Fermilab Computer Security Awareness Day November 2012 Basic Computer Security.

Slides:



Advertisements
Similar presentations
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Advertisements

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
Thank you to IT Training at Indiana University Computer Malware.
Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
P ASSWORD S ECURITY. I F SOMEONE HAS YOUR PASSWORD, EITHER FROM YOU GIVING IT OUT OR THEM FIGURING OUT, THEY COULD : 1.Send abusive or threatening .
Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.
Computer Viruses.
Basic Computer Security. Outline F Why Computer Security F Fermilab Strategy: –Integrated Computer Security –Defense in Depth F Your role and responsibilities.
Security Essentials for Fermilab System Administrators.
Security Essentials for Desktop System Administrors.
What do I need to know?.   Instant Messages  Social Networking.
Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.
Viruses and Spyware. What is a Virus? A virus can be defined as a computer program that can reproduce by changing other programs to include a copy of.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Contents  Viruses Viruses  Computer Worms Computer Worms  Trojans Trojans  Spyware Spyware  Adware Adware  Spam Spam  Hoaxes and Scams Hoaxes and.
First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
Staying Safe Online Keep your Information Secure.
Scams & Schemes Common Sense Media.
IT security By Tilly Gerlack.
Security Essentials for Desktop System Administrors.
Protecting Students on the School Computer Network Enfield High School.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
Security Essentials for Desktop System Administrators.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Fermilab Computer Security & Strong Authentication Project Mark Kaletka Computing Division Operating Systems Support Department.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Security Essentials for Fermilab System Administrators 29-Sep-2009.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
Lightspeed is a web-blocking and filtering software program providing safe online security for educational users.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Security Essentials for Fermilab System Administrors.
Activity 4 Catching Phish. Fishing If I went fishing what would I be doing? On the Internet fishing (phishing) is similar!
Security Essentials for Desktop System Administrors.
Internet Security. 2 Computers on the Internet are almost constantly bombarded with viruses, other malware and other threats.
Security Essentials for Desktop System Administrors.
Computer Security Essentials for Fermilab Sysadmins Irwin Gaines and Matt Crawford Computing Division.
Security Essentials for Fermilab System Administrators 08-Dec-2011.
Computer Security Awareness day November 12, 2013.
Ethical, Safety and other issues when using the Internet Displays a knowledge of networking in terms of user- access Demonstrates responsible.
The internet is a place of both useful and bad information. It has both good and bad side- and it’s all too easy for kids to stray into it. And no parents/guardian.
Security Essentials for Fermilab System Administrators 29-Sep-2009.
Catching Phish. If I went fishing what would I be doing? On the Internet fishing (phishing) is similar! On the internet people might want to get your.
Fermilab Computer Security Awareness Day. Why Computer Security  The Internet is a dangerous place We are constantly being scanned for weak or vulnerable.
POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.
Important Information Provided by Information Technology Center
Internet Safety.
Hacking Computer crime and cyber security.
PHISHING Hi, The comms team asked if I could refresh everyone about Phishing after a fairly successful phishing circulated last week that led to.
Learn how to protect yourself against common attacks
Lesson 3 Safe Computing.
Information Security 101 Richard Davis, Rob Laltrello.
Cybersecurity Awareness
Practice Safe Computing
Risk of the Internet At Home
Lesson 2: Epic Security Considerations
9 ways to avoid viruses and spyware
Security Hardening through Awareness August 2018
16. Account Monitoring and Control
Presentation transcript:

Fermilab Computer Security Awareness Day November 2012 Basic Computer Security

Why Computer Security?

