Resources for Citizens and Employees

In today’s modern workspaces technology has made us far more efficient than we ever have been, unfortunately those efficiencies have also made the ‘bad guys’ more efficient as well, so what can we do to offset the balance in our favor?  The answer is really very simple - train ourselves to conduct business in a sensible, secure manner.

By incorporating simple ‘common sense security’ measures in our daily activities, the risks associated with modern technology can be reduced dramatically.  Provided on this page is a variety of documents, links, and videos.  Please use what works best for you to help make ‘common sense security’ second nature to your daily activities both at the office and at home.

Cybersecurity Training Videos

KISO Video Clips

Understanding Cybersecurity Terms

Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used.  Some types of adware are also spyware and can be classified as privacy-invasive software.

 

Botnet is a jargon term for a collection of software robots, or bots, that run autonomously and automatically.  The term is often associated with malicious software but it can also refer to the network of computers using distributed computing software.  While the term "botnet" can be used to refer to any group of bots, such as IRC bots, this word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via wormsTrojan horses, or backdoors, under a common command-and-control infrastructure.

 

Crimeware is a class of malware designed specifically to automate financial crime.  Crimeware (as distinct from spywareadware, and malware) is designed (through social engineering or technical stealth) to perpetrate identity theft in order to access a computer user's online accounts at financial services companies and online retailers for the purpose of taking funds from those accounts or completing unauthorized transactions that enrich the thief controlling the Crimeware.  Crimeware also often has the intent to export confidential or sensitive information from a network for financial exploitation. Crimeware represents a growing problem in network security as many malicious code threats seek to pilfer confidential information.

 

Firewall. A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.  It is also a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria.  A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.  Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.  All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

 

Identity theft is a crime used to refer to fraud that involves someone pretending to be someone else in order to steal money or get other benefits.  The term is relatively new and is actually a misnomer, since it is not inherently possible to steal an identity, only to use it. The person whose identity is used can suffer various consequences when he or she is held responsible for the perpetrator's actions.  In many countries specific laws make it a crime to use another person's identity for personal gain.

 

Malware is software designed to infiltrate or damage a computer system without the owner's informed consent.  The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.  The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, including true viruses.  Software is considered malware based on the perceived intent of the creator rather than any particular features.  Malware includes computer viruseswormstrojan horses, mostrootkitsspyware, dishonest adwareCrimeware and other malicious and unwanted software.  In law, malware is sometimes known as a computer contaminant.

 

Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.  Communications purporting to be from popular social web sites auction sites, online payment processors or IT Administrators are commonly used to lure the unsuspecting.  Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require skill to detect that the website is fake.  Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of current web security technologies.  Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

 

Rootkits. A rootkit is malware that consists of a program, or combination of several programs, designed to hide or obscure the fact that a system has been compromised.  Contrary to what its name may imply, a rootkit does not grant a user administrator access, as it requires prior access to execute and tamper with system files and processes.  An attacker may use a rootkit to replace vital system executables, which may then be used to hide processes and files the attacker has installed, along with the presence of the rootkit. Access to the hardware, e.g., the reset switch, is rarely required, as a rootkit is intended to seize control of the operating system. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms.  Often, they are Trojans as well, thus fooling users into believing they are safe to run on their systems. Techniques used to accomplish this can include concealing running processes from monitoring programs, or hiding files or system data from the operating system.  Rootkits may also install a "back door" in a system by replacing the login mechanism (such as /bin/login) with an executable that accepts a secret login combination, which, in turn, allows an attacker to access the system, regardless of changes to the actual accounts on the system.  Rootkits may have originated as regular applications, intended to take control of a failing or unresponsive system, but in recent years have been largely malware to help intruders gain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Linux, Mac OS, and Solaris.  Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules, depending on the internal details of an operating system's mechanisms.

 

Router. A router is a networking device whose software and hardware are usually tailored to the tasks of routing and forwarding information.

 

Social engineering is the act of manipulating people into performing actions or divulging confidential information.  While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud or computer system access; in most cases the attacker never comes face-to-face with the victim.

 

Spam. E-mail spam, also known as junk e-mail, is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail.  A common synonym for spam is unsolicited bulk e-mail (UBE).  Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.  "UCE" refers specifically to unsolicited commercial e-mail. 

About 80% of all spam is sent by fewer than 200 spammers.  Botnets, networks of virus-infected computers, are used to send about 80% of spam.  E-mail addresses are collected from chatrooms, websites, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. Much of spam is sent to invalid e-mail addresses.  Spam averages 94% of all e-mail sent.

 

Spyware is computer software that is installed surreptitiously on a personal computer to collect information about a user, their computer or browsing habits without the user's informed consent.  While the term spyware suggests software that secretly monitors the user's behavior, the functions of spyware extend well beyond simple monitoring.  Spyware programs can collect various types of personal information, such as Internet surfing habits, sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software, and redirecting Web browser activity.  Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.

 

Switch. A network switch is a computer networking device that connects network segments.

 

Trojan,  in the context of computing and software, describes a class of computer threats that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine, giving them the ability to save their files on the user's computer or even watch the user's screen and control the computer.  Trojan Horses (not technically a virus) can be easily and unwittingly downloaded.  For example, if a computer game is designed such that, when executed by the user, it opens a back door that allows a hacker to control the computer of the user, then the computer game is said to be a Trojan horse.  However, if the computer game is legitimate, but was infected by a virus, then it is not a Trojan horse, regardless of what the virus may do when the game is executed.  The term is derived from the classical story of the Trojan Horse.

 

Virus. A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner.  The term "virus" is also commonly but erroneously used to refer to other types of malwareadware, and spyware programs that do not have the reproductive ability.  A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.  Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.

 

Worms. A computer worm is a self-replicating computer program.  It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention.  Unlike a virus, it does not need to attach itself to an existing program.  Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.

 

Zombie Computer. A zombie computer (often shortened as zombie) is a computer attached to the Internet that has been compromised by a hacker, a computer virus, or a trojan horse.  Generally, a compromised machine is only one of many in a botnet, and will be used to perform malicious tasks of one sort or another under remote direction.  Most owners of zombie computers are unaware that their system is being used in this way.  Because the owner tends to be unaware, these computers are metaphorically compared to zombies.

 

Cybersecurity Basics - Personal

Best Practices for Your Cyber Safety

Cybersecurity Basics - Work

Viruses, Worms, Spam, Phishing and more, there’s so much to worry about every time you turn on your PC, so where should one start in protecting themselves online and the data on their PC?  The answer is really easier than most think: First, secure your PC with a firewall, antivirus and antispyware software and always keep your PC updated with the latest patches.  Second, follow some simple rules with regard to email and surfing:

Email

  • Never open email attachments from anyone you don’t know
  • Don’t use the email preview pane, viruses can be activated by simply using this feature
  • Never provide personal information to an email request
  • Limit who gets your email address
  • Disable graphics in email
  • Report Spam
  • Be skeptical of all attachments, even from those you know; send them a clean email asking them to confirm they sent it

Surfing

  • At work, know your organization’s acceptable use policy
  • Always close advertising popup windows using the red “X”, selecting anything else may activate any attached application
  • Only use browsers that support encryption
  • Always read privacy statements before downloading any software or providing any information 

Cyber Incident Reporting

It could happen:

I have been a victim: