Security for Internet Every Day Use Standard Security Practices and New Threats.

Security for Internet Every Day Use Standard Security Practices

and New Threats.

Why should you be concerned about Security??

Firewalls

•Firewalls are Standard.•No direct access.•No spreading of virus and worm.

Spam filters • Spam filters are 99.9% effective (sounds pretty

good. DIS Hosts 20,000 users. We se trends that spike as high as 6,000,000 emails a days. At 99.9% that means a possible 600 bad emails can get through.)

• Stops most Phishing attacks • Standard for just about every email service

Antivirus

• Every computer should run AV.• Stops all known threats.• Make sure updates are as often as

possible

Have I bored you enough with standard stuff???So what is the new threat and…

So, how bad is it, really?

Today’s Headlines

Zeus Trojan continues reign infecting 74,000 PCs in global botnet

• Investigators said they discovered a 75GB cache, believed to be a hacker drop site tied to the Zeus infections. The cache contained the stolen data from more than 74,000 Zeus infected systems.

Zeus attacks: Zeus Trojan hitting banking customers hard • Security experts say the customizable and readily

available Zeus Trojan is stealing banking credentials to siphon money from accounts.

• About 1.6 million infected machines make up hundreds of Zeus botnets, which target 960 banks, Mather said. Criminals have wreaked a lot of havoc with the bank Trojan's advanced capabilities, she said, citing a case reported by the Washington Post, in which cybercriminals stole $415,000 from Bullitt County, Ky., where Zeus infected the county treasurer's computer.

Phishing, Zeus Trojan technique spreads crimeware

• Researchers are tracking phishing methods that steal a victim's information and spread a Trojan designed to pilfer even more data.

• The Zeus Trojan is available for sale as a crimeware kit for about $700.. "This means that the Rock group did not need to develop new skill-sets to write Trojan horses; they just purchased it on the open market,"

Botnet platform helps cybercriminals bid for zombie PCs: Infected PCs are sold

again and again on a new platform that enables cybercriminals to buy and sell

victim's machines.

Really?

No! I mean Really!!

So how does it work?

How is it we get these bots on our systems with all the Security in place today?

• They trick you into going to a website and it downloads and installs itself on your computer. • Phishing Attacks• Web advertising• Drive by

Example of Phishing attack

Date: Thu, 25 Feb 2010 18:59:12 -0600 [02/25/2010 06:59:12 PM CST] From: Customer Support <[email protected]>To: [email protected] Subject: Confirm Order N 81201217

Your Order Id:5306951570875 Accepted.Details

Thank you.Amazon.com Customer Support

The “Details” on the is actually a Hyper-link but it does not go to amazon.com.

The link actually takes you to http://113inreig.com/part.html which will download the Trojan.

Web Advertising

Facebook, Youtube and other sites advertise for some legitimate companies.

Beware of things that want you to click on receiving a free iPhone, or iPod or free anything.

Remember nothing is really free.

Drive by

You never know you have been hit, Until it is too late.

Standard Security inefective against this Threat.

• Firewalls•Antivirus•SPAM filtering

Conclusions:

• Be careful• Pay attention to what you are doing• Do not click on emails you are not expecting• Be careful of the websites you are visiting