Computers in Society 12/1/2018.

Slides:



Advertisements
Similar presentations
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Advertisements

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Houston, We Have a Problem. When Things go Wrong Ed Carter & Steve Hoffer Information Security Office Ohio University.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
22 November Security and Privacy  Security: the protection of data, networks and computing power  Privacy: complying with a person's desires when.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Wonga example Register Question- What risks do you think businesses face due to IT developments?
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Cyber Crime & Security Raghunath M D BSNL Mobile Services,
Cyber Crimes.
Protecting Your Information Assets
Viruses & Destructive Programs
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Denial-of-Service Attacks Justin Steele Definition “A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Internet Fraud Complaint. Internet fraud refers to any type of frauds that take place due to the use of internet.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Topic 5: Basic Security.
Cybercrime What is it, what does it cost, & how is it regulated?
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
MANAGING RISK. CYBER CRIME The use of the internet and developments in IT bring with it a risk of cyber crime. Credit card details are stolen, hackers.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Cybersecurity Test Review Introduction to Digital Technology.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Issues for Computer Users, Electronic Devices, Computer and Safety.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
NETWORK SECURITY. What do you see THE IMPORTANCE OF SECURITY THE ARE WEBSITES ON THE INTERNET COULD INFORM PEOPLE THE RANGE AND AVAILABLE UNSECURED SITES.
Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.
Technical Implementation: Security Risks
Security Risks Todays Lesson Security Risks Security Precautions
Lesson 10A: The Three D’s of Identify Theft
Digital Security Identity theft Copyright Laws Plagiarism, and More.
Done by… Hanoof Al-Khaldi Information Assurance
Instructor Materials Chapter 6 Building a Home Network
GCSE ICT SECURITY THREATS.
Computer Security INSM 180- Belasco Bryant and Stratton Fall 2011
IT Security  .
Instructor Materials Chapter 7 Network Security
A Project on CYBER SECURITY
“Can You See Me Now?” Shining the Light On Hackers & Identity Thieves
Securing A Wireless Network
Wireless Network Security
I S P S loss Prevention.
Tax Identity Theft Presenter Date
Information Security 101 Richard Davis, Rob Laltrello.
Phishing is a form of social engineering that attempts to steal sensitive information.
Protect Your Computer Against Harmful Attacks!
Information Technology Services Education and Awareness Team
Wireless Security.
Chapter 7 Connecting to the Internet
Information Security Session October 24, 2005
Chapter 6 Networks Communicating and Sharing Resources
Protecting Yourself from Fraud including Identity Theft
HOW DO I KEEP MY COMPUTER SAFE?
Computer Security.
Protecting Yourself from Fraud including Identity Theft
Information Technology Services Education and Awareness Team
Securing your system, protecting your digital data and devices.
Security in mobile technologies
Wireless Spoofing Attacks on Mobile Devices
ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.
Protecting Yourself from Fraud including Identity Theft
Identity Theft By Omer Ersen.
Identity Theft Samuel H. Slater.
Presentation transcript:

Computers in Society 12/1/2018

Introduction Gary Thomas Sr. Computer Fraud Investigator Corp Fraud Investigative Services Wachovia Corp 12/1/2018

Topics of Discussion IC3 Internet White Collar Crime Unit Phishing Denial of Service Attacks Wireless (WI-FI) US Federal Code Title 18 12/1/2018

Internet White Collar Crime Unit IC3 Internet White Collar Crime Unit Internet Crime Complaint Center http://www.ic3.gov/  The Internet Fraud Complaint Center (IFCC) was established as a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to serve as a means to address Internet related criminal complaints, research these complaints, develop and refer the criminal complaints to law enforcement agencies for any investigation they deem to be appropriate.   The IFCC continues to emphasize serving the broader law enforcement community, which includes Federal, State, and local agencies.  Crime Partnerships  INFRAGARD FBI USS Local law enforcements 12/1/2018

Phishing Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to Fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them. 12/1/2018

Phishing Example Ebay People bid on objects. When it becomes apparent they were out bid they are approached via email to purchase the object that they bid on but cheaper than it was auctioned off for. They make arrangements to pay for the object they give up their credit card numbers and other personal information. The people pay for the objects, but they never receive them. The communications appears to have the Ebay logo and formats normally seen on the Ebay site. 12/1/2018

