Week 12

Summary of the Blog:

             This paper summarizes the topics that were covered for Information security class’s blog. All the topics that we see are more related to protecting your computer system from hackers, virus, and many simple but effective tips to protect from it. To sum it up, the whole blog is divided into sections which includes weeks that tells about data breach (week 10 and week 4) that happened recently, some weeks explains what threats are and some of the common hardware failures (week 6 and week 8), some weeks includes tips or measures to protect from threats (Week 7), software vulnerabilities (week 6, week 5, week 3, week 2), hardware failure (week 8) and some weeks explains about the InfoSec certifications that will boost your career (Week 9, week 11).

It is very important to keep update about the security news and security product in the market because threats are always changing. Hackers are always using different measure to get access to the system and it is an ongoing process. If we know one way to solve the threats then hackers will come up with another way to steal information. Recent example includes Jimmy John’s Reports Data Breach at 216 stores on July 30, 2014(Week 4). It is believed that the hackers have gathered personal information like cardholder’s name, verification code and card’s expiration date but believe that other information was not stolen. Jimmy John’s didn’t knew until late September that theirs system has been hacked. They believe it was hacked in between June 16 and September 5. This gives us a clear idea that security issues are an important part of information system. Security professionals working for such company should be knowledgeable and keep update on their system.

Similar data breach happened to an energy industry, Telvent Canada LTD (Week 10). On Sept. 10, 2012 it learned of a breach of its internal firewall and security systems. It is believed that the attackers installed malicious software and stole project files related to one of its core offerings- a product that helps energy firms mesh older IT assets with more advanced smart-grid technologies. Later report said that it was linked to Chinese hacking group known as Comment Group. This also tells us that hacking is not only limited to within a border or within a country. It can be hacked from anywhere in the world. This means we are more vulnerable to threat than ever.

Weeks 6 give information on software vulnerabilities and give information about vulnerabilities that are attached to some of the common applications that we use. Some of them includes Microsoft’s Internet Explorer had 218 vulnerabilities with 11% of installed program unpatched. Likewise Oracle Java 7 had 145 vulnerabilities and 42% of installed programs unpatched. Also, Apple QuickTime 7 had 11 vulnerabilities and 33% of installed programs unpatched while Adobe Reader 10 had 21 vulnerabilities and 23% of installed programs unpatched. Keeping update about the patches is a complex task, given the number of endpoints and applications at work in today’s computing environment and there are millions of vulnerable machines out there. We must be prepared to identify, and take appropriate actions. larger the attack surface, the larger the risk and consequently the more complex and challenging it is to solve incidents and avoid the consequences of a successful breach.

On week 8 explains some of the common threats and some of the common threats that we see are

  • Compromise to intellectual property
  • Deviations in quality of service from service providers.
  • Espionage or trespass
  • Forces of nature
  • Human error or failure
  • Information extortion
  • Sabotage or vandalism
  • Software attacks
  • Technical hardware failures or errors
  • Technical software failures or errors

Week 7 explain some practices to overcome those threats. I have included some of the practices for threat Protection. It includes some of the basic knowledge but very effective to protect from Threats. Some of them includes block access to web ports and scan traffic, Control outbound content as well as inbound, educate users about the dangers and safe use of social networking websites, encrypt sensitive data, review mail security and gateway blocking.

Week 3 and week 5 gives some tips on protecting your iOS 8. Apple has put together a handy info graphic listing in iOS 8 security tips. It keeps your password safe using your preferred browser and protect the password using Touch ID. Another security feature includes send last location, which is similar to features in lockout security for Android. It enables you to know your current location just before the battery dies out. Dash lane recommends scanning your fingerprint from different angles, making it easier for touch ID to recognize you. Week 2 features includes push notifications, which are messages that show up prominently on iPhones and iPod’s, when someone tries to change the password for their iCloud account, upload their backup account data to a new device or log into their accounts for the first time from an unknown device.

Week 8 talks about the some technical Hardware Failure. Hardware failure or errors are one of the key reasons for failure of a company. It includes some of the hardware errors are memory Errors, System Timing Problems, Resource Conflicts, and power loss.

Week 9 talks about FAIR (Factor Analysis of Information Risk). It is an Industry risk model for information security and Operational Risk. FAIR model specializes in financially derived results tailored for enterprise risk management. It has been widely accepted and used within the finance, Government, Healthcare and retail industries. Week 11 talks about advantages of getting professional InfoSec certificate to help boost your resume. It is always an advantage to have certification on your resume. It tells the recruiter that you have spent time and money and actually know the stuff.

