Cyber Security Primer VIII

 

MOBILE DEVICES

Protecting Portable Devices: Physical Security

What is at risk?

Only you can determine what is actually at risk. If a thief steals your laptop or PDA, the most obvious loss is the machine itself. However, if the thief is able to access the information on the computer or PDA, all of the information stored on the device is at risk, as well as any additional information that could be accessed as a result of the data stored on the device itself.

Sensitive corporate information or customer account information should not be accessed by unauthorized people. You've probably heard news stories about organizations panicking because laptops with confidential information on them have been lost or stolen. But even if there isn't any sensitive corporate information on your laptop or PDA, think of the other information at risk: information about appointments, passwords, email addresses and other contact information, personal information for online accounts, etc.

How can you protect your laptop or PDA?

     Password-protect your computer - Make sure that you have to enter a password to log in to your computer or PDA.

     Keep your laptop or PDA with you at all times - When traveling, keep your laptop with you. Meal times are optimum times for thieves to check hotel rooms for unattended laptops. If you are attending a conference or trade show, be especially wary—these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms.

     Downplay your laptop or PDA - There is no need to advertise to thieves that you have a laptop or PDA. Avoid using your portable device in public areas, and consider non-traditional bags for carrying your laptop.

     Be aware of your surroundings - If you do use your laptop or PDA in a public area, pay attention to people around you. Take precautions to shield yourself from "shoulder surfers"—make sure that no one can see you type your passwords or see any sensitive information on your screen.

     Consider an alarm or lock - Many companies sell alarms or locks that you can use to protect or secure your laptop. If you travel often or will be in a heavily populated area, you may want to consider investing in an alarm for your laptop bag or a lock to secure your laptop to a piece of furniture.

     Back up your files - If your portable device is stolen, it's bad enough that someone else may be able to access your information. To avoid losing all of the information, make backups of important information and store the backups in a separate location. Not only will you still be able to access the information, but you'll be able to identify and report exactly what information is at risk.

What can you do if your laptop or PDA is lost or stolen?

Report the loss or theft to the appropriate authorities. These parties may include representatives from law enforcement agencies, as well as hotel or conference staff. If your device contained sensitive corporate or customer account information, immediately report the loss or theft to your organization so that they can act quickly.

Protecting Portable Devices: Data Security

Why do you need another layer of protection?

Although there are ways to physically protect your laptop, PDA, or other portable device, there is no guarantee that it won't be stolen. After all, as the name suggests, portable devices are designed to be easily transported. The theft itself is, at the very least, frustrating, inconvenient, and unnerving, but the exposure of information on the device could have serious consequences. Also, remember that any devices that are connected to the internet, especially if it is a wireless connection, are also susceptible to network attacks.

What can you do?

     Use passwords correctly - In the process of getting to the information on your portable device, you probably encounter multiple prompts for passwords. Take advantage of this security. Don't choose options that allow your computer to remember passwords, don't choose passwords that thieves could easily guess, use different passwords for different programs, and take advantage of additional authentication methods.

     Consider storing important data separately - There are many forms of storage media, including CDs, DVDs, and removable flash drives (also known as USB drives or thumb drives). By saving your data on removable media and keeping it in a different location (e.g., in your suitcase instead of your laptop bag), you can protect your data even if your laptop is stolen. You should make sure to secure the location where you keep your data to prevent easy access. It may be helpful to carry storage media with other valuables that you keep with you at all times and that you naturally protect, such as a wallet or keys.

     Encrypt files - By encrypting files, you ensure that unauthorized people can't view data even if they can physically access it. You may also want to consider options for full disk encryption, which prevents a thief from even starting your laptop without a passphrase. When you use encryption, it is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data.

     Install and maintain anti-virus software - Protect laptops and PDAs from viruses the same way you protect your desktop computer. Make sure to keep your virus definitions up to date. If your anti-virus software doesn't include anti-spyware software, consider installing separate software to protect against that threat.

     Install and maintain a firewall - While always important for restricting traffic coming into and leaving your computer, firewalls are especially important if you are traveling and using different networks. Firewalls can help prevent outsiders from gaining unwanted access.

     Back up your data - Make sure to back up any data you have on your computer onto a CD-ROM, DVD-ROM, or network. Not only will this ensure that you will still have access to the information if your device is stolen, but it could help you identify exactly which information a thief may be able to access. You may be able to take measures to reduce the amount of damage that exposure could cause.

Using Caution with USB Drives

What security risks are associated with USB drives?

Because USB drives, sometimes known as thumb drives, are small, readily available, inexpensive, and extremely portable, they are popular for storing and transporting files from one computer to another. However, these same characteristics make them appealing to attackers.

