Cyber Security

Cyber Security is important to Stafford Capital Partners.

Data from our clients and from our investments is too valuable not to secure.

Three principles guides our regulatory responsibilities: 

  1. Protection
  2. Accountability
  3. Excellent Service

We approach cyber security in a similar capacity. 

The aim of this Stafford e-learning course is to:

You course Starts Here: How do we administer our information technology?

How do you administer information technology with integrity?

We administer information technology with integrity by: 

Proactively employing the following:

  • firewalls enabled on servers and each primary user device (laptops and desktops);
  • remote maintenance tools to deploy antivirus, malware scans, and system patches;
  • compliance testing and monitoring computers, network, and devices; 
  • incident response protocols to respond and react to issues, bugs, and vulnerabilities.

Planning for a security framework:

  • to establish secure computing standards;
  • to develop a secure baseline for our computing environment;
  • for ongoing monitoring to maintain security and ability to react to risks.

 

True or false?

  • We do not need to properly administer our computers, network, and devices.
  • Being proactive means having: firewalls, remote maintenance tools, compliance testing and monitoring, and incident response protocols.
  • Ongoing monitoring is not required for security maintenance and risk mitigation.
  • Proper IT administration means being proactive and ensuring a strong security framework.

Second Here: We have a firewall on our network and anti-virus, is that enough?

Understanding Firewalls and Antivirus Software

Base requirements for a secure network are:

  1. firewall; and
  2. antivirus software.

Having both a firewall and an antivirus solution is like locking your doors and windows, then arming the alarm system on your home

Firewalls

A Firewall is either a software utility or hardware device the controls data flowing in and out of a network or a computer's connection to/within a network.

In a sense a firewall is a gatekeeper, allowing only safe data to pass and flow. 

Antivirus

  • Antivirus software should be on every computer in our network.
  • Antivirus software is software developed with the purpose of detecting, stopping and removing malicious applications or scripts before they can do damage to your files and data.  Malicious applications or scripts may have made their way to your computer through either email, your web browser, or physical storage media like a USB thumb drive or DVD.
  • Antivirus applications typically use two (2) common methods to detect and eliminate suspicious programs:
  1. identifiable signatures: Every program possesses unique characteristics that can be compiled to create a distinct "signature" or "definition" for that program. The definitions of known malicious applications are maintained in databases by antivirus software developers. These databases are referenced by that software to identify, arrest, and remove malicious programs from an infected computer. Definition databases are updated as new threats are identified. As such, it is important that an antivirus application be allowed to obtain current definitions on a regular basis;
  2. heuristicssome antivirus products identify patterns in a program's execution which are tell-tale signs of malicious activity. This method of detection is still imperfect and safety requires everyone to be alert for potential threats.

True or False?

  • A firewall and antivirus software are base requirements needed to secure a network.
  • A firewall is a piece of bullet proof glass employed to prevent your computer screen from being damaged.
  • A firewall and antivirus together can be compared to locking your doors and windows, then arming the alarm system on your home.
  • An antivirus program is used to prevent your computer from catching the flu.
  • Malicious scripts can make their way through your email, your web browser or through removable media.

A Firewall aids in security because it...

  • allows administrators to control traffic in and out of the network.
  • is a weapon.
Which one of these statements applies?

Antivirus in the context of information technology security...

Complete / match the start of a statement on the left with the rest of a statement on the right. 
  • One way to detect malware is...
    ...through databases matching a malicious program's "signature" or "definition".
  • "Heuristics" is a way some antivirus products work by...
    ...identifying patterns in a program's execution which are tell-tale signs of malicious activity.
  • An antivirus application must...
    ….always have current definitions through regular updates.

What are the typical ways that a firewall or antivirus is made vulnerable?

A firewall or antivirus is made vulnerable when...

  1. Antivirus definitions get out of date by failure to update signatures
  2. Computers do not have operating system and/or application updates applied
  3. Custom malware is installed via email "phishing" attacks
  4. Passwords are disclosed to unauthorised persons (aka spearphishing)

True or False, a firewall or antivirus is made vulnerable when...

  • definitions are out of date
  • operating systems or application updates are not applied
  • you install a web browser
  • you install antivirus software
  • passwords are disclosed to unauthorised persons

What are the ways to augment the firewall or antivirus systems?

Through our remote maintenance tool installed on Windows machines, we augment these basic levels of system security with:

  1. Proactive security technologies such as real-time continuous threat scanning
  2. Periodic vulnerability scanning
  3. Event correlation through log monitoring 

Fill in the blanks for why we augment our firewall and antivirus security...

Through our   installed on Windows machines, we   these basic levels of system security with:

  1. Proactive security technologies such as   
  2. Periodic  scanning
  3. Event correlation through  

Third Here: Is having antivirus sufficient security from email based attacks?

What is Crypto-Locker?

Crypto-Locker and its derivatives are a variety of malware called ransomware.

  • Ransomware is a form of attack designed to block access to a computer or files until a ransom is paid.
  • Crypto-Locker specifically blocks access to data by encrypting files and data with strong AES Encryption, making it impractical to decrypt by other means.

We know that antivirus and anti-malware programs use either signature based identification or complex heuristics to identify and stop malware before they can do any damage.