Week 11

Get Certified

          We have always heard people saying bigger, the better. For example. car, house, money, and so on. Among those is the education. Higher the level of education, better opportunity you have in terms of job market, salary range and respect in the society. Among different platform of education, certification plays a vital role. “My opinion is the more certified you are, the more marketable you are. You can prove you know more because you have those certifications.” Says Irvine. Irvine is a CIO of IT consulting firm Prescient Solutions and member of the National Cyber Security Task Force.

It is always good to have certification in your resume. It shows that you have put your time and spend money on it. Matter of fact, many of today’s information security certifications require much hands-on application of skills such as Certified Advanced Security Professional (CASP), which requires candidates to configure firewalls and routers and perform other security-related tasks as part of the test.

For some jobs, obtaining a particular security certification-whether for information Security or physical security is prerequisite for even being considered for that position. In that case, you are one step ahead from rest of the candidates.

Certifications are a proof to show your employees that you already know stuff. Security professionals for any company look into other factors like the work experience, educations, and hands-on training. A blog is a great way to sell yourself. A blog tells a lot of things about you than resume.

There are lot and lot of infosec certification in the market today. Choosing one that best fit you and your career goal is very important. It is always better to consult professionals before choosing which one is better because it requires lot of your precious time , hard work as well as money.

So Get certified and make your resume look better.

 

Reference:

Paul, L. (2013, April 1). How valuable are security certifications today? Retrieved November 10, 2014, from http://www.csoonline.com/article/2133085/security-leadership/how-valuable-are-security-certifications-today-.html

 

Week 10

A leading Energy industry hacked by Chinese Group

              An energy industry, Telvent Canada LTD, was hacked and disrupt the operations in the United States, Canada and Spain. Experts say digital fingerprints left behind by attackers point to a Chinese hacking group tied to repeated cyber-espionage campaigns against key western interests.

On Sept. 10, 2012 it learned of a breach of its internal firewall and security systems. It is believed that the attackers installed malicious software and stole project files related to one of its core offerings- a product that helps energy firms mesh older IT assets with more advanced smart-grid technologies.

According to the company’s comment, in order to be able to continue to provide remote support services to our customers in a secure manner, we have established new procedures to be followed until such time as we are sure that there are not further intrusions into the Telvent network and that all virus or malware files have been eliminated.

Joe Stewart, director of malware research at Dell Secure Works and an expert on targeted attacks, said the Web site and malware names cited in the Telvent report map back to a Chinese hacking team known as the “Comment Group”. In July, Bloomberg News published an in-depth look at the Comment Group and its many years of suspected involvement in deploying sophisticated attacks to harvest intellectual property and trade secrets from energy companies, patent law firms and investment banks.

 

Reference:

“Chinese Hackers Blamed for Intrusion at Energy Industry Giant Telvent.” Krebs on Security      RSS. 26 Sept. 2012. Web. 6 Nov. 2014. <http://krebsonsecurity.com/2012/09/chinese-    hackers-blamed-for-intrusion-at-energy-industry-giant-telvent/>

Week-9

What is FAIR?

         Every business is at risk to a certain level. AS Information security professionals, we are tasked with ensuring that our business’s information is protected. We need a method of determining how much risk exists and what is an appropriate level of resources in order to protect business. One of the popular and standard frameworks for analyzing information risk is FAIR.

       FAIR (Factor Analysis of information Risk) is an industry standard risk model for Information security and Operational risk. FAIR model specializes in financially derived results tailored for enterprise risk management. FAIR has been widely accepted and used within the Finance, Government, Healthcare and retail industries.

The outcomes are more cost-effective information risk management, greater credibility for the information security profession, and a foundation from which to develop a scientific approach to information risk management.

FAIR allows organizations to:

  •  Speak in one language concerning their risk
  •  Consistently study and apply risk to any object or asset
  •  View organizational risk in total
  •  Challenge and defend risk decisions using an advanced risk model
  •  Understand how time and money will impact your security profile

 

Reference:

Exploring F.A.I.R (Factor Analysis of Information Risk). (2009, January 29). Retrieved October 30, 2014, from http://www.infosecramblings.com/2009/01/28/exploring-fair-factor-analysis-of-information-risk/

What is FAIR? (n.d.). Retrieved October 30, 2014, from http://www.cxoware.com/what-is-fair/

 

 

 

Week 8

Technical Hardware Failure

Threats are changing all the time. Project team should keep on updating their project for various reasons where threats are among one. Each identified threat must be further examined to determine its potential to affect the targeted information asset. This helps to understand threats and their potential effect. There are various types of threats which includes

  • Compromise to intellectual property
  • Deviations in quality of service from service providers.
  • Espionage or trespass
  • Forces of nature
  • Human error or failure
  • Information extortion
  • Sabotage or vandalism
  • Software attacks
  • Technical hardware failures or errors
  • Technical software failures or errors
  • Theft

Hardware failure or errors are one of the key reasons for failure of a company. In April 15, 2014, a network hardware failure lead to a major outrage that crashed most of the Commonwealth Bank’s network around the country. Investors who used the bank’s CommerSec share-trading platform complained that it was down early in the day affecting business (ABCNEWS). This is just an example that shows hardware failure can lead to a bigger loss in revenue and customer appreciation.

