Jisc e safety presentation AoC 2014

Nigel Ecclesfield, Lee Harrigan-Green, Katie McAllister

20/11/2014 E-safety: safer systems, safer users

https://www.flickr.com/photos/bcgovphotos/12844179093/in/photolist-kyZLXF-7SsMXX-kz1gge-kyZQ9T-kz2VVY-kyZVJt-kyNHh7-kyLB1z-kyLzZr-kyZMKK-kyZKS6-nsdYdu-kyZJP2-kz195R-kyZHh6-kz2Nmj-7sDr81-7SsMXM-f9Umke-66WK4q-7PzYFL-kyZupc-kyZS4n-kyZmX8-kz2xYG-kyZYXT-kz2wmy-kyZETi-kyZAMH-kyZaYp-kyZBJx-kyZpaz-kyZ4ex-kyZyie-kz2k43-kz14kv-kz2oZQ-kz2niy-kz2m5w-kz2KoL-kz2pXw-kyZ5vR-kyZxTV-kyZjR4-kz2f8b-kyZ7ac-66StMg-5987cw-4wvPLL-66WKbA

E-safety: safer systems, safer users 20/11/2014 2

Speakers

»Nigel Ecclesfield, Head of change implementation support programmes - Further Education and Skills, Jisc

»Lee Harrigan-Green, Senior CSIRT member, Jisc»Katie McAllister, Student support and enrichment

manager, Peterborough Regional College» Jackie Milne, Legal information specialist, Jisc


Internet safety and security

E-safety is about safe and responsible practice with technology and the sensible management of risks presented by the digital world. Jisc e-Safety infoKit


Purpose of session

»Explore e-safety issues for providers»Safety policies

› Setting objectives and priorities»Safe systems

› External safeguards and support› Internal systems

»Safe users› Safe practices› Increase awareness of e-safety

Jackie Milne, Legal information specialist, Jisc

E-safety and social media - risky mix or recipe for success?

6

Social Media

E-safety: safer systems, safer users 20/11/2014

“The most influential and powerful voice of the people… needs to be regulated”Chloe Madeley

“Ability to give a voice to people who would never have been heard”Bill Gates

“A catalyst for the advancement of everyone’s rights”Queen Rania of Jordan

“Just a buzz word until you come up with a plan”Unknown

7

Storm in a T cup?


FB comments result in sacking Think before you tweet or risk arrest

Sexting pressure on the rise

Social network is social nightmare

Internet trolls may face two years in jail

Teacher in FB meltdown

We don’t need any new social media lawsHalf of child exploitation happens on social networks

8

Which legal duties do you have?


Statutory All of theseContractual Common law

Lee Harrigan-Green, Senior CSIRT member, Jisc

Janet Computer Security Incident Response Team (CSIRT) and keeping yourself safe

Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014

10

Overview

» About Janet CSIRT (Computer Security Incident Response Team) and our role

» An overview of the incidents we see

» Some examples of incidents

» What can you do to help yourself

» If you have any questions please just interrupt me

11

What is CSIRT?

» Janet CSIRT (Computer Security Incident Response Team)

» CERT© or CERT-CC, IRT, CIRT, SERT

» Names can vary in different organisations, but they all carry out similar tasks:

› Coordinate with our community and other CERTs, ISPs

› Provide advice and assistance in relation to security with confidentiality



12

What do we do?

» Incident Response»Proactive Monitoring»Advice and Expertise


13

What we don’t do!

» We don’t hack systems

» We don’t probe systems looking for vulnerabilities to advise owners

» We are not the internet police

» We don’t pass information onto the Government / CIA... but we do work with them


14

How we detect security incidents

» Netflow data

» Emails or alerts from 3rd parties

» Website monitoring

» Telephone calls

» Keeping up to date with the security landscape / vulnerabilities

» Google searches

» Post incident analysis


15

Types of issues we deal with

» Compromise

› Data, usernames, passwords, personal information

› Systems

» Copyright notices

» Denial of service

» Queries

› Law enforcement agencies requests for information (RIPA)

› Legal / policy advice

› Networking / security advice

» Other issues: scanning, phishing, social engineering, unauthorised use, unsolicited bulk email (SPAM)


16

Incident type 2012 2013 2014 to date

Compromise 1487 1329 363

Copyright 2000 91 (1293) 2815

Denial of Service 43 127 430

General query 59 82 154

LEA query 46 29 31

Legal / Policy query 7 9 4

Malware 3209 5148 4133

Misconfiguration 0 0 275

Net / Security query 115 89 162

Other 114 196 682

Phishing 243 427 307

Scanning 578 380 137

Social engineering 16 6 1

Unauthorised use 39 42 28

Unsolicited bulk email 238 256 144

Total 8194 8212 (9505) 9666


17

Regulation of Investigatory Powers notifications

»Regulation of Investigatory Powers Act 2000

»Graded 1 (critical), 2 or 3

»Must originate from a single point of contact (SPoC)

»CSIRT can verify a SPoC exists in Home Office database


18

Recent activities with the National Crime Agency (NCA)

» Gameover Zeus (Zeus-p2p) and Cryptolocker

» Advanced warning of the botnet takedown

» Worked with the NCA and FBI to establish the best course of action from a UK perspective

» Distributed the list of known domains associated with the malware

» Issued advice and guidance to affected customers on the global day of action

» Taken positive action within our resolver service so that our customers are protected from this malware.

