Protecting Your Devices · 1. 360 Mobile Security – Free (Android, iOS) 2. Avast Mobile Security – Free (Android) 3. Kaspersky Internet Security – Free, $15/yr – (Android)
Post on 05-Nov-2020
3 Views
Preview:
Transcript
Protecting Your DevicesDr. Leon D. Chapman
1
Device Security
■ Threats to Devices■ Scams■ Passwords■ Secure your Device■ Security Apps / Solutions
2
Mobile device security threats( http://www.csoonline.com/article/2157785/data-protection/five-new-threats-to-your-mobile-device-security.html )
■ Google’s Android operating system averaged 5,768 malware attacks daily over a six-month period, according to CYREN’s Security Report for 2013.
■ Today more than 99 percent of new mobile malware is designed to target Android
■ The number of documented vulnerabilities for iOS Apple iPhone and iPads increased 82 percent in 2013
3
10 Trickiest Mobile Security Threats (Feb, 2016)( http://www.esecurityplanet.com/mobile-security/slideshows/10-trickiest-mobile-security-threats.html )
4
5 New Threats to your mobile device security( http://www.csoonline.com/article/2157785/data-protection/five-new-threats-to-your-mobile-device-security.html )
■ 1. Mobile phishing and ransomware– Using Social Engineering thru mobile apps– SMS text messages– Make people click on links– The mobile user opens an infected attachment, which locks all
files until the user pays $500
5
5 New Threats to your mobile device security( http://www.csoonline.com/article/2157785/data-protection/five-new-threats-to-your-mobile-device-security.html )
■ 2. Using an infected mobile device to infiltrate nearby devices– An infected device allows it to walk around inside the perimeter of
a company or network & have direct network access– Exploit network devices from infected mobile device
6
5 New Threats to your mobile device security( http://www.csoonline.com/article/2157785/data-protection/five-new-threats-to-your-mobile-device-security.html )
■ 3. Cross-Platform Banking Attacks– Gangs using PC malware to infiltrate mobile phones in hybrid
attacks on user’s banking accounts– Malware on user’s laptop detects when user is surfing banking
websites – “Man in browser” attack
7
5 New Threats to your mobile device security( http://www.csoonline.com/article/2157785/data-protection/five-new-threats-to-your-mobile-device-security.html )
■ 4. Cryptocurrency mining attacks– If mobile device is losing battery power too quickly and feels
overheated – might be Cryptocurrency mining malware■ Searches for digital currency – Bitcoin, Litecoin & Dogecoin■ Mostly found in Android devices
– App launches the CPU miner to connect to a dynamic domain
8
5 New Threats to your mobile device security( http://www.csoonline.com/article/2157785/data-protection/five-new-threats-to-your-mobile-device-security.html )
■ 5. The Enemy is us– In 2012, 44% of adults were unaware of security solutions for
mobile devices– In 2013, the number was 57%– Mobile malware will only increase
9
Top 7 Mobile Security Threats
1. Data Leakage– Apps get permissions and send data to remote server
2. Unsecured Wi-Fi– Always assume that Free Wi-Fi is unsecure
3. Network Spoofing– Hackers set up fake access points – “Free Airport Wi-Fi”
4. Phishing Attacks– Never click on unfamiliar email links
10
Top 7 Mobile Security Threats
5. Spyware– Malware & tracking spyware
6. Broken Cryptography– Weak encryption by app developers
7. Improper Session Handling– Apps unintentionally share tokens (e.g., Name & PW) to malicious
actors
11
What the Future Holds
■ Desktops– A role reversal is in the works– Desktops connected to mobile networks as infector of Devices
■ Bring Your Own Device (BYOD)– Mobile devices being granted more access but don’t offer same
level of security or control as desktops
■ The Internet of Things (IoT)– Smart devices (thermostats, kitchen appliances, security systems,
etc.) growing rapidly and cannot be monitored or protected adequately
12
Top 6 Online Scams1. Job Offer Scams
– Unsolicited email offering a job
2. Lottery Scams– Unsolicited email claiming you won a little-know lottery
3. Beneficiary Scams– Unsolicited email wanting to move some money around quickly
4. Online Dating Scams– Person begins asking for $$ for hardship or sickness
5. Charity Fraud Scams– After large scale disasters or tragedies – free donation sites
6. Repair Scams– Phone call from person claiming to be from Microsoft
13
Why Use a Password (PW) Manager?■ 1 in 10 people have had identity stolen
– Account security should be at top of your list■ More than 76% of adults memorize their passwords
– Prone to memory loss & cross-account compromises■ About 9% use sticky notes or notebook
– Not electronic, not secure or very portable■ About 6% use text files with URLs, Username & PWs
– Not secure or accessible everywhere
■ Why Use a PW Manager?