One option is for attackers to use your USB drive to infect other computers. An attacker might infect a computer with malicious code, or malware that can detect when a USB drive is plugged into a computer. The malware then downloads malicious code onto the drive. When the USB drive is plugged into another computer, the malware infects that computer.

Some attackers have also targeted electronic devices directly, infecting items such as electronic picture frames and USB drives during production. When users buy the infected products and plug them into their computers, malware is installed on their computers.

Attackers may also use their USB drives to steal information directly from a computer. If an attacker can physically access a computer, he or she can download sensitive information directly onto a USB drive. Even computers that have been turned off may be vulnerable, because a computer's memory is still active for several minutes without power. If an attacker can plug a USB drive into the computer during that time, he or she can quickly reboot the system from the USB drive and copy the computer's memory, including passwords, encryption keys, and other sensitive data, onto the drive. Victims may not even realize that their computers were attacked.

The most obvious security risk for USB drives, though, is that they are easily lost or stolen. If the data was not backed up, the loss of a USB drive can mean hours of lost work and the potential that the information cannot be replicated. And if the information on the drive is not encrypted, anyone who has the USB drive can access all of the data on it.

How can you protect your data?

There are steps you can take to protect the data on your USB drive and on any computer that you might plug the drive into:

     Take advantage of security features - Use passwords and encryption on your USB drive to protect your data, and make sure that you have the information backed up in case your drive is lost.

     Keep personal and business USB drives separate - Do not use personal USB drives on computers owned by your organization, and do not plug USB drives containing corporate information into your personal computer.

     Use and maintain security software, and keep all software up to date - Use a firewall, anti-virus software, and anti-spyware software to make your computer less vulnerable to attacks, and make sure to keep the virus definitions current. Also, keep the software on your computer up to date by applying any necessary patches.

     Do not plug an unknown USB drive into your computer - If you find a USB drive, give it to the appropriate authorities (a location's security personnel, your organization's IT department, etc.). Do not plug it into your computer to view the contents or to try to identify the owner.

 

Securing Wireless Networks

How do wireless networks work?

As the name suggests, wireless networks, sometimes called WiFi, allow you to connect to the internet without relying on wires. If your home, office, airport, or even local coffee shop has a wireless connection, you can access the network from anywhere that is within that wireless area.

Wireless networks rely on radio waves rather than wires to connect computers to the internet. A transmitter, known as a wireless access point or gateway, is wired into an internet connection. This provides a "hotspot" that transmits the connectivity over radio waves. Hotspots have identifying information, including an item called an SSID (service set identifier), that allow computers to locate them. Computers that have a wireless card and have permission to access the wireless frequency can take advantage of the network connection. Some computers may automatically identify open wireless networks in a given area, while others may require that you locate and manually enter information such as the SSID.

What security threats are associated with wireless networks?

Because wireless networks do not require a wire between a computer and the internet connection, it is possible for attackers who are within range to hijack or intercept an unprotected connection. A practice known as war driving involves individuals equipped with a computer, a wireless card, and a GPS device driving through areas in search of wireless networks and identifying the specific coordinates of a network location. This information is then usually posted online. Some individuals who participate in or take advantage of war driving have malicious intent and could use this information to hijack your home wireless network or intercept the connection between your computer and a particular hotspot.

What can you do to minimize the risks to your wireless network?

     Change default passwords - Most network devices, including wireless access points, are pre-configured with default administrator passwords to simplify setup. These default passwords are easily found online, so they don't provide any protection. Changing default passwords makes it harder for attackers to take control of the device.

     Restrict access - Only allow authorized users to access your network. Each piece of hardware connected to a network has a MAC (media access control) address. You can restrict or allow access to your network by filtering MAC addresses. Consult your user documentation to get specific information about enabling these features. There are also several technologies available that require wireless users to authenticate before accessing the network.

     Encrypt the data on your network - WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) both encrypt information on wireless devices. However, WEP has a number of security issues that make it less effective than WPA, so you should specifically look for gear that supports encryption via WPA. Encrypting the data would prevent anyone who might be able to access your network from viewing your data.

     Protect your SSID - To avoid outsiders easily accessing your network, avoid publicizing your SSID. Consult your user documentation to see if you can change the default SSID to make it more difficult to guess.

     Install a firewall - While it is a good security practice to install a firewall on your network, you should also install a firewall directly on your wireless devices (a host-based firewall). Attackers who can directly tap into your wireless network may be able to circumvent your network firewall—a host-based firewall will add a layer of protection to the data on your computer.

     Maintain anti-virus software - You can reduce the damage attackers may be able to inflict on your network and wireless computer by installing anti-virus software and keeping your virus definitions up to date. Many of these programs also have additional features that may protect against or detect spyware and Trojan horses

Cyber security for Electronic Devices

Why does cyber security extend beyond computers?

