Last Friday I attended a cybersecurity event at University of Minnesota co-hosted by the Department of Homeland Security. It was a combination Public Service Announcement, FBI/Secret Services/Homeland Security job fair and cybersecurity discussion. (You can get more info on the event and the PSA aspects on the Stop Think Connect website.)
I’m going to start with the finish of the day when the moderator (Massoud Amin) asked a panel of distinguished panelists (Angie Curry, Brian Isle, Mark Ruchie, Lieutenant Colonel Kenneth Kasprisin and Steve Kelley) what they thought attendees should do as a result of attending the session in terms of improving their security and/or promoting community-wide security.
There were a couple of themes….
- The US is not on the leading edge of security – although some countries still seem to think that we might be. It would be nice to have a more concerted security effort – but one issue is that security – even just cybersecurity crosses so many departments.
- While it seems as if we’re pretty far behind and I wasn’t getting the feeling that our situation was on the mend – there is a push to educate users and administrators. The conference itself was a demonstration – but the attendees also seemed focused on this mission. Other attendees, including corporate IT directors, were interested in programs that would help train staff on security measures at work but seemed equally interested in making sure folks used the skills at home as well.
- Folks seemed to feel as if we’re in this security game together. That we’re only as strong as the weakest link and that breeches spread like wildfire.
- Security often comes down to human error – or maybe human weakness. People open links they shouldn’t, download software they shouldn’t, transmit info via insecure wires networks. Sometimes that’s because people can be gullible; sometimes that’s because hackers can be good and persistent. Administrators don’t keep up on updates or take the time to shut all security doors and windows.
- Smartgrid might be a place to start really doing things right. If we can do Smartgrid security well, we could become leaders again.
There were also some interesting tidbits…
- Minneapolis ranks 7th in the top 10 riskiest online cities.
- Cybercrime has surpassed drugs trafficking as money-maker.
- In 2010, 24 Hours: Unplugged – a study where they asked students to unplug for one full day – studnets presented like addicts.
- Social Media is a tool for over-sharing. Giving out too much info lets criminals in the real world know when you are most vulnerable.
- Library of Congress is cataloging all Tweets right now.
- Be careful of cyber predators – if you divide the number of your Facebook friends by 11, the resulting number is the real number of friends you have in life.
- In 2010 the Secret Service arrested more than 1,200 suspects for cybercrime violations – involving more than $500 million in actual fraud and loss. Average cost of a breach is $5.7 million.
- 92% of successful attacks are not difficult to implement – or thwart.
- Most business do not know that their files have been stolen – they are told by government agencies
- Cloud Computing – it’s a huge issue. There are multiple aspects. Hackers can hide in the cloud. The bigger concern is what happens when businesses move everything into the cloud. And what happens when the business outsources support – we don’t know where that info resides, especially if it’s in another country. We don’t see much activity there now.
Finally there were some suggestions and tips..
Things you need to do create your online identity
- Set-up privacy restrictions
- Think about your future
- Never use the same password twice
Anatomy of Nation State Attack
- Establish an attack infrastructure (tools, methods, techniques)
- Conduct recon on target
- Draft a spear-phishing email
- Compromise the end-pint
- Obtain valid credentials
- Map of victim’s network
- Set up hidden director for data capture
- Compress/encrypt data for transfer
What may your cell-phone reveal?
- Weekday GPS track for 3 months
- Patterns of life
- Usual places and visits
- Rare place and rare visits (find anomalies)
- Don’t want to be followed? Turn off your GPS.
Infragard – http://www.infragard.net/ InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sector.
Countermeasures – What can you do to protect yourself and your network
- Firewall & Antivirus
- Lock Browser (browse smart)
- Stay current (Software/security)
- Separate Powers (admin vs user)
- Encryption (PGP, GPG, TrueCrypt)
- Process Controller
- TCP View – Sysinternals