you are adding a new machines, labs, or networking equipment …you need help updating your operating system …you need help with getting patches, updates …making sure your virus checker is up to date …you want to clean off spyware ETS contact info: techhelp@FHDA. edu, x 8324(tech), ETS. FHDA. EDU Catherine B. Nelson © 2006 Cisco Systems, Inc. All rights reserved. 36