Company Background
Google
Google discovered that Chinese hackers were using a tactic
called “spear phishing,” which presents users with links that
download malicious programs to their computers..
Company Background
Google also found that a database that contained information
on judges' orders regarding permission to monitor e-mails had
also been compromised.
Types of Controls
Security controls can be enforced using
Authentication, Authorization and Access
Controls.
Authentication
Authentication involves comparing the credentials
provided by the user to the credential present in the
database file of an authorized user or to the data
present in the authentication server.
Current Authentication
Methods
Three Factor Authentication
1. Something you know(Password)
2. Something have(Token)
3. Something you are(Biometrics)
Levels of Authentication
Single Factor Authentication
• One category of credentials
Multi-Factor Authentication
• More than one set of credentials
Authorization
Authorization is a process by which a server determines if the
client has permission to use a resource or access a file.
Current Authorization
Methods
1. Null Authorization
2. Layer 2 Segmentation
3. Layer 3 Filtering(ACLs)
Encryption
Encryption involves the process of transforming data so that it is
unreadable by anyone who does not have a decryption key.
• The Secure Shell (SSH) and Socket Layer (SSL) protocols are
usually used in encryption processes.
Access Controls
Access control is a security technique that regulates who or what can
view or use resources in a computing environment.
It is a fundamental concept in security that minimizes risk to the
business or organization.
Types of Access Controls
1. Role-Based Access Control
2. Rule-Based Access Controls
Types of Access Controls
1. Mandatory Access Control
2. Discretionary Access Control
Vulnerabilities/Weaknesses
1. People-Human error, insider threats and hackers
2. Technology-Buffer overflows, backdoors and injection
3. Policy-Not enough secured policy causing loopholes.
“Spear Phishing”
1. Spear phishing is an email-spoofing attack that targets a
specific organization or individual, seeking unauthorized
access to sensitive information.
“Best Practices”
1.
Avoid providing personal information when answering an email,
unsolicited phone call, text message or instant message. If you’re
unsure about an email’s legitimacy, contact your IT department
or submit the email to Symantec Security Response through this
portal.
“Best Practices”
1. Don’t leak intellectual property- even accidentally. Sharing
a picture with a whiteboard or computer screen in the
background online could reveal more than someone
outside of your company should see
“Best Practices”
1.
Read the company’s Acceptable Electronic Use (AEU) policy,
and follow the policies for safe use of your devices. When
backing up to cloud services, be sure to talk to your IT
department first, for a list of acceptable cloud solutions.
“Best Practices”
1. Do not write passwords on sticky notes. Ensure your
password follows the acceptable organization policy
standards for strong passwords.
“Best Practices”
1.
If you need to leave your laptop, phone, or tablet for any length of time
- lock it up so no one else can use it. If you keep sensitive information
on a flash drive or external hard drive, make sure to keep these locked as
well. For desktop computers, shut-down the system when not in use - or
lock your screen.
“Best Practices”
1. Only install an anti-virus program from a known and
trusted source. Keep virus definitions, engines and
software up to date to ensure your anti-virus program
remains effective.
Network and Security
Recommendations
Network users should be trained on best security practices of
email usage.
Effort should be made to teach end users how to treat unknown
sources of email attachments and how to dispose of such emails
without compromising security.
All applications including Operating Systems (OS) should have the
latest service updates.
Network and Security
Recommendations
Introduce a firewall to secure ingress and egress points. A firewall
will subject data leaving in and out of the organization to a
security policy check.
Only authorized data will only be permitted in and out of the
organization.
Introduce managed switches to prevent unauthorized devices
from connecting to the network.
Knowledge Check and
Evaluations
To evaluate the effectiveness of the security program, knowledge
checks should be enforced to ensure that users are properly
informed.
Observe trainees during the session for your own perception of
their reception.
Get trainee feedback in writing immediately following the session.
Conclusion
Spear Phishing can be best avoided by observing best practices for
email and contents. Periodic user training will reduce the
likelihood of users falling for spear-phishing emails.
References
Dennis Craven, V. (2018). 6 Tips to Improve Your Building’s Access Control System:
Determine how to integrate the right level of secure access to the people who need
it. Buildings, 112(9), 46. Retrieved from
http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx
?direct=true&db=f5h&AN=131651963&site=eds-live&scope=site
PEISERT, S. (2017). Security in High-Performance Computing Environments. Communications
of the ACM, 60(9), 72–80. https://doi-org.ezproxy.umuc.edu/10.1145/3096742
Khojasteh, M. J., Khina, A., Franceschetti, M., & Javidi, T. (2018). Authentication of cyberphysical systems under learning-based attacks. Retrieved from
http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx
?direct=true&db=edsarx&AN=edsarx.1809.06023&site=eds-live&scope=site