securing court information october is national cyber
play

Securing Court Information October is National Cyber Security - PowerPoint PPT Presentation

Feb 24, 2023 •400 likes •913 views

Securing Court Information October is National Cyber Security Awareness Month! 11 th Annual Sponsored by the Department of Homeland Security How it all works Computers 101 Hackers Court Data Justice Building

  1. Securing Court Information

  2. October is National Cyber Security Awareness Month! • 11 th Annual • Sponsored by the Department of Homeland Security

  3. • How it all works – Computers 101 – Hackers – Court Data • Justice Building Network – Attacks – Resources – Defense In Depth • Threats to Court Data • What Can You Do? – Antivirus – Software Updates – Phishing – Passwords

  5. Computers 101 • A computer is a machine that follows instructions • These instructions are the software created by programmers

  6. Court user AOC Network Court user

  7. Definitions • Hackers vs Attackers • Malware

  8. Hackers • Script Kiddies • Knowledgeable Users • At the highest level, hackers are computer programmers and hacking is a business! • They are smart, they do this for a living, and they just need to make other people’s computers follow their instructions. • Organized Crime • Political Players (countries, hactivists) • Malicious

  9. Kristoffer Von Hassel

  10. Cyber’s Most Wanted List • 26 Individuals – 1 American – 5 Chinese military – Most of the rest are Russian

  11. Hacker Hacker Court user AOC Network Court user Hacker Hacker We are all interconnected!

  12. What does the court have of value? • AOC Network – Personal info - court databases and web pages, network files • DL, SS#, email addresses, etc. – Financial info - court databases and web pages, network files • Court Users – Personal info • DL, SS#, email addresses, etc. – Financial info – Access to court databases

  13. Attacks on Justice Building Network • October Blocked Attacks 30,590 • 2014 Total Blocked Attacks 470,665

  14. Blocked Attacks – Top 10 Countries 73% 5% 4% 3% 3% 3% 2% 2% 2% 1% (Other 2%)

  15. Resources within Justice Building Network • Contexte Database • IMIS Database • Jury Database • Laserfiche • Web Servers • User Workstations

  16. AOC Defenses for Resources/Court Data • Physical security of server room • IPS • Firewalls • Data Backups • Disaster Recovery • Controlled access to databases • Security level access within databases

  17. Defense In Depth Layers of protection to slow attacks and speed recovery Physical security IPS/IDS Firewalls Passwords Policy Antivirus Software updates Etc. YOU are one of the most important defenses!

  18. Threats • Social Engineering – Phishing • Breaching Systems – Software Updates, Antivirus, Weak Passwords • Intercepting Data – Not generally your concern, https • Disruption • Hactivism – case outcomes *Jan 24, 2014 – uscourts.gov hacked? e-filing affected

  19. Keep in mind…. ….there doesn’t even need to be a reason.

  20. Target Breach • Started with a phishing email to contractor with about 125 employees • 40 million cards stolen • 70 million personal information records stolen (name, address, email, and phone number)

  21. What can you do to protect court data? • Antivirus* • Software Updates* • Phishing • Passwords

  22. Updating Antivirus and Software • Justice Building Network – AOC CIS • Courts with IT support – IT Staff • Courts without IT support – ?

  23. Definitions • Antivirus software blocks known malware. – Symantec, McAfee, AVG, Kaspersky, etc. • Software Updates (Patches) fix flaws in programming, including security flaws – Microsoft Windows, Internet Explorer, Google Chrome (twice), Firefox, Java, Adobe Flash Player… have all had critical security patches released in October

  24. 90% of successful exploits are made against unpatched computers! Antivirus and patched software work hand-in-hand.

