ABC of Digital Security

Marek Suczyk
April 13, 2011
Cyberworld

Source: www.sxc.hu

2
Cyberworld

United States
» 239,2 mln Internet users (77,3% of the American population)

90%
80%
70%
60%
50%
40%
30%
20%
10%
0%
2000 2005 2007 2010

Source: http://www.internetworldstats.com; July 1, 2010

3
Cyberworld

Poland
» 22,5 mln Internet users (58,4% of the Polish population)

70%

60%

50%

40%

30%

20%

10%

0%
2000 2005 2007 2010

Source: http://www.internetworldstats.com; July 1, 2010

4
So, what? What does it mean for me?

5
Two worlds

Source: www.sxc.hu

6
Am I secure?

Your system is as strong as its weakest link

Kevin Mittnick said:

„I didn’t break systems, I broke people.”

7
Internet threats

8
1. Malicious software (malware)

Infectious malware
» Computer viruses
» Computer warms

Concealment
» Trojan horses
» Backdoors

For profits
» Spyware
» Keystroke logger
» Dialer, etc., etc...

9
Hackers or criminals?

90’s
» Hacking for fun, entertainment and recognition
» Internet hooligans

Today
» Well organized and managed groups
» Often politycally motivated
» Earning huge amounts of money

10
2. Phishing

11
and fake landing page

Typosquating
» Original page: www.millennium-online.pl

» Fake landing page could be:

– www.milennium-online.pl (one ‘l’)
– wwwmillennium-online.pl (w/o dot)
– www.millennium-0nline.pl (zero instead of ‘o’)
– Etc.

12
3. Naivness

259 723 visits in 6 months

409 „victims”
...with an investment of 17 Euro
13
4. Virtual friends

Do you know who on the other side is...?

14
5. Social networking

15
Golden rules

Use recent updates of your OS and security software

Do NOT turn off your self-preservation instinct

Behave like in your real life

Know what you do, know where you are

Have a limited trust for a „virtual friend”

Remember that you are not anonymous on the Internet

ENJOY the Internet but be aware of what can happen

16
Digital format threats

17
Methods of physical data transport

18
Electronic cards

Source: www.sxc.hu

19
How to make a counterfait card?

20
Or buy it?

American credit card

» with CVV $2.11
» w/o CVV $0.53

Non-american cards
» with CVV $2.64
» w/o CVV $1.06

Source: CERT report 2010

21
Golden rules

Protect your digital data carriers

Use PINs and passwords where possible

Protect your PINs and passwords well

Encrypt data where possible

22
End of the life-cycle of your computer

23
Kroll Ontrack experiment

Purchase of 100 used hard drives on the Internet

Data Recovery

Found:
» 118 documents with confidentiality clause
» 18 364 personal data records
» 3 complete marketing strategies
» 12 company budgets
» 687 various business contracts

24
Do you use a shredder?

25
Do you really delete your computer data?

„Delete” does NOT erase your data

System Format does NOT erase your data

Reinstallation of your Operating System does NOT
erase your data

Hammer does NOT
delete you data...

26
Golden rules

Use professional software to delete your sensitive data

Use a degausser to destroy your hard drives
effectively

27
Questions?

28
 THANK YOU

Marek Suczyk
Managing Director at Kroll Ontrack Poland

29