Luís Filipe Roque · How to protect equipment and information against users who do not have...

44
February 19th , 2019 Luís Filipe Roque

Transcript of Luís Filipe Roque · How to protect equipment and information against users who do not have...

Page 1: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

February 19th , 2019

Luís Filipe Roque

Page 2: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

2

@Luís Roque

• ICT Teacher

• ICT Coordinator

responsible for entire school group

• Teachers Trainer

Page 3: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,
Page 4: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

4

Concerns as Citizens

Page 5: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

5

Concerns as Teachers

Page 6: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

How to make a PC safe?

A German security specialist presented its already famous "2 rules" of total security

Page 7: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

The 2 rules of Herbert

Rule number 1Don´t buy a computer!

Page 8: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

Rule number 2If you purchased a computer, do not turn it on!

The 2 rules of Herbert

Page 9: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

9

Norbert Wiener, an

American mathematician,

was the first, in 1948, to

speak about Cyberspace.

What is CyberSpace?

Page 10: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

10

Complex environment, values and interests materializing an area

of collective responsibility, which

results from the interaction between people, information, information systems,

technological equipment and digital networks, including the internet

What is CyberSpace?

Page 11: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

11

Set of measures and actions of prevention, monitoring, detection, reaction, analysis and correction

which aim to maintain the desired security state and guarantee the

confidentiality, integrity and availability of information, digital

networks and information systems in cyberspace

What is CyberSecurity?

Page 12: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

12

• Physical Security

• Logical Security

• Best Practices

Dimensions of Safety

Page 13: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

How to protect equipment and information against users who do not have authorization to access them.

13

Physical security

Page 14: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

A set of resources run to protect the system, data and programs against attempts by unknown people or programs.

14

Logic Security

Page 15: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

15

I have nothing to hide

• Automatic access to websites (e.g. Bank

accounts )

• Miscellaneous Documents

• Conversations with family and friends

• Photos

• Videos

• Lists of passwords

Page 17: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

17

Malware Phishing Password

Attacks

DDoS

Man in the

middle

Drive-by

Download

Malvertising

Rogue

Software

Main Types of CyberAttacks

Page 18: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

18

Malware

Malicious software is any part of software that has been written to cause damage to data, devices, or persons

Page 19: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

19

Phishing

Attacks usually carried out by e-mails apparently from trusted entities where people are invited to enter sensitive data

Page 20: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

20

Passwords Attacks

An attempt to obtain or decrypta user’s password for ilegal use. Hackers can use crackingprograms, dictionary attacks, and password sniffers in password attacks.

Page 21: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

21

DDoS

Distributed denial of services(DDoS) attacks are a subclasse ofdenial of services (DoS) attacks. A DDoS attack envolves multipleconnected online devices, collectively know as a botnet, wich are used to overwhelm a target website with fake traffic.

Page 22: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

22

Man in the middle

Form of attack in which the data exchanged between two parties (e.g. you and your bank) are somehow intercepted, recorded and possibly altered by the attacker without the victims noticing

Page 23: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

23

Drive-by download

Occur when vulnerablecomputers get infected by justvisiting a website. Findings fromlatest Microsoft SecurityIntelligence Report and many ofits previous volumes reveal thatDrive-by Exploits have becomethe top web security threat to worry about.

Page 24: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

24

Malvertising

Criminally-controlled advertswhich intentionally infect peopleand businesses. These can beany ad on any site – often oneswhich you use as part of youreveryday Internet usage.

Page 25: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

25

Rogue Software

Also called smitfraud orscareware, this type of software is defined as malware. It isdesigned specifically to damageor disrupt a computer system. In this case, not only is thesoftware going to disrupt yoursystem, it´s going to try and trickyou into making a purchaseusing your credit card.

Page 26: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

26

Page 27: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

27

Do Backup

The loss of personal information can cause even more problems than the loss of the device itself. So, make sure that all your important information is well stored in various places.

Page 28: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

28

Stay up to date

Make sure your device's operating systems and

applications have up-to-date security updates. This prevents software

with known vulnerabilities from

being abused by cybercriminals.

Page 29: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

29

Use Robust Passwords

With 10 or more characters

Character combination

Words with purposefulerrors

They do not derive from the name of the user or any close relative

Not derived from personal information

Page 30: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

30

Passwords Fails

@2013, SplashData

Page 31: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

31

Block intruders

Regardless of the devices, make sure that your screen is protected with a strong and unique password or PIN code, or one of the biometric authentication methods available, such as fingerprint reader or facial recognition.

Page 32: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

32

Reduce Digital Footprint

Consider becoming a digital minimalist for a while and leave most of your devices at home. In this way, not only will you have less equipment than you can afford to lose as you are giving less opportunities for personal information being stolen by cybercriminals.

Page 33: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

33

Moderate in Social Networks

Resist the temptation to share on social networks, for example, that you and your family will be away from home in a certain period of time. Doing so may expose you to a physical intrusion of your home.

Page 34: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

34

Browse incognito

Page 35: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

35

Use a secure email

Page 36: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

36

Beware of Wi-Fi free zones

Carefully choose the network

Disable file sharing and mark the Wi-Fi connection as a public network

Never make updates or install applications using these networks

Use two-factor authentication Make sure to log off after

accessing any service you have accessed

Forget the network after using it

Page 37: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

37

Beware of card cloning

Card cloning happens when all information about a particular

card (your PIN - Personal Identification Number and its

number) is copied

Page 38: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

When making payments at establishmentsnever lose sight of your card

When entering the PIN code, be discreet and try to

make sure no one is trying to watch you

Avoid choosing a PIN code that is too obvious

Do not provide data about your cards over the phone, even if the person asking you to identify yourself as an employee of your bank

Avoid carrying out ATM operations in low-traffic areas

Do not shop online in computers with access to public Wi-Fi networks and prefer sites with "https: //" in the URL

38

Beware of Card Payments

Page 39: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

39

Be careful: leaving the e-mail open

Page 40: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

40

Be Careful: Passwords saved in browsers

Page 41: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

41

Be careful: Students knowing passwords

Page 42: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

42

Be careful: Accessing Insecure Sites

Page 43: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

43

Be Careful: Computer Maintenance Companies

Page 44: Luís Filipe Roque · How to protect equipment and information against users who do not have authorization to access them. 13 ... Hackers can use cracking programs, dictionary attacks,

Thank you

44