14
Password Stats( http://www.komando.com/tips/369813/why-ilovefreshsashimituna-is-a-great-password/all )
■ 14% of people only use one password for all accounts■ 36 percent reuse passwords across different accounts■ 12 percent make slight changes to their passwords■ 38 percent create new, strong passwords for each account■ 10 percent of people use a password that's less than eight letters
long and■ 12 percent say they don't create a complex password with numbers,
symbols, and upper- and lower-case letters.
15
Use more complicated forms of authentication
■ Massive Yahoo breach compromised 500 million users■ White House urges you to use more Stringent online security
measures– http://www.komando.com/happening-now/374810/white-house-urges-you-
to-lock-down-your-login?utm_medium=nl&utm_source=notd&utm_content=2016-09-29-article-title
■ Recommend using 3rd, 4th & 5th form of authentication■ Several banks are starting to use one time code■ Recommend using biometrics authentication
16
Managing PWs Do’s & Don’ts
17
Hint: you should use a random generated PW like: AUiLjLP[U3bs^8QNo pronounceable words, use upper, lower, numbers & special characters – 15 characters
How Big is Your Haystack?( https://www.grc.com/haystack.htm )■ Every PW can be thought of as a needle in a haystack
– Which PW is stronger?■ D0g.......... (this is 13 characters) – 95 times longer to break■ PrXyc.N(n4k7 (this is 12 characters)
■ Brute Force Calculatorhttps://www.grc.com/haystack.htm
■ Rockyou.com loss of 32 million passwords – most common
18
Top Ten Reviews of PM for 2016https://tinyurl.com/cjcajg
19
The ones that I use
Top 10 ways to secure your mobile phone( https://blog.malwarebytes.com/101/2016/09/top-10-ways-to-secure-your-mobile-phone/ )
1. Lock your phone with password or fingerprint2. Consider Encrypting your data3. Set up remote wipe4. Back up phone data5. Avoid 3rd party apps or read reviews & choose
20
Top 10 ways to secure your mobile phone( https://blog.malwarebytes.com/101/2016/09/top-10-ways-to-secure-your-mobile-phone/ )
6. Avoid Jailbreaking a phone7. Update OS often, Charge your phone, clear out space, install updates right away8. Be wary of social engineering scams9. Use public Wi-Fi carefully – use with a VPN app10. Download anti-malware for your mobile device(Anti-Malware Mobile for Android devices– Malwarebytes)
21
Security Apps for Mobile Devices
■ McAfee Mobile Security for Android■ Norton Anti-Malware 2017 – PC, Mac, Mobile devices■ Kaspersky Total Security – PC, Mac, iPhone, iPad &
Android devices■ Apps mostly for Android Devices■ Apple Devices inherently more secure than Android
Devices
22
10 Best Security & Privacy Apps for Smartphones & Tablets( http://www.makeuseof.com/tag/security-software-smartphone-tablet/ )
1. 360 Mobile Security – Free (Android, iOS)2. Avast Mobile Security – Free (Android)3. Kaspersky Internet Security – Free, $15/yr – (Android)4. Linphone – Free (VoIP calls) (Android, iOS, W10 Mobile)5. Telegram – Free (Messaging) (Android, iOS, W10 Mobile)
23
10 Best Security & Privacy Apps for Smartphones & Tablets( http://www.makeuseof.com/tag/security-software-smartphone-tablet/ )
6. SafeTrek ($3/mo) - (Android, iOS)Turn phone into personal safety devicea. Hold down SafeTrek button, enter PIN, if you don’t SafeTrek auto calls
police & sends GPS locationb. 30 day free trialc. Must-have app that will change your life?
7. Prey (Free, $5/mo) - (Android, iOS)a. Locates your device, send alerts & wipe device remotely
24
10 Best Security & Privacy Apps for Smartphones & Tablets( http://www.makeuseof.com/tag/security-software-smartphone-tablet/ )
8. Cerberus ($4/yr) (Android)a. Anti-theft solution
9. Hotspot Shield VPN (Free, $30/yr) (Android, iOS, W10 Mobile)a. Reputable paid VPN service – quality, no bandwidth limits, better support
10.CM Security AppLock (Free) (Android)a. Must Install Android Security Appb. Lock down certain features – mobile data, Wi-Fi, Bluetooth, specific apps, etc.c. Failed unlock takes picture of intruder and emails picture
25
Norton by Symantec example
26
Webroot products
27
Kaspersky Total Security
28
What Questions Do YouHave For Me?
29
top related