Security Awareness Training

1
Security Awareness Training

• Tacoma School District

2005
NEXT
2
Overview

• You will be introduced to various threats to the
  confidentiality, integrity, and availability of
  the Tacoma School Districts electronic digital
  resources, as well as to the personal information
  of yourself and the students we serve.
• You will be provided with countermeasures to
  those threats and reminded of applicable
  policies, procedures, guidelines, and acceptable
  use practices.
• Finally, you will be provided with the knowledge
  for whom to contact should you observe, suspect,
  or be informed of a security breach or incident.
• Lets get started!

NEXT
3
Malware

• What is it?
• Viruses, spyware, adware, Trojans, worms,
  rootkits, and any other form of malicious and /
  or unauthorized software
• One of the biggest threats on the Internet today
• Can lead to identity theft, data compromise, and
  unstable / untrusted systems
• How to protect against it?
• Dont visit questionable websites
• Dont visit links forwarded in joke or other
  email lists
• Finally, keep up-to-date with Antivirus and
  Antispyware signature definitions
• Remember to always Think first, click second!
  SANS.org

NEXT
4
Email Chat Use

• Never open attachments from unknown / untrusted
  sources
• Never open suspicious attachments from known
  sources
• Never open or forward jokelists (one way for
  spammers to harvest legitimate addresses)
• Never send passwords or account info in
  unencrypted email
• Never respond to emails containing to be
  patches, as vendors nor Technology Services
  staff ever send updates via email
• Never open attachments with double extensions
  (i.e. .doc.exe)
• Never use externally-hosted chat programs!
• Yahoo, MSN, AOL, ICQ, etc. dont have ANY virus
  detection capabilities and are a large source of
  viruses and worms.

NEXT
5
Social Engineering

• What is it?
• Manipulating people or situations usually based
  on trust or threats of escalation.
• Examples
• In Spring 2005, CTE students informed teachers
  that their passwords were forgotten, then
  provided teachers with other students CTE IDs
  because they knew teachers werent verifying the
  IDs matched the student requesting the password
  to be reset.
• Teachers changed the passwords, providing
  students with complete control of other students
  accounts and files.
• Some students even left ransom notes for the
  other students in order for them to get their
  work back!
• LESSON LEARNED Always verify CTE IDs match the
  student requesting a password reset!
• On 6/28/05 SANS Internet Storm Center
  (http//isc.sans.org) posted the following MS
  Security Bulletin Scam
• The Websense announce says there is a new email
  scam disguised as a Microsft Security Bulletin.
  Users receive an email message which urges the
  immediate installation of an MS cumulative
  security patch. If a user executes the file, the
  user will be infected by a new BOT variant.

NEXT
6
Social Engineering Part II

• A new and rapidly rising and devastating attack
  exists called Spear Phishing.
• Attack sends an email appearing to come from
  someone in the organization (often a high-ranking
  employee) with various topics and requests in the
  body of the message.
• Called spear phishing because it cuts through
  the firewall as if it didnt exist! How it
  works
• Fake (spoofed) email arrives
• User follows instructions in link to do what is
  requested / demanded
• Backdoor Trojan installed sending a connection
  back to the attacker through web traffic (which
  is allowed through the firewall)
• Attacker sends commands to computer to do
  anything they want (i.e. steal passwords, data,
  or personal information, infect or attack other
  computers, sniff the network, etc.)
• NOT detected by anti-virus or anti-spyware
  software
• Best defense is not to follow instructions or
  hyperlinks sent to you from anyone. When in
  doubt, call the person supposedly sending it to
  you for verification of authenticity.

NEXT
7
Physical Computer Security

• Lock desktop or log off when walking away
• Verify authenticity of unknown/untrusted media
  (even if sent in packages from vendors)
• Never attach home laptops or other unauthorized
  devices to the District network
• Dont leave laptops in cars
• Watch laptops carefully at airports
• Finally, always use laptop locks when traveling

NEXT
8
Policies and Procedures

• In addition to the practices identified, users
  are reminded of the Districts Acceptable Use
  Policy for Digital Resources, which they are
  required to have agreed to and signed.
• This Policy can be found online at
• www.TacomaSchools.org/SchoolBoard/Policies/6973R.p
  df.
• Additionally, users can find all other
  procedures, guidelines, and information security
  forms and documentation at
• www.TacomaSchools.org/InformationSecurity/Security
  Docs.asp

NEXT
9
Incident Reporting

• What is an incident?
• Any event that would be considered in violation
  of District policy and acceptable use practices
• For example
• Password sharing, computer misuse (including
  inappropriate web surfing activity), etc.
• Who to report one to?
• Alerts mailbox Alerts_at_tacoma.k12.wa.us
• Extension 1137 or call BERT at 2365
• What to do
• Leave the computer in its current state unless
  otherwise instructed by the Technical Security
  Documentation Coordinator
• Report anything suspicious or violations observed
• What not to do
• Speak with anyone else about the matter (aside
  from your direct manager, unless thats who
  youre reporting on)
• Take any actions on the computer without explicit
  direction from the Technical Security
  Documentation Coordinator risk of
  losing/invalidating evidence

NEXT
10
Conclusion

• With Internet-connected systems, security is
  presented with new challenges every day.
  Attackers will attempt to exploit your trust to
  bypass security controls, so it is up to you to
  make sure that you always
• Think first, click second!
• Thanks for your time and attention during this
  presentation. With your help and awareness, we
  can ensure that the Tacoma School Districts
  learning environment continues to be a safe and
  secure one!

START OVER
EXIT