Avon & Somerset Police Cyber Protect Kristian Evans ± COVID19 Presentation 24 March, 2020
Avon & Som
erset PoliceC
yber Protect
Kristian E
vans –C
OVID
19 Presentation
24 March, 2020
Sources
Useful (only slightly technical) Links
ww
w.lifew
ire.com
ww
w.how
togeek.com
ww
w.ncsc.gov.uk
Background
Information –
CO
VID-19
Being safe online
Ransom
ware
Case Study
Case Study
•W
annaCry
–A
merican secret agencies being shady
like in the Bourne m
ovies
–R
ussian bad guys
–N
orth Korean bad guys
–A
n underdog British hero good guy
–..…
but maybe bad guy.
Case Study
Vulnerabilities and
Protection
Protecting Your Credentials -Passw
ords
iloveyou
1234567890
000000
password1
123123
1234567abc123
12345678
111111
qwerty
123456789
password
1q2w3e4r5t m
onkey
dragon
qwertyuiop
666666123321
654321
123456a
ww
w.howsecureism
ypassword.net
Protecting Your Credentials -Passw
ords
•A
dd complexity
•M
nisF.In2001ibmfC
•3 random
words
Protecting Your Credentials -
Has your personal inform
ation been leaked?
ww
w.haveibeenpwned.com
Protecting your Credentials -Passw
ord Managers
Two-factor A
uthentication
https://twofactorauth.org/
2FA
Mobile D
evice
•D
on’t lose•
Lock-screen•
Find my phone
–G
oogle.com/android/find
–Icloud.com
/find•
Rem
ote Wipe
•B
ack-Up
•E
ncryption•
Back-up•
2FA & passw
ord managing
•O
nly use the proper app stores
Firewalls
Software-U
pdatesA
nti-Virus
Firewalls
•Turn them
on!
Firewalls
•P
rotect Your environment!
Anti-Virus/A
nti-Malw
are
Anti-Virus/A
nti-Malw
are
Software U
pdates
Backing U
p
•File B
ack-Up
–C
loud Options
–W
indows File H
istory•
System
Imaging
Reporting
Phishing During
the Outbreak
Phishing
•The N
o.1 method of creating a victim
.
•After the initial ‘Phish’ there are a w
ide range of options open to attackers.
•Think –
Take 5
Phishing
•Techniques used to phish you in–
Urgency
–A
uthority–
Entitlem
ent–
Bullying
–C
harisma
–Trust
–R
eward
–C
uriosity
Spam em
ail
Spam em
ail
Let’s Go Phishing
Mobile Phishing
Phishing –H
ave you been caught out?
•You start getting lot of em
ails•
Unsolicited ‘Anti-Virus’ scans start cropping up
•Em
ails or phone calls from ‘M
icrosoft’•
New
browser toolbars
•R
edirection from w
ebsites and excessive pop-ups•
Messages to friends and contacts
•P
asswords not w
orking•
New
software is installed
•You’re m
issing money
•Your com
puter is a brick
Take 5
•N
ever disclose security details, such as your PIN
or full password –
it’s never right to reveal these details
•D
on’t assume an em
ail request or caller is genuine –people aren’t alw
ays who they say
they are
•D
on’t be rushed –a bank or genuine organisation w
on’t mind w
aiting to give you time to
stop and think
•Listen to your instincts
–if som
ething feels wrong then it is usually right to pause and
question it
•S
tay in control –have the confidence to refuse unusual requests for inform
ation
Working From
Hom
e
Making your hom
e cyber safe
•C
hange default passwords
•Install antivirus
•R
eview app perm
issions•
Use strong passw
ords•
Back up your data
•R
eview privacy settings for your
social media accounts
Online fraud
Being safe online
•Follow
the advice given•
Passw
ords•
Phishing aw
areness•
Create backups
•E
ncrypt data•
Don’t click links from
unknown senders
•U
se password m
anagers•
2-Factor Authentication
•Turn on A
ntivirus/Firewalls
•R
eport all cyber crimes
Summ
ary
Being safe online
•R
ansomw
are•
Phishing
•W
orking from hom
e (WFH
)•
Wider online fraud
Websites
•https://w
ww
.europol.europa.eu/activities-services/public-aw
areness-and-prevention-guides/make-your-hom
e-cyber-safe-stronghold
•https://w
ww
.lifewire.com
/•
https://ww
w.how
togeek.com/
•https://takefive-stopfraud.org.uk/
•https://w
ww
.saferinternet.org.uk/•
https://ww
w.ncsc.gov.uk/section/inform
ation-for/individuals-fam
ilies•
https://ww
w.actionfraud.police.uk/