Awareness & Education
Computer security is the protection of computing systems and the data that they store or access. Everyone who uses a computer needs to understand how to keep their computer, data, and other electronic devices secure. Good security standards and guidelines follow the "80 / 20" Rule: 20% of security safeguards are technical, while 80% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices. The resources and links on this page are designed to provide practical, mostly non-technical information about IT security.
Spam & Phishing
Spam is the bane of email inboxes everywhere and the biggest nuisance on the Internet today. It is a challenge that is not likely to go away anytime soon. Senderbase.org reports that billions of spam messages circulate the Internet on any given day, comprising 85.46% of global email volume. With a problem this big, how can we defend ourselves?
Do you know how to spot a malicious web link? How about a malicious phishing email message? Test your phish-spotting skills from anywhere with the online phishing quiz created by OpenDNS, an Internet security & DNS services company.
Identity Theft & Protection
Identity theft is a crime that occurs when someone uses personally identifiable information, such as an individuals name, Social Security number, or credit card number without permission for personal gain. Please see the Identity Protection web page for more detailed information on how to protect yourself.
Six Simple PC Protection & Security Steps
Ever wonder what you can to do protect yourself and your computer? The ITSO has drafted a series of six simple steps to better protect you and your data.
Common Security Terms
Security terms can sometimes be confusing and can be misunderstood. Below is a list of common terms associated with security and security awareness.
A security program that can run on a computer or mobile device and protects you by identifying and stopping the spread of malware on your system. Anti-virus cannot detect all malware, so even if it is active, your system might still get infected. Anti-virus can also be used at the organizational level. For example, email servers may have anti-virus integrated with it to scan incoming or outgoing email. Sometimes anti-virus tools are called 'anti-malware', because these products are designed to defend against various types of malicious software.
These attacks exploit vulnerabilities in your browser or it's plugins and helper applications when you simply surf to an attacker-controlled website. Some computer attackers set up their own evil websites that are designed to automatically attack and exploit anyone that visits the website. Other attackers compromise trusted websites such as ecommerce sites and deploy their exploit software there. Often these attacks occur without the victims realizing that they are under attack.
Code that is designed to take advantage of a vulnerability. An exploit is designed to give an attacker the ability to execute additional malicious programs on the compromised system or to provide unauthorized access to affected data or application.
A security program that filters inbound and outbound network connections. In some ways you can think of firewalls as a virtual traffic cop, determining which traffic can go through the firewall. Almost all computers today come with firewall software installed. In addition, firewalls can be implemented as network devices to filter traffic that traverses through them.
Stands for 'malicious software'. It is any type of code or program cyber attackers use to perform malicious actions. For example, malware could be used to capture all your keystrokes or use your computer to harm others. Such malicious actions often occur without the user of the system realizing that it has been infected. Malware is a generic term and includes any type of virus, worm, Trojan or other types of malicious code.
A patch is an update to a vulnerable program or system. A common practice to keep your computer and mobile devices secure is installing the latest vendor's patches in a timely fashion. Some vendors release patches on a monthly or quarterly basis. Therefore, having a computer that is unpatched for even a few weeks could leave it vulnerable.
Phishing is a social engineering technique where cyber attackers attempt to fool you into taking an action in response to an email. Phishing was a term originally used to describe a specific attack scenario. Attackers would send out emails pretending to be a trusted bank or financial institution, their goal was to fool victims into clicking on a link in the email. Once clicked, victims were taken to a website that pretended to be the bank, but was really created and controlled by the attacker. If the victim attempted to login thinking they were at their bank, their login and password would then be stolen by the attacker. The term has evolved and often means not just attacks designed to steal your password, but emails designed to send you to websites that hack into your browser, or even emails with infected attachments.
A psychological attack used by cyber attackers to deceive their victims into taking an action that will place the victim at risk. For example, cyber attackers may trick you into revealing your password or fool you into installing malicious software on your computer. They often do this by pretending to be someone you know or trust, such as a bank, company or even a friend.
Unwanted or unsolicited emails, typically sent to numerous recipients with the hope of enticing people to read the embedded advertisements, click on a link or open an attachment. Spam is often used to convince recipients to purchase illegal or questionable products and services, such as pharmaceuticals from fake companies. Spam is also often used to distribute malware to potential victims.
Spear phishing describes a type of phishing attacks that target to specific victims. But instead of sending out an email to millions of email addresses, cyber attackers send out a very small number of crafted emails to very specific individuals, usually all at the same organization. Because of the targeted nature of this attack, spear phishing attacks are often harder to detect and usually more effective at fooling the victims.
Virus, Worm, Trojan, Spyware
Different types of malware that are based on their capabilities and means of propagation. These technical distinctions between different types of malware are becoming less relevant, because modern malware often combines characteristics from each of them in a single attack.
- Virus: A type of malware that spreads by infecting other files, rather than existing in a standalone manner. Viruses often, though not always, usually spread through human interaction, such as opening an infected file or application.)
- Worm: A type of malware that can propagate automatically, typically without requiring any human interaction for it to spread. Worms often spread across networks, though can also infect systems through other means, such as USB keys. An example of a worm is Conficker, which infected millions of computer systems starting in 2008 and is still active today.
- Trojan: A shortened form of "Trojan Horse", this type of malware appears to have a legitimate or at least benign use, but masks a hidden sinister function. For example, you may download and install a free screensaver which actually works well as a screensaver. But that software could also be malicious, it will infect your computer once you install it.
- Spyware: A type of malware that is designed to spy on the victim's activities, capturing sensitive data such as the person's passwords, online shopping, and screen contents. One popular type of spyware, a keylogger, is optimized for logging the victim's keyboard activity and transmitting the captured information to the remote attacker.
This is a weakness that attackers or their malicious programs may be able to exploit. For example it can be a bug in a computer program or a misconfigured webserver. An attacker or malware may be able to take advantage of the vulnerability to gain unauthorized access to the affected system. However, vulnerabilities can also be a weakness in people or organizational processes.
Terms Source: Securingthehuman.org
Acknowledgement: Lenny Zeltser & Ed Skoudis