Tag Archives: cyber

Start-up Security Guide – DIY Style

Inspired by this blog by Isaiah Sarju and this presentation given during the 2017 Denver Startup Week, I am sharing my own version: A DIY (do it yourself) Cybersecurity Guide for Startups!

This guide includes some of my favorite resources that I believe can serve as a great starting point for founders to use and build a strong security foundation for their startups.

Please make sure you check-out Isaiah’s post and the Denver presentation above; both of these are extremely thoughtful and valuable pieces!

Category Resources
Start Here Security Planner, DIY Cybersecurity, Take-Five (financial fraud focus), APWG, SSD
Multi-Factor Authentication Availability TwoFactorAuth
Password Manager Quick Guide, Password Strength Test, Identify Compromised Account
Browser Extensions Privacy Badger, HTTPS Everywhere,
Application Security OWASP, Checklist/EBooks, Secure Coding Course, DIY Hack
Sensitive Info Sharing Wire, Wire’s Audit, Signal, Signal’s Audit
System Encryption PC, MAC: Src1, Src2 Portal Media: Src1, Src2
OS Update PC, MAC
VPN Background, Comparison
Separate Work & Personal on a Budget VirtualBox, VMWare Player, Workstation Pro, MAC Fusion, Trial Virtual Machines, Live OS
The principle of Least Privilege Windows 10, Windows 7, MAC OS
Backup Everything PC, MAC
Who’s Watching Privacy Screens, Webcam Covers
Prevent Accidental Data Exchange SyncStop
Report Abuse / Take Down Request AWS, Azure, Google Cloud, Salesforce, Cloudflare
Check/Request Domain Category Google, Windows Defender, Norton, Symantec, McAfee, Palo Alto, Web of Trust
Internet Crime Complaint Center IC3
Public Security Page Security Page
Phishing Report APWG
Security Education/Awareness Stop.Think.Connect, Interactive Game, Safe Online,
Sector-based Information Sharing and Analysis Centers ISACs
Cyber Readiness Index by Country CRI

If you found this helpful please let me know by sending me your comment and feedback below!

I plan to keep this a live list so if you know of a resource that is not already listed but will benefit others, feel free to share and I will make sure to include it!

Also, as you may know, Phishing remains as the most common tactic used by attackers to compromise both companies and individuals.
“Three out of ten people will open a phishing email while one of those will proceed to click on the link, possible infecting not only their own computer but the whole firm”. – Ref.

As part of this post, I am offering a practical, hands-on training on how you can triage and respond to Phishing attacks to protect yourself, your employees and ultimately your company.

Complete the form below and let me know if you would like to learn more!

Advertisements
Tagged , ,

Botnets?

How does it feel to know that your personal computer can be remotely controlled by someone without your knowledge for ill purposes? Or worse, instead of a single individual having this unauthorized access to your system it can be a group of people over the internet that controls what your computer does and how it does it. In the field of Information Security, if your system is involved in such control it is considered a bot: a computer system being controlled by an automated malicious program. In addition, your computer system can be part of a larger group of infected computer systems and these collections of infected computers create botnets. Casually, these bots are also referred to as zombies and the remote controller is called the botmaster. So how are these bots born and grow into botnets?

According to Damballa, an independent security firm’s annual threat report, “at its peak in 2010, the total number of unique botnet victims grew by 654 percent, with an average incremental growth of 8 percent per week ”. Originally, these bots are developed by tech-savvy criminals who develop the malicious bot code and then usually release on the open internet. While on the internet, the bot can perform numerous malicious functions based on its code design but it most cases it spreads itself across the internet by searching for vulnerable, unprotected computers to infect. After compromising victims’ computer, these bots quickly hide their presence in difficult to find locations, such as computer’s operating system files. The botmaster’s goal here is to maintain the compromised system behavior as normal as possible so the victim does not become suspicious. Common activities that bots perform at this stage involve registering themselves as the trusted program in any anti-virus program that might be on victim’s computer. Moreover, to maintain persistence, bots add their operations in systems startup functions which results in bots automatically reactivating even after shutdown/restart. Throughout this process, bots continue to report back to botmaster and wait for further instructions.

Below lists some of the common operations that bots can perform on behalf of its botmaster:

Sending
Stealing
DoS (Denial of Service)
Clickfraud
They send
– spam
– viruses
– spyware
They steal personal and private information and communicate it back to the malicious user:
– credit card numbers
– bank credentials
– other sensitive personal information
Launching denial of service (DoS) attacks against a specified target. Cybercriminals extort money from Web site owners, in exchange for regaining control of the compromised sites.
Fraudsters use bots to boost Web advertising billings by automatically clicking on Internet ad

As the chart above states, there are numerous functions that bots can perform. However, recently bots have mainly been used to conduct Distributed Denial of Service (DDoS) attacks: utilizing hundreds or thousands of bots from around the whole world against a single target.  Botmaster’s goal with DDoS is to use thousands of bots with numerous botnets to attempt to access the same resource simultaneously. This overwhelms the resource with thousands of requests per second thus making the resource unreachable. This inaccessibility of the resource has severe effects on legitimate users and requests. According to FBI, “botnet attacks have resulted in the overall loss of millions of dollars from financial institutions and other major U.S. businesses. They’ve also affected universities, hospitals, defense contractors, law enforcement, and all levels of government”.

A misconception exists that if your system does not hold any valuable information or if you do not use your system to conduct online financial transactions than an adversary is less likely to target your system. Unfortunately, as much as we would like this to be true, it is not the case. For botnets, the most valuable element is your system’s storage and your internet speed. Our personal computers are now capable of storing and processing terabytes of information seamlessly and are able to use our high-speed internet to transfer this information.  As stated by a malware researcher team from Dell SecureWorks, botnets “allows a single person or a group to leverage the power of lots of computers and lots of bandwidth that they wouldn’t be able to afford on their own”.

——————————————————————-

http://www.fbi.gov/news/news_blog/botnets-101

https://www.damballa.com/press/2011_02_15PR.php

http://news.discovery.com/tech/what-are-botnets-110304.htm

http://us.norton.com/botnet/

Tagged ,
Advertisements
Advertisements