Hardware stores your main programs and data. It is the hardware whose failure hurts the most. Sometimes, it may cause permanent data loss, and some of these can rather hard to figure out. Some of the hardware errors are:

 

  • Memory Errors: With so many Systems today runs without error detection or correction on their system memory, there is a chance of memory error corrupting the data on the hard disk. It is rare but it does happen. It is always good to keep eye on the system periodically.
  • System Timing Problems: Setting the timing for memory or cache access too aggressively or using hard disk interface transfer mode that is too fast for the system or device can cause data loss. This is something that is not taken seriously until something happens.
  • Resource Conflicts: Conflicts resulting from peripherals that try to use the same interrupt requests, DMA channels or I/O addresses, can cause data to become corrupt.
  • Power loss: Losing power at the wrong time, such as when you are doing sensitive work on your hard disk, can easily result in the loss of many important files. Precautions should be taken when backing up your system.

 

Reference:

“Hardware Failure.” Hardware Failure. N.p., n.d. Web. 21 Oct. 2014. <http://www.pcguide.com/care/bu/risksHardware-c.html&gt;.

Jandan, Michael . “Network hardware failure behind Commonwealth Bank outage.” ABC News. N.p., 15 Apr. 2014. Web. 21 Oct. 2014. <http://www.abc.net.au/news/2014-04-15/commonwealth-bank-customers-hit-by-electronic-banking-outage/5391366&gt;.

 

Week 7

Best Practices for Threat Protection

 

Protect your network against ever-growing body of Threats. Simple steps can save you lot of time and money. Some of the practices you can implement are:

 

  • Block access to Web Ports and scan traffic:

Use of web is increasing rapidly so is the Threat and malware. Attackers take advantages by injecting malicious code into legitimate websites. This web-based malware then uses social engineering tactics or browser vulnerabilities to infect visitors stealing confidential data.

 

  • Control outbound content as well as inbound:

Human error, carelessness, or lack of data security can lead to a disaster to an organization. Most companies’ firewalls are set up to block incoming traffic, but data is sent off network on computer ports like HTTP, IRC and SMTP.

 

  • Educate users about the dangers and safe use of social networking websites:

Social networking sites like Facebook, Twitter have become a common way of interaction among people. As more users are increasing, more malware and data theft are increasing. There was a 70% rise in proportion of firms that report encountering spam and malware attacks via social networks during 2009. Spam has become very common on social networking sites, and social engineering in on the rise.

  • Encrypt sensitive data:

Encryption has been one of the best practices to stay away from attackers and cybercrimes. It is a rising integral technology to protect your organization. If threats bypass your antivirus, and firewall, your personal data is vulnerable. Always encrypt your personal data before sending it through email or placing on removable media.

 

  • Review mail security and gateway blocking effectiveness:

Catching threats before they get to the desktop can be done with effective mail and Web security scanning. Check that you have a mail security solution, which updates frequently to detect the latest bad sender IPs, spam and malware threats at the mail gateway. Consider implementing a Web security solution that will protect your organization.

 

Reference:

 Top 5 Threat Protection Best Practices. (n.d.). Cloud Antivirus, Endpoint, UTM, Encryption, Mobile, DLP, Server, Web, Wireless Security, Network Storage and Next-Gen Firewall Solutions. Retrieved October 16, 2014, from http://www.sophos.com/en-us/security-news-trends/security-trends/top-5-threat-protection-best-practices.aspx

 

Week 6

                                        Increased in Software Vulnerabilities

           No of software increases as more people across personal and corporate devices using a multitude of different platforms are being infected by different vulnerabilities. Patch management has proven to be one of the most effective practices users can take in securing their Personal computers.

In support of National Cyber Security Awareness Month (NCSAM), Secunia Published a Report noting that vigilant patch management is a good patch management tool. The percentage of unpatched systems continues to increase. Users running unpatched operating systems have gone up to 12.6% from 11.1%. It only takes one vulnerability for a hacker to exploit a user’s system.

Report also states that Microsoft’s Internet Explorer had 218 vulnerabilities with 11% of installed program unpatched. Likewise Oracle Java 7 had 145 vulnerabilities and 42% of installed programs unpatched. Also, Apple QuickTime 7 had 11 vulnerabilities and 33% of installed programs unpatched while Adobe Reader 10 had 21 vulnerabilities and 23% of installed programs unpatched.

