Hack Proof Yourself! , livre ebook

Tablo Pty Ltd - Dan Weis

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

279 pages

English

Vous pourrez modifier la taille du texte de cet ouvrage

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

A propos
Informations
Extrait

Description

We live in a digital age where everyone needs to be cyber security aware, and understand the cyber security basics to stay safe online. Hack Proof Yourself! gives you all the information you need to keep yourself and your family secure in today's digital world. This book provides practical to the point guidance and step-by-step instructions on how to stay safe and secure and identify the various types of scams that turn individuals into victims of cyber crime. A must for anyone who has an online presence in today's connected world.

Sujets

Online Privacy

Online Safety

Computers

Informatique

Informations

Publié par	Tablo Pty Ltd
Date de parution	30 juillet 2019
Nombre de lectures	0
EAN13	9781925993691
Langue	English
Poids de l'ouvrage	10 Mo

Informations légales : prix de location à la page 0,0500€. Cette information est donnée uniquement à titre indicatif conformément à la législation en vigueur.

Extrait

Preface
This book was born from my struggles with trying to share the concept of cyber security to the average joe. As a cyber security guy, I have a real passion for anything cyber and security related and love helping people to stay secure online. I present frequently at conferences and community safety events, and I found that at a lot of these events, people didn't understand a lot of the very basic security concepts like Phishing. Even trying to explain cyber stuff to my father is really hard, and results in him becoming frustrated and not using the password manager I set up for him, and going back to using common passwords. This is an issue that so many people face and are frustrated with daily. When i'm delivering a keynote address at an event or conference, these are great for educating the attendees, but I wanted to share my knowledge with the rest of the world, and help as many people as I can, and I felt a book was the best way to do this, which is why Hack proof Yourself! was born.
This book is perfectly suited for people that use technology daily, whether it be phone, computer, internet etc. but don't understand or struggle with those cyber security concepts. In my opinion, its a must for every individual in every organisation, and for anyone that's connected and has an online presence.

Introduction
My Name is Dan Weis, I’ve been in the IT industry since around 1994 and have been in the I.T Security industry for the past 9 years. My day-to-day job for the last 8+ years has been as a Penetration Tester / Ethical Hacker and Security Specialist for an I.T services company based in Melbourne Australia, providing specialist security services and consulting to private organisations and Government. I have worked with clients from all areas and all industries over the past 23 years, ranging from a single user to tens of thousands of seat companies and with some of the most widely known organisations and brands in the world. I’m also a trainer and public speaker and love educating the public and techies on protecting themselves and their businesses. My years of experience in the various areas of I.T consultancy, Management, support and most of all Security, have provided me a wealth of information and experience that I share with people and organisations every day.
Welcome to Hack Proof Yourself! I have designed this book for the average Joe, for the normal population who may not be as nerdy or as tech savvy as some of us I.T Nerds, Oops. I mean professionals.
Unfortunately we now live in an almost exclusive digital world, everything is online, information is easily accessible and at the fingertips of everyone, anytime. Cyber Security isn’t anything new, it’s a massive industry that’s been around for a very long time, but there is still a massive lack of knowledge of cyber security basics for the common folk, and as attackers continue to get smarter and more and more sophisticated, everyone is now a potential target for cybercrime and now needs to protect themselves, and their families.
As the statistics grow every year for cyber-attacks and data breaches, it doesn’t mean that you need to be included in those statistics, so it’s time to get educated and Hack Proof yourself and your family.
This book contains the following markers:
All sections contain links to reference information/credits represented by [] and a number. These numbers correlate to the references in the Reference section at the end of the book as well as direct links.
A light bulb indicates a helpful tip or real world finding
An exclamation Indicates a “Gotcha” that you should be aware of.

