CYBER SECURITY

IS INDIAN COUNTRY SAFE FROM

CYBERCRIMINALS?

TOPICS

What is Cyber Security

Common Types of Threats

Recognizing Threats

Prevention

Issues Unique to Indian Country

Questions

WHAT IS CYBER

SECURITY?

Protecting our computers, systems and data

the same way you protect your homes,

securing the doors and windows and

preventing intrusion.

Why are we concerned? Monetary loss, data

loss, system and computer damage.

CNET.com 12/5/2019

COMMON TYPES

OF THREATS

Viruses

Worms

Trojan Horses/Logic Bombs

Social Engineering

The .ishings

Ransomware

VIRUSES

A virus attaches itself to a program, file, or disk.

When the program is executed, the virus activates

and replicates itself.

The virus may be benign or malignant but executes

its payload at some point (often upon contact).

Viruses can cause computer crashes and loss of

data.

In order to recover or prevent virus attacks:

Avoid potentially unreliable websites/emails.

System Restore.

Re-install operating system.

Use and maintain anti-virus software.

WORMS

Independent program that

replicates itself and sends

copies from computer to

computer across network

connections.

Upon arrival, the worm may be

activated to replicate.

LOGIC BOMBS /

TROJAN HORSES

Logic Bomb: Malware logic executes upon

certain conditions. The program is often used

for otherwise legitimate reasons.

Examples: “If This Than That”

Software which malfunctions if maintenance fee is not paid.

Employee triggers a database erase when he is fired.

Trojan Horse: Masquerades as a benign

program while quietly destroying data or

damaging your system.

Download a game: It may be fun but contains hidden code that

gathers personal information without your knowledge.

SOCIAL

ENGINEERING

Social engineering manipulates people into performing

actions or divulging confidential information. Like a

confidence trick or simple fraud, the term applies to

the use of deception to gain information, commit

fraud, or access computer systems.

Phone calls, ex. IT Department, Vendor, Government,

etc.

In Person, ex. Personal questions to assist with

security questions.

Email, ex. Requesting bank account info.

THE .ISHINGS

Phishing

Spear Phishing

Smishing and Vishing

Whaling Phishing

PHISHING

Phishing is the fraudulent attempt to obtain sensitive

information such as usernames, passwords and credit

card details by disguising oneself as a trustworthy

entity in an electronic communication.

Usually email based.

Click on a link.

Open an attachment.

PHISHING EXAMPLES

SPEAR PHISHING

Spear phishing is an email or electronic

communications scam targeted towards a specific

individual, organization or business. Although often

intended to steal data for malicious purposes,

cybercriminals may also intend to install malware on a

targeted user’s computer.

Email based like Phishing Attack.

SMISHING AND

VISHING

Smishing and vishing are types of phishing attacks that

try to lure victims via SMS message and voice calls.

Both rely on the same emotional appeals employed in

traditional phishing scams and are designed to drive

you into urgent action. The difference is the delivery

method.

Both cell phone based.

Smishing-SMS Messages with malicious links. Ex.

update account or personal info, etc.

Vishing-Voice Call. Ex. Social Security, Jury Duty, IRS,

Accident, Police, Kidnapping scams.

SMISHING

EXAMPLE

WHALING

PHISHING

Whaling is a common cyber attack that occurs when

an attacker utilizes spear phishing methods to go after

a large, high-profile target, such as the c-suite.

Malicious actors know that executives and high-level

employees (like public spokespersons) can be savvy to

the usual roster of spam tactics; they may have

received extensive security awareness

training because of their public profile, and the

security team may have more stringent policies and

heftier tools in place to protect them. This leads

attackers who try to phish these targets to look

beyond the same old tried-and-true tactics to more

sophisticated, targeted methods.

WHALING PHISHING EMAIL EXAMPLE

RANSOMWARE

Ransomware is a of malware that encrypts documents, pictures and other files, making them unreadable. The attacker then holds the decryption key for ransom until you agree to pay money, usually through a method such as BitCoin, other digital currency, or gift cards.

Contact law enforcement.

Ransomware assumes that you’ll pay to recover your files – if you back them up regularly, you have no need to pay the ransom. However….

Computer systems can be “Locked” requiring the purchase of entire systems at significant cost.

“Cyber Insurance” may pay attacker to release data but could make you target for future attacks.

You can negotiate with hacker to reduce cost, don’t pay opening bid. Average cost to realease is $700.00.

No guarantee hacker will release data.

RANSOMWARE

DEMAND

INSTRUCTIONS

ADVANCE-FEE SCAMS

Most other email scams involve advance-fees and check fraud, attempting to gain your confidence to move money

on the criminal’s behalf.

Nigerian “419” (Nigerian Criminal Code) scams are the classic example – your help is needed to move a large

amount of money out of a foreign country because someone is ill, has died, or the country’s government is after

it. The victim wires money to assist and never receives anything in return.

New variations include job offers – a sizable wage is sent in advance for a low amount of work, deposited, then

requested to be transferred to another source for payment of some debt. Original check bounces and the victim

has just wired their own money to the criminal.

Precious metal, diamond, gold mine shares, etc.

EMAIL SECURITY

Email is one of the most common and most successful attacks on the internet. Recent statistics cite

up to 90% of successful attacks against businesses begin with a malicious email.

Emails can contain malicious files like virus and malware, link to malicious web sites, or try to coerce

or convince you to give away personal information, like your username and password.

Cybercriminals using email to attack businesses are becoming more and more effective at evading

detection – technology alone is only marginally effective at blocking these new email threats.

Thousands if not millions of emails can be sent in a key stroke, only one needs to work to make it

profitable, Law of Averages.

EMAIL DO’S AND DON’TS

Do: Always verify the sender of a message.

Always hover over web page links (URLs) in email messages to see where they link to – beware URL shortening services (like bit.ly) that may obscure the final web site destination.

Be skeptical of messages with odd spelling/grammar, improper logos or that ask you to upgrade or verify your account.

Report suspicious emails to IT Administrator.

Don’t: Open an attachment from an unknown sender. Consider the source and whether or not the file was

expected.

Click on a link from an unknown sender.

Email someone your username or password.

INDIAN COUNTRY ISSUES

Location

Resources (Investment made in hardening systems, training, etc.)

Wealthy Tribes Attractive Targets (Casino’s, Natural Resources, etc.)

Computer Dependent/Not Computer Dependent

Insider Threat (Any organizations problem.)

PREVENTION,

WHAT CAN YOU

DO

Virus/Malware

SoftwareFirewalls

Up to date software

Employee

Awareness and

Regular Training

Active

Countermeasure

Participate in MS-

ISAC and DHS

Programs

RESOURCES TO

LEARN MORE

DHS Webinar on YouTube

https://www.youtube.com/watch?v=D8kC07tu27A

HOW TO SIGN UP FOR MS-ISAC

https://learn.cisecurity.org/ms-isac-registration

It’s free of charge!

More than 40 tribal governments participate.

QUESTIONS?

Michael J. Donohoe (FBI-Retired)

Live Oak Investigations

P.O. Box 971

Jupiter, FL 33468

www.liveoakpi.com

mike@liveoakpi.com