This document discusses information security and best practices. It covers common threats like viruses, worms, trojans, and social engineering. It also discusses more advanced threats like advanced persistent threats and rootkits. The document provides guidelines for safe practices like using antivirus software, firewalls, strong passwords, backing up important data, and following clean desk policies. The overall message is that information security requires vigilance and multiple layers of protection to defend against various threats.

1. Information Security
Shanthamallachar D B

2. Introduction
• InfoSec
Information security processes and policies typically involve
physical and digital security measures to protect data from
unauthorized access, use, replication or destruction.
• InfoSec Core Objectives(C-I-A Tried).
Confidential
Integrity
Availability

4. Main Objectives:
• LEADING THREATS
• SAFE & SECURE PRACTICES
• BEST PRACTICES

5. • Virus
• Worm
• Trojan Horse / Logic Bomb
• Social Engineering
• ADVANCED PERSISTENT THREAT (APT)
• Rootkits
• Botnets / Zombies

6.  A virus attaches itself to a program, file, or disk
 When the program is executed, the virus
activates and replicates itself
 The virus may be benign or malignant but
executes its payload at some point (often upon
contact)
 Viruses result in crashing of computers and loss
of data.
 In order to recover/prevent virus/attacks:
 Avoid potentially unreliable websites/emails
 System Restore
 Re-install operating system
 Anti-virus (i.e. Avira, AVG, Norton)
Program
A
Extra Code
Program
B
infects

7. • Independent program which replicates itself and sends copies from computer to
computer across network connections. Upon arrival the worm may be activated to
replicate.
To Joe
To Ann
To Bob
Email List:
Joe@gmail.com
Ann@yahoo.com
Bob@uwp.edu

8. • Logic Bomb: Malware logic executes upon certain conditions.
Program is often used for legitimate reasons.
▫ Software which malfunctions if maintenance fee is not paid
▫ Employee triggers a database erase when he is fired.
• Trojan Horse: Masquerades as beneficial program while
quietly destroying data or damaging your system.
▫ Download a game: Might be fun but has hidden part that emails your
password file without you knowing.

9. • Social engineering manipulates people into performing actions or divulging confidential information. Similar to a
confidence trick or simple fraud, the term applies to the use of deception to gain information, commit fraud, or
access computer systems.
Phone Call:
This is John,
the System
Admin. What
is your
password?
Email:
ABC Bank has
noticed a
problem with
your account…
In Person:
What ethnicity
are you? Your
mother’s
maiden name?
and have
some
software
patches
I have come
to repair
your
machine…

10. • Definition: An advanced persistent threat (APT) is a broad
term used to describe an attack campaign in which an
intruder, or team of intruders, establishes an illicit, long-term
presence on a network in order to mine highly sensitive data.
• Targets: Typically include Large Enterprises or Governmental
Networks
• Reason:
▫ Intellectual property theft (e.g., trade secrets or patents)
▫ Compromised sensitive information (e.g., employee and
user private data)
▫ The sabotaging of critical organizational infrastructures
(e.g., database deletion)
▫ Total site takeovers

11. • Phishing: a
‘trustworthy entity’
asks via e-mail for
sensitive information
such as SSN, credit
card numbers, login
IDs or passwords.

12.  Symptoms:
 Antivirus software detects a problem
 Pop-ups suddenly appear (may sell security software)
 Disk space disappears
 Files or transactions appear that should not be there
 System slows down to a crawl
 Unusual messages, sounds, or displays on your monitor
 Stolen laptop (1 in 10 stolen in laptop lifetime)
 Your mouse moves by itself
 Your computer shuts down and powers off by itself
 Often not recognized

14. • Anti-virus software detects malware and can destroy it
before any damage is done
• Install and maintain anti-virus and anti-spyware
software
• Be sure to keep anti-virus software updated
• Many free and pay options exist

15. • A firewall acts as a wall between your computer/private network
and the internet. Hackers may use the internet to find, use, and
install applications on your computer. A firewall prevents hacker
connections from entering your computer.
• Filters packets that enter or leave your computer

16. • Never use ‘admin’ or ‘root’ or ‘administrator’ as a login for the admin
• A good password is:
▫ private: it is used and known by one person only
▫ secret: it does not appear in clear text in any file or program or on a piece of paper pinned to the terminal
▫ easily remembered: so there is no need to write it down
▫ at least 8 characters, complex: a mixture of at least 3 of the following: upper case letters, lower case letters,
digits and punctuation
▫ not guessable by any program in a reasonable time, for instance less than one week.
▫ changed regularly: a good change policy is every 3 months
• Beware that someone may see you typing it. If you accidentally type your password instead of
your login name, it may appear in system log files

17. • Do not open email attachments unless you are expecting the email with
the attachment and you trust the sender.
• Do not click on links in emails unless you are absolutely sure of their
validity.
• Only visit and/or download software from web pages you trust.

18. • Definition
A clean desk policy (CDP) is a corporate directive that specifies how employees should leave
their working space when they leave the office. Most Clean Desk Policies require employees to clear
their desks of all papers at the end of the day.
• Sensitive information must be protected at all times from
anyone who may pass by including other employees, cleaners,
and office visitors
• In effect, a clean desk policy is one of the simplest ways to
protect sensitive information and to reduce the risk of a data
breach and identity theft
• A clean desk policy also complies with information security
regulations

19. BACKUP IMPORTANT INFORMATION
19
 No security measure is 100% reliable.
 Even the best hardware fails.
 What information is important to you?
 Is your backup:
Recent?
Off-site & Secure?
Process Documented?
Encrypted?
Tested?

20. • Always logoff or lock you system if you leave (even for a minute)
• Keep systems patches and up to date
• Use strong passwords and protect them
• Encrypt sensitive files
• Watch what you share
• Disable insecure mechanisms if possible
• Never let someone have access to yours system under your credentials
• Be aware of individuals looking for information or access
• Don’t forget physical security
• Report any potential breach to your InfoSec Team