How To Boost Your Digital Immune System And Other Related Topics To Help Maintain Your Security [email protected] Chuck Padgurskis There’s A War Going On • Virtual War Major Players • Government • Ours • Theirs • Big Business • Bad Actors/Hackers • Casualties • You • Society • Business • Government • Battlefield • Suggested Reading “Data and Goliath” Bruce Schneier Battlefield Battlefield https://darkwebnews.com/help-advice/access-dark-web/ 2.5 Quintillion bytes of data every day. That is 2.5 with 18 zeros after it. Cybercrime losses $1.1 million every 60 seconds Cost of data breaches to reach $2.1 trillion globally by 2019 3.7 Billion people use the internet 110 Million Americans hacked every year Topics • LTPOA Website • Rules and Best Practices • Be Anonymous in the Virtual World • Defense in Depth • Problem Determination • Problem Resolution • Identity Protection • Cut Cable TV • Physical Security-IP Cameras Lake Templene Website https://www.laketemplene.org/ • Community Oriented • Provide Information • Provide Services • Entertain • Coming Attractions • Suggestions • Desperately Seeking Someone to Mentor Rules and Best Practices • Rule#1 Do Not Panic • Suggested reading “The Science of Fear” Daniel Gardner • Rule#2 En Garde! • Digital Health Tonic Recipe • Mix ½ cup skepticism ¼ cup cynicism 2 tbs paranoia and pour over cubes of ice cold logic • BP#1 Be Anonymous Be Anonymous • Virtual Private Network (VPN) • www.privateinternetaccess.com (perfect forward secrecy) • Caveats • TOR Browser • www.torproject.org • Other Browsers • https://techviral.net/best-web-browsers-2018/ • Search Engines • Google • Bing • Yahoo • DuckDuckGo • StartPage • Text-Talk-Video • Signal www.signal.org (perfect forward secrecy) • Skype Be Anonymous • Email • https://protonmail.com • Address Bar • http vs https • Voice over IP (VOIP) • On phone (Signal) (Skype) (Whatsapp) • On router use a VPN • Smartphones • Turn off/on • GPS • Bluetooth • Wireless • Mobile data • App Permissions Rule#3 Once data is on the internet it’s always on the internet Defense in Depth • BP#2 Keep Everything Updated • Zero Day Vulnerability/Exploit • Operating System • PC • Smartphone • WiFi Router • Printer (Wireless) • All purchased/licensed/downloaded programs • Hardware • BIOS • Drivers • Chipset • IoT (Internet of Things) • Change default username and password always! Defense in Depth • BP#3 Keep Everything Protected • Use a Reputable Anti-virus Program • Check ISP for Anti-virus software • Email • PC/Tablet/Notepad • Avast • Norton • McAfee • Malwarebytes • Smartphone • Malwarebytes • Lookout • Norton • Avast • Use a VPN • Blocks ads, trackers other malware • Change DNS settings Defense in Depth • BP#4 Use Good Authentication • Multi-factor Authentication • What you know- passwords, passphrases, security questions • What you have- smartphone (text), credit card with chip, token • Who you are- biometrics- fingerprint, iris scan, retina scan • Where you are- geolocation • Use 2FA (two factor authentication) whenever possible • https://twofactorauth.org/ • U2F Universal two factor • One key to rule them all • Authenticator (Google) (Authy) • Use complex passwords/passphrases • 8 ok 12 is better • Combination of upper/lower case, numbers and other characters • Change passwords • Periodically • When notified or suspect a breach • After installing a new device • User Name not Your Name • Enable alerts/maximum security on all financial accounts Defense in Depth • BP#5 Use A Password Manager • Only have to remember 1 password • Encrypts the stored passwords • Not only stores but also generates complex passwords • Can store other items • Images • Data • Use it on your smartphone • Store backup copy offline • On portable drive • On Cloud (Dropbox, Google Drive, other) • Do research to find the best for you • KeePass https://keepass.info/download.html (free) • Dashlane www.dashlane.com (not free) • 1Password • Keeper • LastPass • Check your Email at https://haveibeenpwned.com/ Defense in Depth • BP#6 Keep It Clean • Periodic Full Scan • Disk optimization, clean up temp files, start up applications • Smartphone clear cache • Remove applications • Don’t know • Don’t use • Don’t want • Deep clean • Check anti-virus software for deep cleaner • Microsoft Malicious Software Removal Tool • New every second Tuesday of month • If automatic updates are on it runs in background • Download Microsoft Safety Scanner (msert.exe) 10 day expiration • https://www.microsoft.com/en-us/wdsi/products/scanner# Defense in Depth • Rule#4 Back It Up Back It Up Back It Up • Only data not applications • Portable Hard Drive • Western Digital Passport • Cloud • PC • Idrive • Carbonite • Norton • Phone • Icloud • Google • Create a restore point • Create recovery media Defense in Depth • BP#7 Inventory Control • Keep a list of everything you own • All operating system licenses • Usually on the device • All purchased software licenses • All physical devices • Serial Number • OAN Owner Applied Number • Store it in your password manager • As text • As an image Problem Determination • Rule#5 There Ain’t No Free Lunches • Signs You’ve Been Hacked • Device suddenly slows down • Device fan turns on often suggesting overheating • Using way more data than usual • Videos suddenly buffer and webpages take forever to load • Programs and apps start crashing • You start seeing popup ads • Your device suddenly restarts • Unexplained online or email activity • Spear-phishing (71%) • Web Site Watering Hole (24%) • Ransomware • Phone Scams • No 3rd Party apps for smartphone Problem Resolution • Observe and record the event • Disconnect from the internet • Run task manager (Microsoft) activity monitor (Apple) • Boot up in safe mode • Run Anti-virus (Full scan) • Change Passwords on all accounts • Use 2FA if available • Notify Your Contacts • Monitor/Notify Financial Accounts • Restore/Refresh/Reset/Recovery/Reinstall Operating System (last resort) • Applications • Data from backup In Summary • Rule#1 Do Not Panic • Rule#2 En Garde! • Rule#3 Once data is on the internet it’s always on the internet. • Rule#4 Back It Up Back It Up Back It Up • Rule#5 There Ain’t No Free Lunches • BP#1 Be Anonymous • BP#2 Keep Everything Updated • BP#3 Keep Everything Protected • BP#4 Use Good Authentication • BP#5 Use A Password Manager • BP#6 Keep It Clean • BP#7 Inventory Control Identity Protection • Credit Bureaus • Transunion-1-888-909-8872 • Experian-1-888-397-3742 • Equifax-1-800-349-9960 • Free annual credit report • https://www.annualcreditreport.com/ • Credit Freeze • No new credit unless you open your credit account • Fraud Alert • Forces credit history requester to verify their identity How To Cut Cable TV • Equipment • Cable modem • WiFi Router • DVR for recordings • Roku/Apple TV/Amazon Fire TV/Chromecast • Voice Over Internet Protocol (VOIP) • Range Extender for WiFi • Services • Netflix, Amazon Prime • Hulu, Philo, Fubo, Directv Now, YouTube TV, Sling TV • Vonage, Skype, RingCentral • Cloud Storage for recordings IP Cameras/Security Cameras • Options • Inside-Outside • Pan/Tilt 270 Degrees • Infrared • Pictures and Video Resolution 720p or 1080p or 4K • Audio/Voice one way or two way • Motion Detection High-Medium-Low • Alerts Email-Text-Phone • Storage On Camera-On Cloud-On Server.