Security for Internet Every Day Use Standard Security

Security for Internet Every Day Use Standard Security Practices and New Threats.

Why should you be concerned about Security? ?

Firewalls • Firewalls are Standard. • No direct access. • No spreading of virus and worm.

Spam filters • Spam filters are 99. 9% effective (sounds pretty good. DIS Hosts 20, 000 users. We se trends that spike as high as 6, 000 emails a days. At 99. 9% that means a possible 600 bad emails can get through. ) • Stops most Phishing attacks • Standard for just about every email service

Antivirus • Every computer should run AV. • Stops all known threats. • Make sure updates are as often as possible

Have I bored you enough with standard stuff? ? ? So what is the new threat and…

So, how bad is it, really?

Today’s Headlines

Zeus Trojan continues reign infecting 74, 000 PCs in global botnet • Investigators said they discovered a 75 GB cache, believed to be a hacker drop site tied to the Zeus infections. The cache contained the stolen data from more than 74, 000 Zeus infected systems.

Zeus attacks: Zeus Trojan hitting banking customers hard • Security experts say the customizable and readily available Zeus Trojan is stealing banking credentials to siphon money from accounts. • About 1. 6 million infected machines make up hundreds of Zeus botnets, which target 960 banks, Mather said. Criminals have wreaked a lot of havoc with the bank Trojan's advanced capabilities, she said, citing a case reported by the Washington Post, in which cybercriminals stole $415, 000 from Bullitt County, Ky. , where Zeus infected the county treasurer's computer.

Phishing, Zeus Trojan technique spreads crimeware • Researchers are tracking phishing methods that steal a victim's information and spread a Trojan designed to pilfer even more data. • The Zeus Trojan is available for sale as a crimeware kit for about $700. . "This means that the Rock group did not need to develop new skill-sets to write Trojan horses; they just purchased it on the open market, "

Botnet platform helps cybercriminals bid for zombie PCs: Infected PCs are sold again and again on a new platform that enables cybercriminals to buy and sell victim's machines.

Really?

No! I mean Really!!

So how does it work? How is it we get these bots on our systems with all the Security in place today?

• They trick you into going to a website and it downloads and installs itself on your computer. • Phishing Attacks • Web advertising • Drive by

Example of Phishing attack

Date: Thu, 25 Feb 2010 18: 59: 12 -0600 [02/25/2010 06: 59: 12 PM CST] From: Customer Support To: gallison@conwaycorp. net Subject: Confirm Order N 81201217 Your Order Id: 5306951570875 Accepted. Details Thank you. Amazon. com Customer Support

The “Details” on the is actually a Hyper-link but it does not go to amazon. com. The link actually takes you to http: //113 inreig. com/part. html which will download the Trojan.

Web Advertising

Facebook, Youtube and other sites advertise for some legitimate companies. Beware of things that want you to click on receiving a free i. Phone, or i. Pod or free anything. Remember nothing is really free.

Drive by You never know you have been hit, Until it is too late.

Standard Security inefective against this Threat. • Firewalls • Antivirus • SPAM filtering

Conclusions: • • Be careful Pay attention to what you are doing Do not click on emails you are not expecting Be careful of the websites you are visiting