Keeping update about the patches is a complex task, given the number of endpoints and applications at work in today’s computing environment and there are millions of vulnerable machines out there. We must be prepared to identify, and take actions to contain, breaches. and, of course, the larger the attack surface, the larger the risk and consequently the more complex and challenging it is to solve incidents and avoid the consequences of a successful breach.

 

Reference:

Seals, T.(n.d). Millions of Machines Are Running Unpatched Java and IE infosecurity Magazine. Retrieved October 8, 2014, from http://www.infosecurity-magazine.com/news/millions-of-machines-are-running/

 

 

Week 5

Find out if your IPhone is Stolen or not?

Starting from next summer, a new law states that every smartphone sold in California to include a so called kill switch, which renders the device unusable if it is reported lost or stolen.

Apple already has built the application that support that features but Microsoft and Google have said they plan to introduce the anti theft tool in the future versions of their mobile software systems.

Users can enter a device’s serial number or so-called IMEI, another unique identification number assigned to each phone. The web tool will say whether the kill switch feature, called Activation Lock, is enabled.

If a device has Activation Lock turned on, that could mean it has been stolen or lost or the owner has simply forgotten to deactivate the feature before putting it up for sale. With Activation lock turned on, the device could be unusable without the Apple username and password of the owner.

 

Reference:

Chen, Brian. “New Apple Tool Checks iPhones for ‘Kill Switch’ Security.” Bits New Apple Tool Checks iPhones for Kill Switch Security Comments. The New York Times, 2 Oct. 2014. Wed.2 Oct. 2014. < http://bits.blogs.nytimes.com/2014/10/02/apple-activation-lock/?_php=true&_type=blogs&ref=technology&_r=0&gt;

Week 4

Jimmy John’s Reports Data Breach at 216 Stores

Sandwich restaurant chain Jimmy John’s said there was a potential security breach involving in its 216 stores and franchised locations on July 30, 2014. The breach involves customers’ credit and debit card data informaiton. It is believed that they may have taken cardholder’s name, verification code and the card’s expiration date as well.

An Intruder stole login credentials from the company’s vendor and used the credentials to remotely access the point-of-sale systems at some corporate and franchised locations between June 16 and September 5 as per the information from the company.

More than 12 of the affected stores are in Chicago area, according to the list disclosed by the company. Cards that was entered manually or online have not been impacted as opposed to those swiped at the stores have been. The breach has been under controlled and customers can use their cards at its stores as before.

 

Reference:

Restaurant chain Jimmy John’s reports data breach at 216 stores. (2014, September 25). The Times Of India. Retrieved September 25, 2014, from http://timesofindia.indiatimes.com/tech/tech-news/Restaurant-chain-Jimmy-Johns-reports-data-breach-at-216-stores/articleshow/43422558.cms

 

 

Week 3

Tips for protecting your iOS 8

iOS 8 are finally out. We can now upgrade iOS 8 into our iphone, ipad and ipad touch or buy a new one. Choice is your? Apple, who is the designer and distributor, argues that this is an amazing improvement in terms of flexibility, performance and security. Users actually should know how to utilize them. Some of the ways to protect your data, whether you’re browsing the web, trading in an old device, or setting up iCloud are listed below:

Apple has put together a handy info graphic listing in iOS 8 security tips. Before iOS 7 and earlier, it wasn’t possible for a password manager to fill in login credentials in safari or another browser due to Apple’s strong sandbox and application protection. Starting with iO8, you can keep your password using your preferred browser and protect the passwords using Touch ID.

Another security features include Send Last Location, which is similar to features in lockout Security for Android. It enables you to know your current location just before the battery dies out. Dash lane recommends scanning your fingerprint from different angles, making it easier for touch ID to recognize you. Incase of emergency, you can use the four-digit passcode and make sure you have strong passwords.

You definitely want to enable Find My iPhone, so you can track a lost phone. Equally important, you should disable Siri at the lock screen. Why? Because a thief could use Siri to put the phone in airplane mode, making it invisible to Find My iPhone.

Turn on the switch that erases all data after 10 incorrect passcode attempts in a row, say the experts at Dashlane. They also advise enabling Do Not Track and phishing warnings in Safari. Apple keeps adding security enhancements; it’s up to you to take advantage of them.

Reference:

Jubenking, N. (2014, September 10). Infographic: Security Tips for iOS 8.PCMAG. Retrieved September 18, 2014, from http://securitywatch.pcmag.com/security-software/327187-infographic-security-tips-for-ios-8