Posts Tagged ‘cybersecurity’
Why everyone still falls for fake emails
By Richard Matthews Jul 31, 2017
Phishing is likely to get only more sophisticated.
Based on my experience in Tallinn, we will see companies become more transparent in how they deal with cyber attacks. After a massive cyber attack in 2007, for example, the Estonian government reacted in the right way.
free anti-phishing software
more on phishing in this IMS blog
Tips Toward a Safe and Positive Social Media Experience
By Stephen Spengler 06/01/17
Family Online Safety Institute recommends that parents engage in “7 Steps to Good Digital Parenting”
1. Talk with your children.
2. Educate yourself.
3. Use parental controls. Check the safety controls on all of the Android and Apple devices that your family uses. On the iPhone, you can tap SETTINGS > GENERAL> RESTRICTIONS and you can create a password that allows you enable/disable apps and phone functions. On Android devices, you can turn on Google Play Parental Controls by going into the Google Play Store settings
parental monitoring software such as NetNanny, PhoneSherriff, Norton Family Premier and Qustodio.
4. Friend and follow your children on social media. Whether it’s musical.ly, Instagram or Twitter, chances are that your children use some form of social media. If you have not already, then create an account and get on their friends list.
5. Explore, share and celebrate.
6. Be a good digital role model.
7. Set ground rules and apply sanctions. Just like chore charts or family job lists, consider using a family social media or internet safety contract. These contracts establish ground rules for when devices are to be used; what they should and should not be doing on them; and to establish sanctions based on breaches of the family contract. A simple internet search for “family internet contract” or “family technology contract” will produce a wealth of available ideas and resources to help you implement rules and sanctions revolving around your family’s technology use. A good example of a social media contract for children can be found at imom.com/printable/social-media-contract-for-kids/.
Managing Your Digital Footprint
Your digital footprint, according to dictionary.com, is “one’s unique set of digital activities, actions, and communications that leave a data trace on the internet or on a computer or other digital device and can identify the particular user or device.” Digital footprints can be either passive or active. The passive digital footprint is created without your consent and is driven by the sites and apps that you visit. The data from a passive digital footprint could reveal one’s internet history, IP address, location and is all stored in files on your device without you knowing it. An active digital footprint is more easily managed by the user. Data from an active digital footprint shows social media postings, information sharing, online purchases and activity usage.
- Search for yourself online
- Check privacy settings.
- Use strong passwords
- Update software.
- Maintain your device.
- Think before you post
Keep These Apps on Your Radar
- Afterschool (minimum age 17) – The Afterschool App was rejected twice from the major app stores due to complaints from parents and educators. It is a well-known app that promotes cyberbullying, sexting, pornography and is filled with references to drugs and alcohol.
- Blue Whale (minimum age 10) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. It is a suicide challenge app that attempts to prod children into killing themselves.
- BurnBook (minimum age 18) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. It is a completely anonymous app for posting text, photos, and audio that promote rumors about other people. It is a notorious for cyberbullying
- Calculator% (minimum age 4) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. This is one of hundreds of “secret” calculator apps. This app is designed to help students hide photos and videos that they do not want their parents to see. This app looks and functions like a calculator, but students enter a “.”, a 4-digit passcode, and then a “.” again.
- KIK (minimum age 17) – This is a communications app that allows anyone to be contacted by anyone and it 100 percent bypasses the device’s contacts list.
- Yik Yak (minimum age 18) – This app is a location-based (most commonly schools) bulletin board app. It works anonymously with anyone pretending to be anyone they want. Many schools across the country have encountered cyberbullying and cyberthreats originating from this app.
- StreetChat (minimum age 14) – StreetChat is a photo-sharing board for middle school, high school and college-age students. Members do not need to be a student in the actual school and can impersonate students in schools across the country. It promotes cyberbullying through anonymous posts and private messaging.
- ooVoo (minimum age 13) – IF YOU FIND THIS APP ON YOUR CHILD’S DEVICE, DELETE IT. ooVoo is one of the largest video and messages app. Parents should be aware that ooVoo is used by predators to contact underage children. The app can allow users to video chat with up to twelve people at one time.
- Wishbone (girls) & Slingshot (boys) (minimum age 13) – Both are comparison apps that allow users to create polls, including ones that are not appropriate for children. Many of the users create polls to shame and cyberbully other children, plus there are inappropriate apps and videos that users are forced to watch via the app’s advertising engine.