  26. Zero-Day Market Rough market value assembled by Forbes reporter in 2012: *from Forbes.com, March 2012

  28. Malware X1 Malware X2

  29. Malware X2 Malware X1

  30. How Malware Spreads • Phishing • Websites • Botnet

  31. Malware X1 Malware X2 Three scenarios follow for this user coming into contact with Malware X1 and X2…

  32. Scenario 1 – no antivirus update, no software update Malware X1 Malware X2 Result – infection by Malware X1 and Malware X2

  33. Scenario 2 – antivirus update for Malware X1, no software update Malware X1 Malware X2 Result – Malware X1 blocked, infection by Malware X2

  34. Scenario 3 – antivirus update for Malware X1, software update Malware X1 Malware X2 Result – no infection

  35. Software Update Notes • Automatic Updates • Java – Contexte/Xerox – Do not update without notification from AOC • Windows XP and other unsupported software

  36. What you can do • Justice Building Network – Let Desktop Support (Wade, Jimmy Don, Shadrick) know if you notice something out of date • Courts with IT support – Ask IT staff if they are updating software – Let IT staff know if you notice something out of date • Courts without IT support – Keep your software updated – Need guidance?

  37. Phishing • Phishing is an attempt through email to solicit personal information . Often malicious code is also involved.

  38. Phishing • Reputable companies/entities will not ask you for personal information through email. • If in doubt, contact the company/entity directly.

  39. Suspicious Emails • Try to convince you to click on a link or attachment. • You do not know the sender and/or the email address is long/convoluted/strange. • Word usage/grammar/punctuation errors. • Email details that do not apply to you (package tracking, airline ticket, court/legal proceedings, etc.).

  40. What to do • Do not click on any links or attachments. • Delete the email (Inbox, Sent Items, Deleted Items).

  41. Phishing Example (Malicious Attachment)

  42. Phishing Example (Link is to a website with .br)

  43. NOT a Phishing Example (Emma Notice – link “https://t.e2ma.net/message/l47df/xl9rki”)

  44. Spaceballs (1987)

  46. 25 Most Used Passwords of 2013 1. 123456 14. letmein 2. password 15. photoshop 3. 12345678 16. 1234 4. qwerty 17. monkey 5. abc123 18. shadow 6. 123456789 19. sunshine 7. 111111 20. 12345 8. 1234567 21. password1 9. iloveyou 22. princess 10. adobe123 23. azerty 11. 123123 24. trustno1 12. admin 13. 1234567890 25. 000000 *from annual list

  47. A Little Math For an 8 character password: • Numbers: 10*10*10*10*10*10*10*10= 100,000,000 (100 million) • #s, lowercase, uppercase, and special: 95*95*95*95*95*95*95*95 = 6,704,780,954,517,120 (6 quadrillion, 704 trillion, 780 billion, 954 million, 517 thousand, 120)

  48. Password Tips • The longer, the better. • Use all 4 character types. • Don’t use the same password for multiple accounts. • Don’t share your password with anyone. Ex: Amy lost her tooth yesterday. Amy lost her toof yesterday. aMYlosthert00fyesterday>>

  49. Friends of the Court

  50. Hacker Hacker Court user AOC Network Court user Hacker Hacker We are all interconnected!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Tackling the Challenges of Securing the Cyber

Tackling the Challenges of Securing the Cyber

Tackling the Challenges of Securing the Cyber Space 1 ATLANTIC 9/9/2015 Cyber security challenges Na2onal Cybersecurity and Communica2ons Integra2on

276 views • 16 slides
Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security Centre (NCSC) This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation.

197 views • 8 slides
Practical approaches to managing and securing cyber-physical systems Sanjiv Doshi, Principal

Practical approaches to managing and securing cyber-physical systems Sanjiv Doshi, Principal

Practical approaches to managing and securing cyber-physical systems Sanjiv Doshi, Principal Engineer - Cisco Nov 2018 Ciscos take on Cyber-Physical Systems Cyber-Physical Systems are fundamentally integration of three components

321 views • 13 slides
Cyber Resilience OCTOBER 19, 2018 COLUMBIA, SC Cyber Resilience Professional Tom Scott

Cyber Resilience OCTOBER 19, 2018 COLUMBIA, SC Cyber Resilience Professional Tom Scott

Financial Planning Association South Carolina Cyber Resilience OCTOBER 19, 2018 COLUMBIA, SC Cyber Resilience Professional Tom Scott New Century Solutions LLC | NCS Cyber Certified Information Systems Security Professional Certified

