Before we get started cert.govt.nz security week slides
https://www.cert.govt.nz/
PART 2
Matt’s Security Tips and Tricks
Hackers – What do they want? ● Your Financial or Personal Info – Hack your bank accounts, transfer money – Sell / Use your credit cards – Blackmail you / Scam you / Randsom(ware) – Steal / Use / Sell your passwords – Impersonate you ● Remote Control of your computer – As a proxy for the purpose of illegal activity – Botnet – Storage for illegal programs or images etc – Hidden Illegal Darkweb service or website
How do they do it? ● Phishing – Phishing attacks involve sending email messages to you in hopes of tricking you into revealing something you shouldn’t, or doing something dangerous. ● Pharming – Pharming attacks use a hack of your Domain Name Service (DNS) or manipulation of the files on your computer to redirect you to a phony website matching the one you think you are going to.
How do they do it? ● Malware – Thieves may send you email messages or documents that contain malware. This malicious software then directly or indirectly gives the thief access to personal or financial data on your computer. ● Hacking – Hacking attacks take advantage of weaknesses in your computer’s security to steal data. Alternately, they may break into the network your computer is connected to, getting at your data from the inside. This is a particular problem on public WiFi networks, which often have little or no security.
Hacker Tools Kali Linux https://www.kali.org
Seniors lose the most from identity fraud ● Age Range % of People Report a Fraud Loss Median Amount Lost ● 19 and under 29% $262 ● 20 to 29 29% $400 ● 30 to 39 32% $380 ● 40 to 49 28% $440 ● 50 to 59 25% $500 ● 60 to 69 20% $500 ● 70 to 79 18% $621 ● 80 and over 18% $1092
So what can we do? Overview - Will go into more details in next 4 sections 1. Security At Home – Secure your Home WiFi, Computers and Devices 2. Mobile Security – Secure all mobile devices / iPads etc – Careful using public computers 3. Social Media Privacy and Security – Tighten up your privacy / Minimal Footprint 4. Security and Privacy Mindset – Privacy and Security go hand in hand
Security Tips At Home ● Wifi Password + Strong Encryption Method ● Install an Antivirus and Keep It Updated ● Use Different Email Addresses for Different Kinds of Accounts ● Use different browsers for different activity ● Clear Your Browser Cache on exit ● Turn Off the 'Save Password' Feature in Browsers ● Don't Fall Prey to Click Bait / Visit unknown sites ● Password Manager
Example - Use 2 Web Browsers BROWSER 2 BROWSER 1 (General Browsing) (Private) ● News sites ● Online Banking ● On demand ● Trademe / Ebay ● Facebook / Twitter ● Govt Websites ● Youtube – Rates – IRD ● Google searching – Tollroad ● General Web use – RealMe
Home Security Continued .... ● Dont allow websites to store your Credit Card ● Log out of websites when you are finished ● Don’t Open Mail From Strangers ● Don’t Click on Strange-Looking Links / URLs ● Back up Your Data Regularly ● Consider Browser add-ons ● 2-factor authentication
Example – URLs and Certificates ● Check website URL / Certificate before login ● Demo – URL – HTTP vs HTTPS – Is your communication encrypted? – Certificate – Subdomains
Password Manager ● Keepass Password Manager – (offline) – Open source ● Never store passwords online. – Don’t use online password managers – Don’t sync passwords to Google – Don’t sync to Dropbox or any other cloud platform.
Search Engines DuckDuckGo – This is a great privacy-friendly Google alternative that doesn’t utilize tracking or targeted ads. They also have a zero-sharing policy with other features, but they do record search terms. StartPage – StartPage gives you Google search results, but without the tracking.
Browser Privacy and Security Add-ons ● uBlock Origin – ublock Origin is an efficient, light- weight blocker that filters both ads and tracking. ● HTTPS Everywhere – https everywhere add-on that basically forces an HTTPS connection with the websites you visit, provided HTTPS is available for the site.
Turn off Browser Sync
How private is your browser? ● More Privacy (Open-Source) – Firefox – Chromium ● Brave ● Less Privacy (Proprietary) – Chrome (Google) – Edge (Microsoft) – Safari (Apple)
Browser Demos ● Firefox Setup ● Chrome Setup ● Add-ons ● Settings ● Private Browsing – Public Computer
2 - Mobile Security
Basic Mobile Phone Security Tips ● Secure your mobile against loss and theft – Always secure PIN Lock Screen – Encrypt your data – Install Google “Find My Device” ● Back up your mobile data ● Update your phone’s operating system ● Be smart with your apps ● Be careful using public hotspots and free WiFi ● Remember to log out of your accounts ● Factory Reset / wipe before selling.
Example - Encrypt Phone - Android
Android Demo
3 - Social Media Privacy and Security
Social Media Privacy and Security ● Privacy and security settings – Unique Passwords – 2FA ● Remember that what goes online, stays online ● Your online reputation ● Keep personal info personal – Pet names .. First school .. Security questions? – Residential address or full name ● Know and manage your friends ● Clickbait – be careful. External Links
Facebook ● Minimal Personal Info ● Make personal info available to Friends only ● Make your posts to Friends only ● Limit info on your public page – DoB (Change to Day of Year only) ● Make your friends list viewable “Only by Me” ● Contact only Anyone vs “Friends of Friends”? ● Careful joining groups ● Careful with likes and comments
4. Mindset – Privacy and Security
4. Mindset – Privacy and Security ● Privacy and Security are different but related ● A loss of one leads to a loss of the other ● Remain vigilant ● Make it a daily routine ● Become security conscious
Privacy and why it matters ● Giving your personal information to a 3 rd party? – Can you trust them? – Whats their privacy policy? – Are they secure? – What information of yours do they hold? – What happens if they are hacked?
Privacy and why it matters ● The more personal information you share, or can be found / stolen, the greater your attack profile becomes.
Questions??
Recommend
More recommend
