BEWARE OF How vulnerable are we?

Steve Herriman Purchasing & IT Manager CYBERTERRORISM DEFENSE INITIATIVE: COMPLETE CYBERTERRORISM DEFENSE (CCD) “IN THE WILD” MONITOR

http://www.securitywizardry.com/radar.htm TYPES OF HACKERS

• A white hat breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. The EC-Council, also known as the International Council of Electronic Commerce Consultants, is one of those organizations that have developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking. • A "black hat" hacker is a hacker who "violates for little reason beyond maliciousness or for personal gain" (Moore, 2005). Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal". Black hat hackers break into secure networks to destroy, modify, or steal data; or to make the network unusable for those who are authorized to use the network. Black hat hackers are also referred to as the "crackers" within the security industry and by modern programmers. Crackers keep the awareness of the vulnerabilities to themselves and do not notify the general public or the manufacturer for patches to be applied. Individual freedom and accessibility is promoted over privacy and security. Once they have gained control over a system, they may apply patches or fixes to the system only to keep their reigning control. Richard Stallman invented the definition to express the maliciousness of a criminal hacker versus a white hat hacker who performs hacking duties to identify places to repair. • A grey hat hacker is a combination of a black hat and a white hat hacker. A grey hat hacker may surf the Internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect, for example. They may then offer to correct the defect for a fee.

WHAT IS A TROJAN VIRUS?

• Trojans are malicious programs that perform actions that have not been authorized by the user. These actions can include: • Deleting data • Blocking data • Modifying data • Copying data • Disrupting the performance of computers or computer networks

HOW TROJAN HACKING PROGRAMS CAN IMPACT YOU • Trojans are classified according to the type of actions that they can perform on your computer: • A backdoor Trojan gives malicious users remote control over the infected computer. They enable the author to do anything they wish on the infected computer – including sending, receiving, launching and deleting files, displaying data and rebooting the computer. Backdoor Trojans are often used to unite a group of victim computers to form a or zombie network that can be used for criminal purposes. • Exploit Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer. • are designed to conceal certain objects or activities in your system. Often their main purpose is to prevent malicious programs being detected – in order to extend the period in which programs can run on an infected computer. • Trojan-Banker Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems and credit or debit cards. HOW TROJAN HACKING PROGRAMS CAN IMPACT YOU

• Trojan-DDoS These programs conduct DoS (Denial of Service) attacks against a targeted web address. By sending multiple requests – from your computer and several other infected computers – the attack can overwhelm the target address… leading to a denial of service. • Trojan-Downloader Trojan-Downloaders can download and install new versions of malicious programs onto your computer – including Trojans and adware. • Trojan-Dropper These programs are used by hackers in order to install Trojans and / or viruses – or to prevent the detection of malicious programs. Not all antivirus programs are capable of scanning all of the components inside this type of Trojan. • Trojan-FakeAV Trojan-FakeAV programs simulate the activity of antivirus software. They are designed to extort money from you – in return for the detection and removal of threats… even though the threats that they report are actually non-existent. • Trojan-GameThief This type of program steals user account information from online gamers. • Trojan-IM Trojan-IM programs steal your logins and passwords for instant messaging programs – such as ICQ, MSN Messenger, AOL Instant Messenger, Yahoo Pager, Skype and many more. HOW TROJANS CAN IMPACT YOU

• Trojan-Ransom This type of Trojan can modify data on your computer – so that your computer doesn’t run correctly or you can no longer use specific data. The criminal will only restore your computer’s performance or unblock your data, after you have paid them the ransom money that they demand. • Trojan-SMS These programs can cost you money – by sending text messages from your mobile device to premium rate phone numbers. • Trojan-Spy Trojan-Spy programs can spy on how you’re using your computer – for example, by tracking the data you enter via your keyboard, taking screen shots or getting a list of running applications. • Trojan-Mailfinder These programs can harvest email addresses from your computer. • Other types of Trojans include: • Trojan-ArcBomb • Trojan-Clicker • Trojan-Notifier • Trojan-Proxy • Trojan-PSW

WHAT DOES THIS HAVE TO DO WITH PURCHASING?

• Do you use any e-commerce site to make purchases for your utility? • Do you request and receive quotes, bid’s or RFP’s via e-mail? • Do you e-mail purchase orders to venders? • Do you search the internet for materials?

POTENTIAL TARGETS

• Public safety • Federal, state, local government agencies • Military facilities • Public/private utilities • Communications industry • Transportation industry • Colleges and universities • Banks, credit card companies • Retailers containing large credit card data repositories • Sensitive and/or classified data repositories • Personal data, identities, financial information

U.S. ENERGY GRID HACKED 79 TIMES IN 2014 GIVES HACKERS AN OPPORTUNITY TO PLANT DESTRUCTIVE CODE • The nation's energy grid is constantly under attack by hackers. • In fiscal year 2014, there were 79 hacking incidents at energy companies that were investigated by the Computer Emergency Readiness Team, a division of the Department of Homeland Security. There were 145 incidents the previous year. • The outermost defenses aren't holding up. Between April 2013 and 2014, hackers managed to break into 37% of energy companies, according to a survey by ThreatTrack Security. • Cybersecurity firm FireEye identified nearly 50 types of malware that specifically target energy companies in 2013 alone, according to its annual report. Energy firms get hit with more spy malware than other industries, according to a 2014 study by Verizon. • In March, TrustedSec discovered spy malware in the software that a major U.S. energy provider uses to operate dozens of turbines, controllers and other industrial machinery. It had been there for a year -- all because one employee clicked on a bad link in an email. • And just last month, CERT revealed that a Russian malware called BlackEnergy had found