computer & internet safety
DESCRIPTION
Computer & Internet Safety. David Greenop & Rob Richardson Saxilby U3A Science & Technology Group. Why This Talk. We have became very dependent on information and communications technologies, we are also becoming increasingly vulnerable to a plague of what has come to be called "malware". - PowerPoint PPT PresentationTRANSCRIPT
Computer & Internet Safety
David Greenop & Rob Richardson
Saxilby U3A Science & Technology Group
Why This Talk
We have became very dependent on information and communications technologies, we are also becoming increasingly vulnerable to a plague of what has come to be called "malware". None of us are safe!
Content
What is MalwareHistorical PerspectiveThe different types of Malware attacksWhy our computers are vulnerableWhat protection do we need?Computer & Internet Safety AdviceHow to protect our online identitySocial Networking
What is Malware
The generic expression Malware (Malicious) is used to mean any form of hostile, intrusive, or annoying software program designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access to computer resources, and other abusive behaviour.
What is MalwareSpecifically:computer viruses, worms, Trojan horses, spyware, dishonest adware, scareware, crimeware, root kits,Botnets.
Scale of Malware Problem
New Malware programs are growing at 400% per year, there are over 1.5 million known programs.
Its is no longer young idealistic hackers but criminal gangs using sophisticated technologies to beat the anti-malware programs.
Viruses17%
Worms8%
Adware2%
Backdoor2%
Spyware0%
Others1%
Trojan Horses
70%
Chart Title
From Panda Security March 2011
Mathematician John von Neumann postulated that a computer program could reproduce itself.
He demonstrated this without the aid of computers, constructing the first self-replicating automata with pencil and graph paper
Theory of self-reproducing automata - 1949
ENIAC (Electronic Numerical Integrator And Computer) was the first general-purpose electronic computer
“Creeper virus” written by Bob Thomas in 1971 whilst working on Arpanet. It was an experimental, self-replicating program that infected DEC PDP-10 mini-computers. Someone else wrote a program to detect and delete it, called the “reaper".
"Elk Cloner" written in 1981 by Richard Skrenta (age 15) was the first computer virus to appear "in the wild“. It attached itself to the Apple DOS 3.3 operating system and spread via floppy disk.
Early Computer Viruses
"I'm the creeper, catch me if you can!“
With the arrival of the IBM PC running MS DOS in 1981 there followed a big increase in viruses mostly spread by floppy disks.
Viruses spread by infecting programs stored on floppy disks, or installed themselves into the disk boot sector.
By the late 1980s, there was a big in increase in Trojan horse malware driven by the increase in Bulletin board systems, modem use, and software sharing and the Internet
Early Computer Viruses
In the mid-1990’s macro viruses become common.
Most of these viruses are written in the scripting languages for Microsoft Office programs such as Word and Excel and spread by infecting documents and spreadsheets.
Microsoft Outlook & Outlook Express where particularly vulnerable and viruses installed when opening attachments.
Many could also spread to Apple Macintosh computers.
MS Office Macro Viruses
Internet & Web breeding ground of MalwarePopularity of the Internet from
early 1990’s facilitated the spread of malware
Security not implicitly built into Internet & Web protocols at start
Infections on webpage'sPoorly written computer codeAppearance of object
orientated code & API’sGlobal Predominance of
Windows operating systemIgnorance of users & unsafe
activities
Step 1: A virus must be permitted to execute code and write to memory
Step 2: Virus attaches itself to executable files that may be part of legitimate programs
Step 3: User launches an infected program and the virus' code will be executed simultaneously
Step 4: The virus stays active in the background and infects new hosts
Infection Strategies
Like biological viruses there are fast & slow infections depending on perpetrators objectives!
Viruses can be attached to many file formats including pictures which a user opens unaware.
In order to replicate:
Anti-Virus Software Strategies
1. Virus signatures: Scan for strings of viral code in memory and files and then compare against a database of known virus "signatures".
2. Heuristic algorithm: This method uses common virus behaviours to identify an intruder. This method can detect novel viruses that anti-virus security firms have yet to create a signature for.
Two most common form of anti-virus protection:
Whose Winning the Malware War?
Stealth: anti-virus programs themselves can become a vector for spreading infections.
Encryption: simple encryption used to encipher the virus. - the virus consists of a small decrypting module and an encrypted copy of the virus code
Self-modification: to avoid detection viruses rewrite themselves completely each time they infect new files
Malware creators are using increasingly sophisticated viruses and new vectors of infection.
Vulnerability of operating systems to Malware
No Operating System is Totally Secure
What Malware Protection is required?
Is Free Software any good?
Resident ShieldAnti- Virus scannerEmail ScannerAnti-spywareRootkit scannerAdware scannerSafe web browsingFirewall
Computer & Internet Safety Advice
Good PracticesBroadband
EquipmentComputer
HousekeepingEmailWeb browsingPasswordsAway from homeE-commerceYour on-line identity
Computer & Internet Safety Advice
Turn your computer off if not in use
Secure User Accounts with passwords
Install Anti-virus & firewall software
Set Windows for Automatic Updates
Close applications when you finish
Regular computer housekeeping
Good Practices
Computer & Internet Safety Advice
Use a home wired / wireless router with NAT & firewall
Change Admin passwordsUse wireless security,
preferably WPA optionConsider turning on
“Guest Network” if available
Only use trusted Wi-Fi outside the home
Broadband
Computer & Internet Safety Advice
Check that anti-virus, firewall software is up to date
Check operating system updates are installed
Check for updates to web browser
Run anti-virus & malware scanner
Run cleanup program to remove temp files and check registry
Backup important data files
Housekeeping
Computer & Internet Safety Advice
Avoid using Outlook or Outlook Express
Consider using on-line email accounts or clients like Eudora, Mozilla Thunderbird
Turn off HTML e-mail Don't trust the "From" address.Delete spam without reading it. Don't trust unsolicited e-mailsDon't open messages with file
attachments Don't open cartoons, videos and
similarNever click web links in e-mailsNever send personal details, bank
account info, usernames, passwords etc. by email.
Computer & Internet Safety Advice
Don’t use a password based on personal details
For high-security web sites such as banks, create random passwords > 8 characters and write them down
Keep your passwords as if a valuable
Don't let web browsers store passwords for you.
Never type a password you care about, such as for a bank account, into a non-SSL encrypted page.
Consider using a secure “Password Safe” on your computer.
Passwords
Computer & Internet Safety Advice
Use Firefox, Opera, Safari in preference to Internet Explorer
Block pop-up windowsAlways check web addressDon’t let browsers store
passwordsCheck for SSL padlock if on
secured encrypted sites – banks etc,
Think before providing personal information
Web Browsing
Computer & Internet Safety Advice
Do not have personalised information on device
Ensure user access is password protected.
Do have a personal firewall installed.
Ensure that peer-to-peer wireless networking is turned off.
Do not trust Wi-Fi hotspots – some free access ones are there to invade and snatch data from your computer.
Think before putting somebody's USB memory sticks or SD cards into your computer
Away From Home
Computer & Internet Safety Advice
Online Auction sites – ebayBuying:
Check the reviews of sellersAsk yourself whether the price is
reasonable – fraud!Use a PayPal account – do not use
bank transfersCheck thoroughly the sellers terms
& conditions.Selling:
Remember Ebay is not a car boot-sellYou are committing to a contract of
sell and your reputation is at riskYou may liable for tax
E-Commerce
Computer & Internet Safety Advice
How much information should I share on-line?
Social NetworkingManaging&
securing your personal online information profile
Your Identity On-Line
Thank You&
Remember