Actually, the issue is not that cyber security extends beyond computers; it is that computers extend beyond traditional laptops and desktops. Many electronic devices are computers—from cell phones and PDAs to video games and car navigation systems. While computers provide increased features and functionality, they also introduce new risks. Attackers may be able to take advantage of these technological advancements to target devices previously considered "safe." For example, an attacker may be able to infect your cell phone with a virus, steal your phone or wireless service, or access the data on your PDA. Not only do these activities have implications for your personal information, but they could also have serious consequences if you store corporate information on the device.

What types of electronics are vulnerable?

Any piece of electronic equipment that uses some kind of computerized component is vulnerable to software imperfections and vulnerabilities. The risks increase if the device is connected to the internet or a network that an attacker may be able to access. Remember that a wireless connection also introduces these risks. The outside connection provides a way for an attacker to send information to or extract information from your device.

How can you protect yourself?

     Remember physical security - Having physical access to a device makes it easier for an attacker to extract or corrupt information. Do not leave your device unattended in public or easily accessible areas.

     Keep software up to date - If the vendor releases patches for the software operating your device, install them as soon as possible. These patches may be called firmware updates. Installing them will prevent attackers from being able to take advantage of known problems or vulnerabilities.

     Use good passwords - Choose devices that allow you to protect your information with passwords. Select passwords that will be difficult for thieves to guess, and use different passwords for different programs and devices. Do not choose options that allow your computer to remember your passwords.

     Disable remote connectivity - Some PDAs and phones are equipped with wireless technologies, such as Bluetooth, that can be used to connect to other devices or computers. You should disable these features when they are not in use.

     Encrypt files - Although most devices do not offer you an option to encrypt files, you may have encryption software on your PDA. If you are storing personal or corporate information, see if you have the option to encrypt the files. By encrypting files, you ensure that unauthorized people can't view data even if they can physically access it. When you use encryption, it is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data.

Defending Cell Phones and PDAs against Attack

What unique risks do cell phones and PDAs present?

Most current cell phones have the ability to send and receive text messages. Some cell phones and PDAs also offer the ability to connect to the internet. Although these are features that you might find useful and convenient, attackers may try to take advantage of them. As a result, an attacker may be able to accomplish the following:

     abuse your service - Most cell phone plans limit the number of text messages you can send and receive. If an attacker spams you with text messages, you may be charged additional fees. An attacker may also be able to infect your phone or PDA with malicious code that will allow them to use your service. Because the contract is in your name, you will be responsible for the charges.

     lure you to a malicious web site - While PDAs and cell phones that give you access to email are targets for standard phishing attacks, attackers are now sending text messages to cell phones. These messages, supposedly from a legitimate company, may try to convince you to visit a malicious site by claiming that there is a problem with your account or stating that you have been subscribed to a service. Once you visit the site, you may be lured into providing personal information or downloading a malicious file.

     use your cell phone or PDA in an attack - Attackers who can gain control of your service may use your cell phone or PDA to attack others. Not only does this hide the real attacker's identity, it allows the attacker to increase the number of targets.

     gain access to account information - In some areas, cell phones are becoming capable of performing certain transactions (from paying for parking or groceries to conducting larger financial transactions). An attacker who can gain access to a phone that is used for these types of transactions may be able to discover your account information and use or sell it.

What can you do to protect yourself?

     Follow general guidelines for protecting portable devices - Take precautions to secure your cell phone and PDA the same way you should secure your computer.

     Be careful about posting your cell phone number and email address - Attackers often use software that browses web sites for email addresses. These addresses then become targets for attacks and spam. Cell phone numbers can be collected automatically, too. By limiting the number of people who have access to your information, you limit your risk of becoming a victim.

     Do not follow links sent in email or text messages - Be suspicious of URLs sent in unsolicited email or text messages. While the links may appear to be legitimate, they may actually direct you to a malicious web site.

     Be wary of downloadable software - There are many sites that offer games and other software you can download onto your cell phone or PDA. This software could include malicious code. Avoid downloading files from sites that you do not trust. If you are getting the files from a supposedly secure site, look for a web site certificate. If you do download a file from a web site, consider saving it to your computer and manually scanning it for viruses before opening it.

     Evaluate your security settings - Make sure that you take advantage of the security features offered on your device. Attackers may take advantage of Bluetooth connections to access or download information on your device. Disable Bluetooth when you are not using it to avoid unauthorized access.

 

Comments

Popular posts from this blog

Surgical Strike by Indian Special Forces in POK

Cyber Security Primer IV