How to protect your data
How to protect your data
Internal
Employees
▪ Accidental
▪ Deliberate
▪ Coerced
External
Hackers
Espionage
Hacktivists
User Threats
Phishing
Spear Phishing
Privileged Account Management
Theft of Credentials
▪ Increase Account Privileges
Usually a pre-cursor to an attack
Application Threats
Website/Cloud
▪ SQL Injection
▪ Exploiting known threats (unpatched software)
On Site Software
▪ Out of date Operating System (OS)
▪ Unpatched Software▪ OS, MS Office, PDF software, Java software, Adobe Softwarte etc
Infrastructure Threats
BOT NETS –A collection of compromised computers put to work by hackers to provide increased computing power
DDOS – Distributed Denial Of Service – Imagine thousands of computers trying to get information from your company website – the site would crash
Any Computer is attractive to hackers if they can add it to a Bot-Net, if it has sensitive information on it all the better to steal or blackmail you with.
American Superconductor, a software developer for wind turbines.
The company once was turning over almost half a billion a year but almost went out of business after entering a contract with a government-owned Chinese wind turbine manufacturer, Sinovel.
Owner of American Superconductor, Daniel McGahn, discovered a version of its latest, unreleased software being used on a turbine in China. Despite doing everything possible to keep its source code off the internet it was discovered that the Chinese company turned one of McGahn's employees by offering him money, women and an apartment in return for the full operating code.
To make matters worse, when McGahn decided to sue Sinovel for $1.2bn (£840m) and hire a computer security firm to investigate the case, his firm claims the Chinese company hacked the company's system to see what course of legal action it was taking in order to get a leg-up in proceedings.
This State Sponsored Group work extended office hours but have a 2 hour lunch period.
How do we know?Because American, British and other Intelligence Services have identified the building they work from and who the many of them are.
RANSOMWARE
Locky, Xorist, CryptorBit, Cryptolocker
▪ Results in files on your any connected (even networked or cloud) hard drive being encrypted.
▪ At a set point in time during the process you are informed of a time limit and cost to BUY the encryption key.
▪ Typical cost 1 – 5 Bitcoins▪ 1 Bitcoin is currently around £862 (April 2017)
The BadBlockRansomware screenshot below requests 2 bitcoins for the key – about £1724
On 10th May 2017 a new ransomware attack hit the NHS and thousands of organisations globally.
A blogger by the name of Marcus Hutchins found a way around the Ransomware but within 24 hours a new version was released that bypassed the discovery made by Hutchins.
Hack your Computer Search for Access to Suppliers▪ Website Portals using your credentials
▪ eMail addresses for Spear Phishing Attacks
Search for Access to Clients▪ eMail Addresses for Phishing Attacks
▪ Financial data▪ Credit Cards, Debit Cards
Your banking data If nothing else then add you to Bot Net
Understand the Risks for You/Your Company
Cyber Essentials – More soon
Use a good professionalAnti-Virus
SOPHOS
COMODO
Keep your software Up to Date
Operating Systems
3rd Party Applications (Office, Adobe, Java etc)
EVERY DAY BASICS for EVERYONE – Home Users & Businesses
Hardware U. T. M. Firewall Endpoint Security The Best Malware Software – More soon Recognised Procedures Trained Staff Cyber Awareness Culture Advice and Rapid Support
IDEAL SOLUTION – STARTING POINT FOR BUSINESSES
https://www.watchmanitsecurity.com
Information
Products and Advice
PODCASTS
Watchmanitsecurity.com
Firewalls
Anti-Virus
Heimdal Software
Thank you for joining in