The installation of malware such as Crypto-Locker occurs by fooling users into giving the installation programs permission to proceed.

This malware is typically deployed by an legitimate user logging in to their computer, then downloading and executing a "safe" program that then encrypts all files in the background

There are untold thousands of variants each with unique signatures already out there damaging files and readily deployed. 

Crypto-Locker is an effective form of attack because...

  • it encrypts one's data and is effectively deployed when a recipient is fooled into installing it, sometimes by a step as simple as a double click of a mouse.
  • it's name when audibly pronounced is pernicious enough.
  • it's a weapon of choice by technology crackers.
Choose one option

Match the keys...

Complete the sentences by matching items on the right to the left
  • Crypto-Lockers is a type of...
    ...Ransomware.
  • Ransomware is a form of virus designed to...
    ...block access to a computer or files until a ransom is paid.
  • DO NOT...
    ...pay a ransom to unlock your files.
  • Crypto-Locker blocks access to data by...
    ...encrypting files and data with strong AES Encryption.

True or False?

  • You should pay a ransom to unlock your files.
  • Crypto-Locker uses strong AES Encryption.

What's the best form of defense?

The best defense against these types of malware is:

  • awareness /education
  • vigilance
  • effective backup and recovery policies

Fill in the blanks for the best defenses

The best defense against these types of malware is:

  • effective policies

Follow this employee through his scenarios

After cycling through conversation click Submit to go the next screen...

Lastly Here: What good are passwords?

Why are passwords important?

Password security is a critical to an effective system and for ensuring data security protocols

A password can be thought of as a "key" to access your account and the resource permissions associated with that account. 

Much like a physical key you cannot recover it once it has been shared. The only way to restore security after a password has been shared is to reset the password. This is much like changing the locks to your house. 

Because passwords control access to your user account and its permissions, passwords not only act as key but can often be perceived as an identity:

  • If your password is used to unlock something, YOU are the one who has unlocked it.
  • Your password is the key to all the rights YOU have on that website, computer or network.
  • Your password controls rights that are granted only to YOU at login.

A password...

Complete the sentences by matching the part of the sentences on the right to a part of the sentence on the left
  • carries with it...
    ...a perceived notion of identity.
  • is critical to...
    ...an effective system and for ensuring data security protocols.
  • controls access to...
    ...all the rights YOU have on that website, computer or network granted only to YOU at login.

What is a strong password?

  1. Should be long and complex as possible.
  2. A password consisting of a combination of letters, numbers, and special characters that may form words or a phrase.

 

A strong password

  • is long and complex.
  • a combination of letters, numbers, and special characters that may form words or a phrase.
  • is simple.
  • is given to someone else for safekeeping.

Why do I need a strong password changed every so often, it's a long one anyway?

Common attacks against password systems are nothing more than customized password guessing exercises

Attackers setup automated systems with specifically designed dictionaries consisting of hundreds of millions of password possibilities. 

These dictionaries are customized for the attack using employee social media information and the company website

It is important to ensure that you periodically change your password, ensuring that it is memorable but unpredictably different from the previous version. 

Have a quick read of this article for the merits of creating a password from a combination of four random common words, which apparently is hard for a computer to guess.

Link to article:

 https://www.washingtonpost.com/news/wonk/wp/2015/10/22/these-researchers-have-discovered-the-perfect-password-thats-also-easy-to-remember/

Which one appears to be a strong password?

  • HELLOWorld
  • Correcthorsebatterystaple
  • catdog123ABC

What are ways to augment strong passwords?

Secure account access can be augmented through the use of two-factor (or multi-factor) authentication systems.

In addition to the customary username and password, these systems require the user to enter a randomly generated number or PIN, provided to a device that is presumably in the user’s possession.

While not foolproof, these technologies greatly enhance the security of user authentication. The PIN might be generated through a specialized security fob or provided through an app on a user's smartphone.  In the absence of either the PIN could be provided through an automated calling system that dictates the PIN code.

 

Another way to augment a strong password is by using a password (keeper or vault) application service to both generate and store your passwords. 

Fill in the blanks for this type of authentication...

Secure account access can be augmented through the use of  (or multi-factor) authentication systems.

In addition to the customary username and password, these systems require the user to enter a generated or PIN, provided to a that is presumably in the user’s possession.

True or False?

  • A password application (keeper or vault) can store passwords.
  • there is NO way to augment a long and complex password.
  • Multi-factor authentication may require a code sent to a user's mobile device.

Practical ways to keep passwords secure?

  1. Don’t put your password on a sticky note on your monitor.
  2. Don’t keep your password on a piece of paper at your desk.
  3. Don’t use the same password for more than one site/purpose.
  4. Do use a password manager, keeper, or vault application.

THANK YOU

Thank you for completing this course on Cyber Security. 

If you want to find out more about what each of the Regulators in Australia, United States of America and United Kingdom have expressed on Cyber Security, then follow these links:

We encourage you to approach your local IT support person about how they can ensure your system's integrity.

Your local IT might be Nigel, Phil, James or Tom. Ask Dom about who you might approach for help. 

Lastly, please keep a look out for any other training sessions on IT.