 Fermilab is an attractive target It is constantly being scanned for weak or vulnerable systems; new unpatched systems will be exploited within minutes. High network bandwidth is useful for attackers who take over lab computers Publicity value of compromising a.gov site Attackers may not realize we have no information useful to them

Why Computer Security?  To establish good computing habits  Attacks on users (rather than systems) becoming more frequent  It is easier to trick a user than to break into a system

Why Computer Security?  Security depends on everyone, from management, to system administrators, to developers, to users, etc. As mentioned, phishing attacks are more prevalent Three DOE labs taken offline in 2011 due to phishing attacks A chain is only as strongest as its weakest link  Integrated Security Management Part and parcel of everything you do with computers ○ Like safety, security is part of everyone’s responsibility Not “one-size-fits-all” but appropriate for the needs and vulnerabilities of each system - in most cases, it is simply common sense + a little information and care

Spam Spam Spam  Everyone gets spam all the time  In 2007, it was estimated that 85% of incoming was “abusive ”  A 2010 survey of US and European users showed that 46% of recipients opened spam messages and 11% clicked on a link

From Spam to Scams  Nothing new – attempts by criminals to defraud you  Direct monetary gain is primary motive  Never reply to them!  Classic examples: Winning the lottery (which you never entered) Dignitary wanting to give you millions of dollars from his/her country. Parcel mule scams

The Hitman Bribe Scam

From Scams to Phishing  One of the most common attacks  Fools user into giving up information  Eventual monetary gain is a large motive but there are others  Primary types of phishing: Harvesting information Controlling your computer via malicious links Controlling your computer via malicious attachments  Let’s take a look at some examples

Phishing  Do any red flags jump out?  How about sender’s address or what they are requesting?  Sometimes things are trickier than they seem – let’s look at another example.

Link goes to:

Phishing  Phishing may be sophisticated and appear genuine: It may be addressed to specific individuals only It may be on topic with what the individuals work with The sender may be forged to appear from a coworker of those individuals “Spear phishing”

What to do?  The purpose of sending spam or phishing generally comes down to money (now or eventually): Obtaining bank account information Obtaining login credentials Your machine becomes compromised and becomes a member of a botnet Your account compromised to send more spam.  Be careful on what you click on and what you reply to!

What to do?  If after reading an you think it is a phishing attack or scam, simply delete the message. Here are some indications if an is an attack.  Be suspicious of any that requires immediate action or creates a sense of urgency.  Be suspicious of s addressed to “Dear Customer” or some other generic salutation.  Be suspicious of grammar or spelling mistakes, most businesses proofread their messages very carefully.

What to do?  If a link in an seems suspicious, hover your mouse over the link. This (usually) will show you the true destination where you would go if you actually clicked it. The link that is written in the may be very different than where it will actually send you.  Do not click on links. Instead copy the URL from the and paste it into your browser. Even better is to simply type the destination name into your browser. For example, if you get an from UPS telling you your package is ready for delivery, do not click on the link. Instead, go to the UPS website and then copy and paste the tracking number.

What to do?  Be suspicious of attachments; only open attachments that you were expecting.  Just because you got an from your friend or coworker does not mean they sent it. Her/his computer may have been infected or their account may have been compromised, and malware is sending the to all of your friend’s contacts. If you get a suspicious from a trusted friend or colleague, call them to confirm that they sent it.

What to do?  Ultimately, using safely is all about common sense.  If something seems suspicious or too good to be true, it is most likely an attack. Simply delete the .

What to do?  Fermilab personnel will NEVER ask you for your password.  Most outside companies/services should NOT as well.

Social Engineering  Not every method to give up electronic data is electronic.  Phone calls  In person Or physical media

One more thing about personal info  Protecting Personal Information at Fermilab course  If you handle Personally Identifiable Information, you may need to take Advanced PII course  Be cognizant of how personal, sensitive, or financial information is being transmitted (e.g., general , etc.)

Browsing the web  We know that clicking a link in an can be bad – this applies to general web browsing as well.  The primary difference is how an attacker might target you.

Browsing the web  Use a modern browser on a current operating system  Since many use a web browser to read , the same rules apply (e.g., be suspicious of attachments, etc.)!  Don’t click on pop-up advertisements  Be careful of web sessions involving personal or financial data.

Browsing the web  Use common sense …  Watch where you browse (note the “web environment”).  Be extra careful if you have administrative privileges.

