think before you click!
DESCRIPTION
THINK BEFORE YOU CLICK!. Cyber Security is everybody’s responsibility. Don Winaker Network Security Manager [email protected]. We know what those thieves are after. But Johns Hopkins isn’t a store or a bank. What would people want to steal from us?. - PowerPoint PPT PresentationTRANSCRIPT
THINK BEFORE YOU CLICK!
Cyber Security is everybody’s responsibility
Don WinakerNetwork Security [email protected]
We know what those thieves are after. But Johns Hopkins isn’t a store or a bank. What would people want to steal from us?
Johns Hopkins has technology in place that deflects many attacks
84.2% of all incoming email messages are dropped due to SPAM, viruses, phishing, etc.
Inbound network connections blockeddue to malware*
Per Day: 4,000,068Per Hour: 166,669Per Second: 46
Per Day: 88,405Per Hour: 3,684Per Second: 1
Unauthorized attemptsto access our internal networks blocked
Per Day: 75,545,460 Per Hour: 3,147,727Per Second: 874
Outbound network connections blockeddue to malware*
Per Day: 882,310 Per Hour: 36,763Per Second: 10
Technology is great and has made our lives and jobs easier, but …
Technical Tools
Can’t reason or exercise judgment
Can only detect broad trends
Must quickly sort through more than 2 billion daily events
Have to be configured, monitored, and maintained by … people!
Technology can provide prevention and detection
Is this enough ?
What is Johns Hopkins Network Security doing today ?
Extensive Deployment of Cisco Firewalls Automated Blacklisting Nessus Vulnerability scanning Sourcefire Intrusion Detection and Prevention
systems installed JWatch – Intel Security incident and Event
Management LanCope – network traffic flow monitoring
People are the first and most important line of cyber defense
Humans Can make connections between different pieces of
information that don’t seem related but indicate a trend
Can recognize when seemingly normal behavior just doesn’t look or sound quite right
Can adapt quickly to new information and emerging attacks and threats
Provide a principal preventive control
Technology can’t do it all
People hold the keys to the kingdom
What are the most common types of attack?
Social EngineeringPhishingMalware
If you know where to look and have the right level of access, vast amounts of information are available with just one click
How do cyber criminals try to get information from us?
SOCIAL ENGINEERING Type of confidence trick or con job
Uses psychological manipulation to trick people to bypass normal security procedures
Often relies on natural helpfulness of people
One step in a more complex fraud scheme
From 2009-2011, 48% of large businesses suffered attacks costing between $25,000-$100,000 per incident
How do cyber criminals try to get our login credentials?
PHISHING SPEAR PHISHING Often sent in an email
Pretends to be from an official source
Directs users to enter credentials into a fake web site
Warn or threaten of consequences for failure to act
Targeted phishing attack
Attacker has specific target in mind
Uses details about the target to sound more legitimate
May present a problem and try to elicit sympathy and get a helpful response
Be skeptical when you read email
How can you tell if it’s phishing? Asks you to reply to an email or go to a web site and enter
in personally identifiable information
Asks you to click a link to install software (malware)
Directs you to a URL that is not a Johns Hopkins address (but might look like one) or starts with an IP address
Creates a sense of urgency by warning or threatening that something bad will happen if you don’t comply
Is badly written, including misspelled words or poor grammar
Phishing email examples
If you never fall for a phishing attack then you are safe, right?
MALicious SoftWAREGets installed on your system and performs
unwanted tasksDesigned to disrupt, damage, steal
information, take control, create botsMany different types:
◦ Virus and worm (infectious)◦ Rootkit, Trojan Horse, Backdoor (RAT – remote
access tool)◦ Keylogger, Spyware (steal information)◦ Ransomeware (extortion)◦ Dialer, Adware (generate funds)◦ Hybrids and variations
You could usually avoid malware if you were careful with your email
But not anymore
90% of malware comes from web browsing today – only 6% comes from email
The biggest threat to corporate networks is employees clicking on infected web pages
A 'drive-by-download' attack is a malware delivery technique that is triggered just because you visited a website. You don’t need to click or accept any software, and the malicious code can download in the background to your device.
Anatomy of the NBC.com Infection
Drive-by download attackOne of the top 600 most popular web sites on
the Internet – Law of Large NumbersUsed the RedKit exploit kit to look for vulnerable
versions of Adobe Reader, Acrobat, JavaVulnerable computers were infected with
malware:◦ Citadel (spyware) targets financial account details◦ ZeroAccess (adware) generates fake pay-per-view
revenues for botnet controllers or their clientsThis version of Citadel was at the time only
recognized by 3 out of the 46 antivirus programs on virustotal.com
McAfee Labs catalogs 100,000 new malware samples every day -
69 new pieces of malware a minute!
But I’m safe since I only visitlegitimate web sites!
Number of unsafe websites detected by GoogleGoogle blocks 10,000 per day, and 42,000 new malware sites are detected each week
Mainstream Websites More Likely to Harbor Malware
1. Blogs 19.8%2. Web hosting 15.6%3. Business and economy 10%4. Shopping 7.7%5. Education and reference 6.9%6. Technology, computer, Internet 6.9%7. Entertainment and music 3.8% 8. Automotive 3.8%9. Health and medicine 2.7%10. Porn 2.4%
Top 10 Infected Web Site Types
80% are legitimate sites
2013 Cisco Annual Security Report
Malware Bottom Line
• Keep application and operating system patches up-to-date
• Don’t click on unknown links or attachments
• Don’t trust sites that ask for your cell phone number or require you to create a login account
• Keep anti-virus/anti-spyware up to date
The internet is overwhelmingly a
power for good It provides cheap and easy access every moment of every day to vast amounts of information and entertainment, and it is transforming the nature of government and commerce.
However …
You hold the keys to the kingdom
THINK BEFORE YOU CLICK!
Cyber Security is everybody’s responsibility
Questions?
Don WinakerNetwork Security [email protected]