The Need for Cyber Security
I often get asked the question from individuals and businesses, why would I be targeted? What do I have that they could possibly want?
Although there are many reasons for Cyber Security from Extortion to payback to kids experimenting, cyber-criminal gangs, state sponsored and others, it usually comes down to two overall reasons; you have information and you have money or access to money. These two reasons are the prime motivations for attackers and why businesses and people are hacked every minute of every day. It’s an easy pay day for attackers as most people are not educated (or educated enough) on cyber security and online risks.
The other problem we have is growth, the Technology space has come so far in a such a short amount of time and people still haven’t grasped the basic security concepts. Now because of this growth, we now have a unique set of challenges, and it also means that Regardless of your job, Age, Race or country we now all need to be “I.T Savvy”
Let’s put the digital world in perspective.
Our digital world
A great report [1] is put out each year from Hootsuite [2] and we are social [3] which gives us a large amount of great information on our digital world. Here’s some important information to note from their 2019 report. There are 5.11 billion unique mobile users in the world today (2019), This is up 100 million from the past year. There are 4.88 billion internet users in 2019, an increase of 366 million versus January 2018. There are 3.48 billion social media users in 2019, with the worldwide total growing by 288 million since 2018. 3.26 billion people use social media on mobile devices as at January 2019, up by 297 million new users compared to 2018 There are 4.38 Billion active internet users in the world which is 57% of the total world’s population. 2018 saw over 5 Billion breached records exposed [4] Scams are ever increasing and scammers are making serious cash, in one Health Care Fraud Scam [5] in the US, scammers made over 2 Billion dollars in this one scam alone, similar massive amounts are lost in most countries, for example Scammers targeting Australians managed to scam $489 million from victims in 2018 [6]
It’s no wonder that cybercrime continues to grow massively every year, with so much potential for success, it’s a lucrative space for attackers.

The Techie stuff
So this book is designed for the everyday person right, so why is the section about techie stuff? It’s important that you understand the different types of attacks that attackers use, to steal your identity, your data, personal information and of course money so you can protect against these techniques and attacks. Remember the Quote by Sun Tzu from the Art of War, “If you know the enemy and know yourself, you need not fear the result of a hundred battles”.
Terms
It’s important that you familiarize yourself with the following security related terms. These terms will be referenced numerous times throughout the course of this book.
Phishing / Spear Phishing
Phishing are those dodgy emails that you get that claim there has been some sort of unauthorized transaction(s) on your account, or some kind of unusual activity and to click some link to verify your details, or that your FedEx, UPS or postal service package has been delayed and to open the email to see what’s going on, we have all seen these types of emails before.
The goal of Phishing is generally to harvest data (usually usernames and passwords) or to infect you with malware.
Here are some recent examples:
Bank of America:
Apple / iTunes:
Bank Notifications:
Common indicators include: Sender is unknown or you are not expecting an email from the person. Similar sounding domain names, eBay-secure.com, paypol.com etc. Incentive based surveys, prizes Missing Logos, Spelling and/or grammatical mistakes Generic greetings Links with alternate URL’s, such as shorteners (tinyurl, bit.ly etc.) We will discuss these tactics and more in detail in the Think before you click Chapter.
There are a number of reasons why these attacks continue to work: The human element, sometimes the person knows it looks ‘dodgy’ but will continue anyway out of curiosity or confusion. People have a natural desire to be helpful (and curious) The person may be distracted, tired and it only takes one slip of concentration to be successful, think exhaustion from a newborn baby as an example. The user is lacking in cyber security awareness The user is expecting a package or similar and mistakes the Phish for a real email Fear, a classic social engineering tactic is to utilise fear to invoke an immediate response without thinking like a Speed Camera fine notification, email from the CEO etc.
Each day Phishing emails get more sophisticated and harder to spot, which is why it is important for you to stay abreast of the latest techniques utilised and the types of campaigns and leverage services like the US Scams and Frauds Website:
https://www.usa.gov/scams-and-frauds
And country specific scam websites like scamwatch:
https://www.scamwatch.gov.au/
Spear Phishing is similar to Phishing, the difference being that Spear Phishing is more targeted and tailored to the target, such as performing reconnaissance and staging the attack to one person, rather than emailing the same email to say 1000 people
Malware
Malware stands for Malicious Software. In the past we had computer viruses, everyone knows what a computer virus is, but computer viruses, they don’t exist anymore, malware exists in its place, and it’s exactly that; malicious software designed to perform some sort of malicious action, like taking data from a machine, taking control of a machine or another activity. There is a myriad of different types of malware, from ransomware, through to trojans, worms, I will not cover each individual type in this book, as there are a tonne of resources out there on malware if you would like to know more.
Here’s an example of Ransomware Malware, a piece of malware designed to encrypt all the files on your machine and lock you out of the machine until you pay a fee in bitcoins to recover your data.
Social Engineering
All attacks that target individuals and businesses leverage some form of Social Engineering, which makes it the most important term to learn.
Social engineering is ot