Browsing the web  What happens if you see the following screen when browsing the web at Fermi?

Browsing the web  Please do not click on Accept!  Contact the Service Desk if you feel this is in error.  If you see a similar message pop up on your machine by itself without having clicked on anything, please contact the Service Desk.

Incidental Computer Usage  Fermilab permits some non-business use of lab computers  Guidelines are at  This is pretty much common sense

The top 10 worst Internet passwords: Source: Splashdata

Passwords  When you are typing a password for some reason (e.g., logging in to a service) – ask yourself what does this have access to?  2012 was a year for major password breaches: LinkedIn eHarmony LastFM Formspring  What if you used the same passwords everywhere?

Passwords  Always choose a complex password The lab has a password policy that’s enforced, so it’s difficult to choose a weak Fermi password, however:  Differentiate your passwords – don’t use the same passwords for Fermi services as personal services.  Fermi’s Kerberos, Windows, and Services passwords should all be different as well.  Change them periodically (yes, even passwords to personal accounts).

Fermilab and Central Authentication  All use of lab computing services requires central authentication  Avoid disclosure of passwords on the network  No network services (logon or read/write ftp) visible on the general internet can be offered with out requiring strongest authentication, currently Kerberos (unless a formal exemption is applied for and granted)  Kerberos provides a single sign in, minimizing use of multiple passwords for different systems  Lab systems are constantly scanned for violations of this policy

Remember:  Fermilab personnel will NEVER ask you for your password.  Most outside companies/services should NOT as well.

What happens if you notice a Computer Security incident?  Mandatory incident reporting Report all suspicious activity: ○ If urgent to the Service Desk, x2345, 24x7 ○ Or to system manager (if immediately available) ○ Non-urgent to Incidents investigated by Fermi Incident Response Not to be discussed!

Fermi Incident Response  Investigate (“triage”) initial reports  Coordinate investigation overall  Work with local system managers  Call in technical experts  May take control of affected systems - for an undetermined amount of time  Maintain confidentiality

Perimeter Controls  Certain protocols are blocked at the site border ( to anything other than lab mail servers; web to any but registered web servers; other frequently exploited services)  Temporary (automatic) blocks are imposed on incoming or outgoing traffic that appears similar to hacking activity; these blocks are released when the activity ceases (things like MySpace and Skype will trigger autoblocker unless properly configured)

Patching and Configuration Management  Baseline configurations exist for each major operating system (Windows, Linux, Mac)  All systems must meet the baseline requirements and be regularly patched (in particular running an up-to-date supported version of the operating system) UNLESS: A documented case is made as to why the older OS version cannot be upgraded Documentation exists to demonstrate that the system is patched and managed a securely as baseline systems All non essential services (such as web servers) are turned off  All systems with Windows file systems must run anti virus  Your system administrator should take care of this for your desktop

Critical Vulnerabilities and Vulnerability Scanning  Certain security vulnerabilities are declared critical when they are (or are about to) being actively exploited and represent a clear and present danger  Upon notification of a critical vulnerability, systems must be patched by a given date or they will be blocked from network access  This network block remains until remediation of the vulnerability is reported to the TISSUE security issue tracking system (as are blocks imposed for other security policy violations)

Prohibited Activities  “Blatant disregard” of computer security  Unauthorized or malicious actions Damage of data, unauthorized use of accounts, denial of service, etc., are forbidden  Unethical behavior Same standards as for non-computer activities  Restricted central services May only be provided by approved service owners  Security & cracker tools Possession (& use) must be authorized  See

Activities to Avoid  Large grey area, but certain activities are “over the line” – Illegal Prohibited by Lab or DOE policy Embarrassment to the Laboratory Interfere w/ performance of job Consume excessive resources  Example: P2P (peer to peer) software like Skype and BitTorrent: not explicitly forbidden but very easy to misuse!

Questions?  for questions about security policy  for reporting security incident 

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.