Crime*OR
Who will be hacked tomorrow and how can we prevent it
Online
Mateusz Marszalek
BY
*best viewed in fullscreen
Internet is serious business:
billioninternet users
2
800 millionFacebookaccounts
All of them are potential victims...
2.8 millionemails sent every second
298 millionsmartphones sold in 2010
more than population of Americas and Africa combined
31 hours/weekspent onlineby teenagers
16 billionsongs bought
from iTunes
60% customerspay onlinewith credit
card
2 millionGoogle searches every minute
86% customers
bought something
online in 2008 every 9 seconds
one pair of shoes
is sold on eBay
103 millionPayPal
accounts
value of global online
transactions in 2010
bigger than GDP* of Sweden
$ 500 billion
*Gross Domestic Product
...of online fraud and identity theft:
YOU can be next...
December 2010 Login details of 200,000 users stolen from blog network Gawker
April 2011 Account information and credit card numbers of 70 million users stolen from Sony’s PlayStation Network
2009 $560 million lost because of online fraud in United States alone
2011 Attempted hacking attack on multiple users of Google email account
Scared? Good. Because there is more:
Suddenly, not only internet users are in trouble...
March 2010 Stuxnet virus targets Iranian nuclear power plants
November 2011 Data from Norwegian oil, gas and defense companies stolen by hackers
2007-2008 Hackers interfere with two space satelites
November 2011 Illinois water treatment system damaged by hackers
So, let’s brainstorm some ideas...
...but also whole cities and nations.
And as the internet expands, these problems become more visible.
A reasonable goal would be to prevent online crime from increasing in the next five years – then we can think about decreasing it.
To succeed, governments, corporations and individuals need to be actively involved.
Governments should be involved in cyberspace
As the internet doesn’t have boarders, multi-national cooperation is required. And so are budget adjustmentson defense.
Detailed strategic plans must be created by governments and organizations.
Promoting online awareness among citizens wouldn’t hurt. The earlier the better.
We could also detect threats before they become reality. Monitoring the internet and its users might prevent some damage...
...or introduce even more. Privacy issues are a huge problem itself. We should thread carefully.
Just like the UK and their new Cyber Security
Strategy
Well done!
Corporations should think about their clientsIf firms aren’t secure, neither are their clients. Security measures at every step are required.
But all of that will cost money. Expect customers to pay for that.
Do you keep data about your customers? Encrypt it and make backup. Control who has access to it.
Always keep your infrastructure updated. Consider going open source* – more eyes for detecting security holes is better.
If you want to catch criminals, think like them. Or hire one**. Obviously they are good at what they are doing.And when the worst happens – be
honest about it. You’ve already lost your data, don’t lose the trust of your clients.
like Googleor Facebook
Kevin Mitnick is taken, and Neo from Matrix is fictional. But keep looking.
* **
Be prepared for the worst – have ready contingency plans at hand.
Individuals should always pay attention.
But human is an animal of habit. Changing habits of oneis difficult. Now, changing habits of 2 billion...
Keep your guards up all the time. If something is too good to be true, it probably is. Always ask questions.
Keep your software updated. Install antivirus and firewall. Don’t open emails and links from unknown sources.
Use strong passwords. 123abc, your birthdate or your pet’s name – not strong passwords. They can be easily found on your Facebook profile.
Quiz time!
Who’s the weakest link
in security chain?
Answer: Human
And so can the answers to your security questions. Think about what you share with the rest of the internet.
I have good news and bad news (Please don’t shoot the messanger)
So let’s do something. Just like with the environment, start from yourself.
If you’re using the same password
for many accountsOR
If your passwords are weak I’ll wait.
...Done? Great! Now tell your family and friends to do the same.
...Done? Fantastic! Check the next slide for more ideas how you can improve your safety online. Tell your local politicans and companies you’re dealing with that you care about internet security.
Step by step, it will get better.
Bad news: none of these solutions are perfect. There are no magic bullets.
Good news: but doing something is better than doing nothing.:
(:
)
Change them now.
Not tomorrow, not later, not after this
presentation. Now
Thanks for watching
Credits, where credits are dueAll logos and registred trademarks are the property of their respective owners. Unless stated otherwise, images are from iStockphoto.
Other icons from slide 1: thenounproject.comPhotos of Smooth Internet Criminal from slides 1&5 were taken by chanpipat and published by FreeDigitalPhotos.net.Photo of water faucet (or tap for our British friends) from slide 4 was taken by Travis Forsyth and published on flickr.Photo of a man who happened to be in the wrong place and at the wrong time from slide 8 was published by BananaStock.
Slide 2Facebook: Facebook Inc.Email: about.comGoogle: comscoreTime online: cybersentinel.co.ukSmartphones: Quirksmode eBay, PayPal and online sales volume (estimate): eBay Inc. financial figures for 3Q 2011iTunes: EngadgetCredit card and online sales: Nielsen; Trends in Online Shopping 2008Internet users: internetworldstats.com/statsGDP: World BankWorld population: United Nations
Slide 3PlayStation Network: WiredGawker: PCWorldUS online fraud: WiredGoogle mail: Reuters
Slide 4Stuxnet: CBS NewsNorway: BBC NewsSatellite: Business WeekIllinois: BBC News
Further readingFBI tips on protecting from internet fraud: http://www.fbi.gov/scams-safety/fraud/internet_fraudChoosing a smart password: http://www.google.com/support/accounts/bin/answer.py?answer=32040&hl=enTips to prevent online fraud: http://peoples.rbsnb.com/preventiontips.htmlInternet crime prevention tips: http://www.ic3.gov/preventiontips.aspx
Live long and prosper