Personal Data Security. Grand Computers Club New Technologies SIG May 21, 2014

Size: px

Start display at page:

Download "Personal Data Security. Grand Computers Club New Technologies SIG May 21, 2014"

Adela May
8 years ago
Views:

1 Personal Data Security Grand Computers Club New Technologies SIG May 21, 2014

2 Topics Meeting Overview New Tech Newsletter Main Topic: Personal Data Security Open Discussion Questions 2

3 Overview Data privacy is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them. Wikipedia.org 3

4 Risk Assessment Hill Associates, Inc. 4

5 Malware Threats Viruses Code to spread & infect files & data Transferred from one host to another Classifications Resident in memory; infects every time Non-resident removes after infection Boot sector infects before OS starts Macro infects using macros (Outlook) Symantec.com 5

6 Malware Threats Worms Replicate & spread by itself No interaction required to duplicate Categories spread via s & attachments Internet via open ports & vulnerabilities Network via open nets & shares Multivector via 2 or more capabilities Symantec.com 6

7 Malware Threats Infamous viruses Brain 1 st full stealth virus Melissa macro virus Destructive worms iloveyou $10B CodeRed $2B Sobig $37B MyDoom $38B Symantec.com 7

8 Malware Threats Trojans Do not self-replicate Masquerades as non-malicious Can use drive-by techniques Classifications Remote Access Trojan (RAT) DDoS Distributed Denial of Service Proxy Remote use to attack others Symantec.com 8

9 Malware Threats Trojans Classifications Security software disabler Info-stealer (key logger) FTP File transfer to remote site PSW password stealer Banker Zbot or Zeus FakeAV poses as Anti-virus tools Ransom Wants money to repair Symantec.com 9

10 Malware Threats Other threats Malware general umbrella term Rootkits uses privileged access Spyware Tracks activity Tracking cookies monitor browsers Adware targets advertisements Spam unsolicited messages Creepware RATs Symantec.com 10

11 Malware Threats Network attacks Intrusion into a network Exploits ports and system vulerabilities Passive and/or active attacks Types of network attacks Social engineering manipulate people Phishing requests sensitive info Social phishing use of social networks Symantec.com 11

12 Malware Threats Types of network attacks Spear phishing Targeted phishing Water hole Target victim; use drive-by Whaling Phishing high-value targets Port scanning search for open ports Spoofing masquerade using false data DoS Denial of Service; flood network Man in the Middle intercept & transmit Bluetooth Exploits discovery state Symantec.com 12

13 Ways to Protect Personal Data Use anonymous service Metadata still available Encryption Encrypt (OpenPGP) Encrypt disks, flash drives, file (Truecrypt) 13

14 Ways to Protect Personal Data Web browsing Tor browser Lock down browser (CERT) Cloud services Encrypt sensitive data or do not use File storage & archive Create private cloud (PogoPlug) Encrypt portable drives with TrueCrypt 14

15 Ways to Protect Personal Data Social networking Limit use of these sites Monitor what friends post about you Location data Avoid using Foursquare Minimize apps that use location info Wireless services Limit use of BlueTooth & free Wi-Fi 15

16 Ways to Protect Personal Data Personal security Use stronger password & passphrases Use password manager like LastPass Search engines Use trackless search engines like DuckDuckGo 16

17 Protect Your Computer Data Encryption Hidden partition Track you device 17

18 Was Orwell Right? If you want to keep a secret, you must also hide it from yourself. George Orwell,

19 How Tech Reveals Us Personal Info Found Online Photos 60% Birth date 50% address 46% Employer 44% Home address 30% Cell phone # 24% Video 24% Resonate by Nancy Duarte Political party 20% 19

20 How Tech Reveals Us Online Privacy Concerns Shopping online 93% Banking online 90% Social network 90% Mobile apps 85% Truste,

21 Privacy Strategies Popular actions Clear browser history & cookies 64% Delete social network posts 41% Disable 3 rd party cookies 41% Use temp service 26% Encrypt communications 14% Pew Research Center,

22 Privacy Strategies Protecting personal data DuckDuckGo search engine Smartphone bag blocks signal Encrypt need to exchange keys TOR router/browser Pew Research Center,

23 Sites Used for Presentation Internet security: 10 ways to keep your personal data safe from online snoopers Three steps to properly protect your personal data Get safe online Welcome to the Security 1:1 series of articles 23

24 Videos Used for Presentation Mind reader 24

25 Next Meeting Streaming and Desktop Boxes Wednesday June 18, :00-5:30pm Havasupai Room Chaparral Center 25

26 Questions??? 26

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction