Cybersecurity Who Cares?Why cybersecurity matters and Careers in Cyber Security
Donald E. Hestertwitter.com/sobca | www.facebook.com/LearnSecwww.learnsecurity.org
Blurring the linesInternet of Everything
Smart MetersToll road/bridgeTraffic managementParking MetersAutomobilesHome AutomationHealth MonitoringShoppingAppliancesCattle (tracking/monitoring)
By 2020 there will be more things on the internet than people, est. 50 billion things06-Jun-145Online Profile & RepYour "online profile" is the sum of online content about you that you've created and content about you created by others. Items include: emails, videos, posts on social networks, someone posting a picture or comments about you on a social network or website, credit, financial and medical information.Your "online reputation" is the image created of you through information you or others shared online in blogs, posts, pictures, tweets and videos.
Information on the Internet never diesInformation, once on the Internet can be there for years, even if the services claims it is goneDont post anything you wouldnt want seen by everyone
Online Privacy and ReputationDo you have control of what is posted?Not all fame is good!People use anonymity to post stuff about others!Embarrassment, loss of credibilityRev2/28/2011
Online PrivacyWould you invite a stranger into your house to look at your children's photo album?Public v. PrivateAggregate information sources could give someone more information than intended.Rev2/28/2011
Employers are increasingly using social media for background checks.Insurance companies use social media to look for fraud.Spies use social media to look for informants.
http://www.ajc.com/news/barrow-teacher-fired-over-733625.html http://www.dailyfinance.com/story/media/facebook-spying-costs-canadian-woman-her-health-benefits/19250917/ http://smallbiztrends.com/2009/09/social-media-background-checks.html http://www.socialintelligencehr.com/
Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day
10Social Media & HRThe use of social media outside of personal lives has increased and continues to increaseConcern that potential employers will misconstrue what is seenUsed for monitoring current employeesUsed for screening job applicantsEmployees see it as a good way to get to know the applicant
Real life consequences
Bad guys use social media too
Bad guys can exploit your use of social media to infect your computer with malwareInformation about you onlineDo I have control of what is posted about me?Look yourself up!Even if you are not on the web, you may be on the web!Do what you can to control what is out there.What is you social relevancy (Reputation)?Setup alerts and monitor what is posted about you.
Watch what you put online
http://www.youtube.com/watch?v=Soq3jzttwiACan someone use what you post against you?
Social Media & Politics; A Game Changer
SituationWhy does someone want your personal information?In an information age information becomes a commodityInformation has a valueSome information has a greater valueYour personal information is potentially worth more than you think
Who keeps personal data on you?Social Media Sites User generatedCorporations Big data, Tracking, Sales, MarketingGovernment Local, State, Federal and otherOrganizations Non-profits, Clubs, VSOsSchools Grades, Clubs, School NewspaperMedia Newspapers, News, VideoData from unexpected sources
ID Theft vs. ID FraudIdentity fraud," consists mainly of someone making unauthorized charges to your credit card. Identity theft, is when someone gathers your personal information and assumes your identity as their own.
"Identify theft is one of the fastest growing crimes in the US."John Ashcroft79th US Attorney GeneralThe FTC, which is increasingly involved in helping consumers who are victims of identity theft, has a very broad definition of identity theft. The FTC's definition includes what many financial institutions consider to be "identity fraud," which consists mainly of someone making unauthorized charges to your credit card. Identity theft, as defined by many financial institutions, is a much more serious problem. Identity theft, they say, is when someone gathers your personal information and assumes your identity as their own.
21The Busboy That Started It AllMarch 20th 2001, MSNBC reported the first identity theft case to gain widespread public attentionThief assumed the identities of Oprah Winfrey and Martha Stewart, took out new credit cards in their names, and accessed their bank accountsStole more than $7 million from 200 of the worlds super rich - Warren Buffet and George Soros, tech tycoons Paul Allen and Larry EllisonUsed a library computer, public records, a cell phone, a fax machine, a PO Box, and a copy of Forbes Richest People32-year-old Abraham Abdallah was described as a high school dropout, a New York City busboy, a pudgy, disheveled, career petty criminal.
Credit Card/ATM Skimming
The federal government is the biggest offender.Paul StephensPrivacy Rights ClearinghouseWhat do they do with stolen IDs?
Information is sold on the Black MarketSometimes the information is traded for drugsUsed to fund terrorist operations
Meth users see mail theft and check washing as a low risk way to pay for their habit.The same chemicals used in Meth production are used in check washing.Meth users, dealers and fraudsters are partners in crime.
25P2P (Peer to Peer file sharing)Used to share computer filesLegal issues with copyrightMalware issuesPrivacy issues, do you know what you are sharing?
Phishing: Internet FraudOldest trick in the book, there are examples in the 1500sOne particular fraud is called the Nigerian 419 scam or Advanced Fee FraudStarted as a letter, then it showed up in faxes and now it is sent by email.Many variations on the story the message containsRev2/28/2011
Cell Phone Spyware
Albert Gonzalez, 28With accomplices, he was involved in data breaches of most of the major data breaches: Heartland, Hannaford Bros., 7-Eleven, T.J. Maxx, Marshalls, BJs Wholesale Club, OfficeMax, Barnes & Noble, Sports Authority, Dave & Busters, Boston Market, Forever 21, DSW and others.32
political activism using computer networks: the activity of breaking into and sabotaging a computer system via the Internet as a political protest Bing Dictionary
Forbes The Top Jobs For 2014 1. Software Developers 6. Web Developers 8. Database Administrators 12. Information Security Analysts
Forbes The Top Jobs For 2014, 1. Software Developers 6. Web Developers 8. Database Administrators 12. Information Security Analysts. Go Tech! http://www.forbes.com/sites/jacquelynsmith/2013/12/12/the-top-jobs-for-2014/
06-Jun-1436Careers in IT and Cyber SecurityApplication DevelopmentNetwork EngineerAnalystTeachingAuditor/AssessorSystems AdministrationProgram ManagementLaw enforcement
Forbes The Top Jobs For 2014, 1. Software Developers 6. Web Developers 8. Database Administrators 12. Information Security Analysts. http://www.forbes.com/sites/jacquelynsmith/2013/12/12/the-top-jobs-for-2014/06-Jun-1437Career FoundationsEducation (High School, Trade school, College, Degree) Experience (Internships, years)Certifications (Vendor specific, Vendor neutral)Who you know (always helps, LinkedIn)
The more you have in each area, the higher your application/resume will be in the pile.Linkstwitter.com/sobca | www.facebook.com/LearnSecwww.learnsecurity.orglinkedin.com/in/donaldehester