Phishing Site Captured ! Wachovia Phishing Site Captured ! 12/1/2018

Denial of Service Attacks (Distributed Denial of Service Attack DDOS) A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include attempts to "flood" a network, thereby preventing legitimate network traffic attempts to disrupt connections between two machines, thereby preventing access to a service attempts to prevent a particular individual from accessing a service attempts to disrupt service to a specific system or person 12/1/2018

DOS & DDOS Attacks Denial-of-service (DOS) or Distributed Denial-of-service attacks (DDOS) can essentially disable your computer or your network.   Depending on the nature of your enterprise, this can effectively disable your organization. Some denial-of-service attacks can be executed with limited resources against a large, sophisticated site. This type of attack is sometimes called an "asymmetric attack." For example, an attacker with an old PC and a slow modem may be able to disable much faster and more sophisticated machines or networks. 12/1/2018

Methods of Attack Bots – Zombie PC’s Trojans –DDOS- Smurf attack This is a DDOS Attack tool, used by a attacker to send a specified number of data packets to a victim. A hacker can control both of these attacks remotely.   Virus – Code Red Exploited MS OS’s used mathematic algorithm to generate IP addresses to attack. NOTE: First variant of Code Red’s Algorithm code was flawed and only specific IP address ranges were exploited. Once the author found out the algorithm was flawed, he/she corrected the code and the code traversed the world in a matter of hours. 12/1/2018

Wireless WI-FI What is war driving ? Imagine a car equipped with nothing more than a laptop computer, a portable GPS receiver, and a wireless network card slowly strolls through your neighborhood ! 12/1/2018

What is the War-driver doing ? The computer is looking for what is called an SSID. An SSID is your wireless network name and it is being constantly transmitted by your access point letting computers know of its presence. Transmitting SSID’s will improve network access times, but be aware of the trade off ! 12/1/2018

What can the War-driver see ? WI-FI programs can track several access points at the same time and are able to: ·   Identify the SSID (if being broadcast) ·   Monitor the signal strength ·   Check to see if the network is encrypted. ·   Obtain the IP address ·   Obtain the MAC address ·   The war-driver will generally configure his or her software to log any strong unencrypted signals even using a GPS receiver to record and log the coordinates of the strong signal. 12/1/2018

Steps to Protect your WI-FI !   Do not broadcast (turn off) transmitting your SSID If you must use the SSID, change it from the default value. MAC addresses on a Wireless Access Point (issue) – Specific types / wireless hardware vendors are assigned specific MAC address ranges. Wireless scanning software can identify the MAC and thus a experienced war-drive can then associate the MAC with a specific hardware device. The next thing they will do is to try to exploit the access point using known hardware and software exploits. 12/1/2018

Steps to Protect your WI-FI ! Configure the WI-FI access point to only accept connection with known MAC addresses. (your computers) Use some type of Firewall and configure at a high level Use Encryption (the highest WEP level available 64 or 128 bit)   Turn off File Sharing Given enough time, using Brut Force attacks, a hacker may be able to access your wireless network. 12/1/2018

Example of War-driving Lowe’s (public record) Correct Configurations setups are a must or you ‘will’ loose your identity !   12/1/2018

Internet Firewalls (Hardware & Software) importance of using Firewalls View defaults, change the configurations passwords   Anonymizers – what they are, and how they work. 12/1/2018

Computers and the Law Is it cool to access another computer without the person knowing ? What about Remote Access software ? What about Hacking another PC ? What about stealing another person’s userid and password ? What about Government and Financial institutions ? 12/1/2018

Title 18 Federal Codes 12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

12/1/2018

Title 18 Section 1030 – DOJ Detail http://assembler.law.cornell.edu/uscode/ Title 18 Section 1030 – DOJ Detail http://www.usdoj.gov/criminal/cybercrime/1030_anal.html Identity Theft & Fraud http://www.usdoj.gov/criminal/fraud/idtheft.html 12/1/2018

Questions ? 12/1/2018

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.