» More in the pipeline …


19

Example of a hacked website

» A small website was vulnerable to a SQLi attack

» Details of usernames, passwords, and email addresses were dumped

» Automated email received at 23:15

» By 9:30 the following morning we had sent notifications to 42 different sites about the breach

» We also alerted the site that was hacked. They were not aware and took the site offline and also notified all users in their database about the breach


20

Example of a Moodle system hack

» Content of usernames and hashed passwords were put on pastebin approximately 3500 unique hashes.

» Investigation started at 08:50 the following day

» A Janet connected organisation system was compromised due to running a old version of administration software on a Moodle server

» 48% of the passwords were cracked

» Site advised of the very weak passwords

» They rebuilt system

» A student at the site was responsible


21

Policies are there when you need them

There are many different types of policies that you require to keep yourself safe.

» Disaster Recovery

» Acceptable Use

» Incident Response

» Backup

» And more

We recommend:

» Testing your policies to make sure they work in practice

» Review your policies regularly - trigger points might be a yearly review, change in legislation or a security incident


22

What can you do to keep yourself safe?

» By following best practices you can keep yourself safe

» Logging is the most important of these – Firewall, proxy, DHCP, email and web server

» Use a system log (syslog) to keep them in one easy location

» Keep systems up to date with latest patches and security updates

» Maintain up to date security contacts with CSIRT

» Contact us at CSIRT if you have any security related questions or queries, including advice on policies and practice to keep your systems and users safe


Lee Harrigan-Green, Senior CSIRT Member

[email protected]

Lumen house, Library Avenue, Harwell, Didcot Oxfordshire OX11 0SGT 0300 999 2340

[email protected]

Except where otherwise noted, this work is licensed under CC-BY-NC-ND

Katie McAllister,Student Support and Enrichment Manager,

Peterborough Regional College

Equipping learners to be safe

Safeguarding & E-Safety

• The college, in light of the growing child sexual exploitation issues, potential extremism and increasing e-safety concerns, was determined to ensure both staff and learners participated in a constructive dialogue relating to their safety.

The starting point

• Addressing the (potential) increase in cyberbullying, extremism, child sexual exploitation etc

• Meeting our legal and statutory duties relating to ICT whilst reducing any risks

• Identifying all of the across college areas we would need to consider such as our hosting liability and data protection

• Educating employers, contractors, parents/carers

The Challenge

• A rigorous evaluation of our current practices including Jisc guidance & the use of the 360 degree safe self review tool It’s free to access!Provides subject areas (top line and in detail)Provides action plan as you go Identifies AFIs and best practices Is online so a whole college approach is possibleCompares your own responses to others who have completed it

Review tools

http://www.360safe.org.uk/

Areas for review

Each element has strands.

Each strand has aspects.

The Safeguarding Toolkit

• Resources and documentation to support a tailored recruitment and enrolment process for learners.

• An enhanced induction for Looked After Care (LAC) learners.

• Designated mentors and progress support meetings for LAC learners.

• Online and magazine based hints, tips and guidance (staff and students).

The Safeguarding Toolkit

• HE debates. • Tutorials and across college calendar of events covering

personal safety and resilience for a range of levels/abilities (sexual health, alcohol, mental health, e-safety, being street wise).

• Development of activities and resources to embed within teaching and learning sessions.

Multi Agency work

• Multi agency partnership with housing, city youth workers, council, police, schools and Local Safeguarding Children Boards (LSCB)– members shared expertise and resources which resulted in a

proactive approach to child sexual exploitation, monitoring of city wide tensions and action cohesion work.

• Approach is being adopted by other police forces and was recorded for a Panorama documentary.

Training

• The College Welfare Advisor and a College Youth Worker were specifically trained to support Looked After Care leavers - more vulnerable to child sexual exploitation and radicalisation.

• Staff training incorporating extremism awareness and reporting (WRAP, Prevent).

Training

• Prevent training to over 1000 students by the local Prevent officer.

• The college completed a business continuity plan and staff training with the National Counter Terrorism Security Office (NaCTSO).

• E-Safety handbook/toolkit.• Updated induction staff training.

Impact in 2013/14

• 98% of learners felt safe whilst at college. • 92% retention for LAC learners (9% increase on 12/13).

• 88% retention for unaccompanied minors (5% increase on 2012/13).

• Safeguarding embedded into teaching and learning - differentiated across the levels/abilities.

• Significant, collaborative partnerships with quicker identification of and action to issues.

Impact in 2013/14

• Ongoing, robust self-assessment• The safeguarding toolkit has successfully contributed to

the College receiving:– the BIG award (Bullying Intervention)– Gold ROSPA– the Buttle Quality Mark (Exemplary)– Customer Service Excellence & Matrix– The South West Grid for Learning Trust 360 degree safe award

(first FE college).

Information

• Freshers Fayre Event (1 Oct)• Anti-bullying & Resilience Stand (17 Nov)• Wellbeing Team Stand (E-safety: 1 Dec)• Safer Internet Day Stand (10 Feb)• Be Healthy, Stay Safe, Be Green Event (19 Mar)

Summary

• The College has taken a proactive and passionate stance against these contemporary issues that are affecting our learner’s wellbeing, and our ongoing actions are positively removing barriers and ensuring the learners are able to fully engage with their studies.

• For more information contact: [email protected]

Q&A panelQuestions?

Find out more…

39

Find out [email protected]

www.jisc.ac.uk/internet-safety

Except where otherwise noted, this work is licensed under CC-BY-NC-ND

mailto:[email protected]

mailto:[email protected]

http://www.jisc.ac.uk/internet-safety

http://www.jisc.ac.uk/internet-safety

Jisc e safety presentation AoC 2014

Education

Transcript of Jisc e safety presentation AoC 2014