863 views • 46 slides
Overview Social Media Cyber Bullying Image Sharing October is National

Overview Social Media Cyber Bullying Image Sharing October is National

Social Media Awareness & Cyber Safety Guy J. Bercegeay, Esq. Hailey, McNamara, Hall, Larmann & Papale, LLP Overview Social Media Cyber Bullying Image Sharing October is National Cybersecurity Awareness Month! Social

659 views • 18 slides
A Cyber-Physical Approach to Securing Urban Transportation Systems Lead PI: Prof. Jianying Zhou

A Cyber-Physical Approach to Securing Urban Transportation Systems Lead PI: Prof. Jianying Zhou

A Cyber-Physical Approach to Securing Urban Transportation Systems Lead PI: Prof. Jianying Zhou (SUTD) SG-CRC18, 28 March 2018 Urban Transportation System Security Cyber-Physical Systems Transportation Energy Water Rail Auto

493 views • 17 slides
Cyber Security Awareness Month! infosec@ucop.edu October is National Cyber Security Awareness

Cyber Security Awareness Month! infosec@ucop.edu October is National Cyber Security Awareness

October is National Cyber Security Awareness Month! infosec@ucop.edu October is National Cyber Security Awareness Month! October is National Cyber Security Awareness Month! 2 National Cyber Security Awareness Month at UCOP: 8 Important

1.04k views • 9 slides
NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security Research Scientist Oak Ridge National Laboratory Main Points Information Sharing Enable discovering and sharing information about real threats to

216 views • 6 slides
CYBER INCIDENT MANAGEMENT: NATIONAL AND REGIONAL LESSONS LEARNED HARME MOHAMED 21 OCTOBER 2015

CYBER INCIDENT MANAGEMENT: NATIONAL AND REGIONAL LESSONS LEARNED HARME MOHAMED 21 OCTOBER 2015

CYBER INCIDENT MANAGEMENT: NATIONAL AND REGIONAL LESSONS LEARNED HARME MOHAMED 21 OCTOBER 2015 MALAYSIAN COMMUNICATIONS AND MULTIMEDIA COMMISSION MCMC is both the developer and the regulator for the C&M industry, established based on:

253 views • 9 slides
Cyber Incident Management -National and Regional Lessons Learned- Masanori Sasaki Deputy

Cyber Incident Management -National and Regional Lessons Learned- Masanori Sasaki Deputy

ARF Seminar on Operationalizing Cyber CBMs at Singapore 21 22 October 2015 Cyber Incident Management -National and Regional Lessons Learned- Masanori Sasaki Deputy Counsellor, NISC, Cabinet Secretariat, Japan Our organization NISC : N

229 views • 5 slides
Cyber/Information Cyber/Information Security Cyber/Information Cyber/Information Security

Cyber/Information Cyber/Information Security Cyber/Information Cyber/Information Security

Cyber/Information Cyber/Information Security Cyber/Information Cyber/Information Security Security Insurance: Security Insurance: Insurance: Insurance: A Montana Perspective A Montana Perspective Presented by: d b Brett E. Dahl,

197 views • 8 slides
SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET - Enhancing Cyber Resilience Relation to NCSRA II SARNET | October 5th 2016 CYBER THREATS ARE EVOLVING Key trends Cyber Cyber Cyber Magnitude of

153 views • 13 slides
National Protection and Programs Directorate Office of Cyber and Infrastructure Analysis (OCIA)

National Protection and Programs Directorate Office of Cyber and Infrastructure Analysis (OCIA)

National Protection and Programs Directorate Office of Cyber and Infrastructure Analysis (OCIA) Director John Murphy Virginia Tech Science & Technology & Policy Leadership Seminar Series October 9, 2014 National Protection and Programs

374 views • 20 slides
Securing Cyber-Physical Systems: moving beyond fear Stefano Zanero, PhD Associate Professor,

Securing Cyber-Physical Systems: moving beyond fear Stefano Zanero, PhD Associate Professor,

Securing Cyber-Physical Systems: moving beyond fear Stefano Zanero, PhD Associate Professor, Politecnico di Milano Welcome to the security circus! Stefano Zanero We all like to see the attractions Stefano Zanero We all like to see the

922 views • 46 slides
Modelling the Future NAS using Multiple Modelling Agents (SWIM, FOMS, ATSCC, TMU, ATC, AOC)

Modelling the Future NAS using Multiple Modelling Agents (SWIM, FOMS, ATSCC, TMU, ATC, AOC)

ISA Software AP9-TIM Atlantic City Modelling the Future NAS using Multiple Modelling Agents (SWIM, FOMS, ATSCC, TMU, ATC, AOC) ISA Software AP9-TIM Atlantic City Genesis 1998: Interoperable model using Open Communication Interface

326 views • 16 slides
INVESTOR PRESENTATION 9M AND 3Q 2019 28 November 2019 DISCLAIMER This presentation (hereinafter

INVESTOR PRESENTATION 9M AND 3Q 2019 28 November 2019 DISCLAIMER This presentation (hereinafter

INVESTOR PRESENTATION 9M AND 3Q 2019 28 November 2019 DISCLAIMER This presentation (hereinafter the Presentation) of the Alliance Oil Company (hereinafter the AOC) was prepared exclusively for the information purposes in order

505 views • 23 slides
Gwinnett Judicial Circuit 2014 Budget Presentation Superior Court State Court Magistrate Court

Gwinnett Judicial Circuit 2014 Budget Presentation Superior Court State Court Magistrate Court

Gwinnett Judicial Circuit 2014 Budget Presentation Superior Court State Court Magistrate Court Administrative Office of the Courts MISSION STATEMENT The Georgia Constitution established the Courts of the Gwinnett Judicial Circuit to enforce

480 views • 18 slides
Accountability and Performance Reporting Presentation to Local Programs Advisory Committee

Accountability and Performance Reporting Presentation to Local Programs Advisory Committee

HB 2017 Transparency, Accountability and Performance Reporting Presentation to Local Programs Advisory Committee Sarah Chadderdon Transparency, Accountability and Performance Program Manager November 7, 2018 What does HB 2017 require? 2

314 views • 17 slides
ICANN from JPA to AoC Vanda Scartezini & Sbastien Bachollet ALAC vice chairs ICANN from

ICANN from JPA to AoC Vanda Scartezini & Sbastien Bachollet ALAC vice chairs ICANN from

ICANN from JPA to AoC Vanda Scartezini & Sbastien Bachollet ALAC vice chairs ICANN from JPA to AoC We would like to encourage you to expose your ideas on the following questions October 2009 ICANN from JPA to AoC 1. How will GAC deal

157 views • 4 slides
GLRI Success Story Areas of Concern Chad Lord Healing Our Waters-Great Lakes Coalition (202)

GLRI Success Story Areas of Concern Chad Lord Healing Our Waters-Great Lakes Coalition (202)

GLRI Success Story Areas of Concern Chad Lord Healing Our Waters-Great Lakes Coalition (202) 454-3385 clord@npca.org Great Lakes Water Quality Agreement Areas of Concern The U.S.-Canada Great Lakes Water Quality Agreement (Annex 1 of the

439 views • 28 slides
Marijuana Legislation Update Local Public Safety Coordinating Council June 13, 2017,

Marijuana Legislation Update Local Public Safety Coordinating Council June 13, 2017,

Marijuana Legislation Update Local Public Safety Coordinating Council June 13, 2017, Commissioners Board Room, Salem, Oregon Rob Bovett AOC Legal Counsel Outline 1. The 2017 Bills 2. SB 302/303 Training 1. The 2017 Bills ENACTED

414 views • 37 slides
Focused Dialogue Airfield Design 101 ASE Current Condition Non-Standard Conditions Airfield

Focused Dialogue Airfield Design 101 ASE Current Condition Non-Standard Conditions Airfield

Focused Dialogue Airfield Design 101 ASE Current Condition Non-Standard Conditions Airfield Noise and Emissions Airspace Update 1 Airfield Design 101 2 Airfield Design 101 I. Public Use Airports Subject to FAA Design Standards

409 views • 26 slides

More recommend