Texas Teen May Be Victim in ‘Blue Whale Challenge’ That Encourages Suicide
Isaiah Gonzalez, 15, found hanging from his closet after an apparent suicide, as allegedly instructed by macabre online game
Nationally, the Associated Press reports that educators, law enforcement officers and parents have raised concerns about the challenge, though these two back-to-back deaths mark the first allegations in the United States about deaths directly linked to the online game. Internationally, suicides in Russia, Brazil, and half a dozen other countries have already been linked to the challenge.
more on social media in education in this IMS blog
There Are Plenty Of RFID-Blocking Products, But Do You Need Them?
hackers can access your credit card data wirelessly, through something called radio frequency identification, or RFID
card has a tiny RFID sensor chip. These chips are supposed to make life easier by emitting radio signals for fast identification. The technology helps keep track of livestock and inventory. It makes automatic payment on toll roads and faster scanning of passports possible, and, starting around 2004, brought us contactless payment with certain credit cards.
REI and other companies sell a range of RFID-blocking products and say the number of customers looking for travel bags and credit card sleeves has been growing. That’s despite the fact that the percentage of credit cards with RFID chips in the U.S. is extremely small.
Still, people are worried about electronic pickpocketing — worried enough to strap on RFID-blocking fanny packs, even skinny jeans. In 2014, the San Francisco-based clothing company Betabrand partnered with Norton Security to create the first pair of denim with RFID protected pockets.
Eva Velasquez, president of the Identity Theft Resource Center, says from a consumer perspective, deciding whether to invest in RFID-blocking technology is all about evaluating risk. In the next few years, there will undoubtedly be millions more of these cards on the market.
if you’re worried about e-pickpocketing but don’t want to spend much money, you can make your own blocking wallet or wrap your cards or passport in a thick piece of aluminum foil. According to Consumer Reports, that works as well as most RFID protectors on the market.
more on cybersecurity in this IMS blog
Girl Scouts to Earn Badges in Cybersecurity
The education program is being developed in a partnership between the Girl Scouts and Palo Alto Networks. Jun 23, 2017
The education program, which aims to reach as many as 1.8 million Girl Scouts in kindergarten through sixth grade, is being developed in a partnership between the Girl Scouts and Palo Alto Networks, a security company, the organization said in a press release.
more on cybersecurity in this IMS blog
You’ve Been Hacked! Explaining Cybersecurity to Students in an Interconnected Era
By Jacob Batchelor 06/01/17
Here’s an easy way to explain IoT hacks to students:
- A hacker accesses a device, like a webcam, through its internet connection. Devices with weak security or easy-to-guess passwords make easy targets.
- The hacker can then infect the device with malware, a type of computer virus that takes control of a device.
- The hacker now has a number of options. He or she can use the device to spy, infect other devices or attack a target like the servers (centralized computers that store network data) targeted in the October 2016 attack.
- Research the manufacturer. Are they reputable? Have they previously been hacked? Big, established companies based in developed countries are usually the safest.
- Read up on security features. Is the device password-protected? Can you set your own password? If so, make it a strong password that uses numbers, letters and symbols — avoid common words or phrases.
- Regularly check for updates. Good companies will regularly update the software on their devices to protect against vulnerabilities.
- Ask yourself — do you need it? Make sure internet-connectivity is something you really need on the device you’re using. In many cases, internet-connectivity is not necessary for the device to function properly.
a few tips that students can use to protect their privacy while using smartphones:
- Research apps before signing up for them. Is it from a reputable developer? Has it had security issues in the past? Use the same approach as when researching IoT devices.
- Look over the terms of service. What information does it require? Does it track or store your data? Can the developer sell your information? All of these questions are important to consider.
- Be careful when linking apps to your social media accounts. Giving apps access to your social media accounts makes them vulnerable to hacking. Is there a good reason for the accounts to be linked? Can you sign up without linking to a social media account?
- Use two-factor authentication. Two-factor authentication requires authorization beyond a password when using unrecognized devices such as entering a code sent to your cellphone. As apps allow, be sure to use two-factor authentication which will make it more difficult for hackers to access the information stored in your apps.
more on hackers in this IMS blog
Berkeley Launches Online Master of Information and Cybersecurity
By Joshua Bolkan 11/16/16
The University of California, Berkeley’s School of Information (I School) has tapped a private partner to help launch a new online program, Master of Information and Cybersecurity (MICS).
Dubbed cybersecurity@berkeley, the new program was developed in collaboration with the university’s Center for Long-Term Cybersecurity and College of Engineering.
The 27-unit course will use 2U’s online learning platform for live, weekly meetings. Between sessions, students will have access to interactive content designed by MICS faculty. Students will also have the opportunity to visit campus to meet faculty and classmates and attend lectures and workshops curated specifically for students in the program.
more on cybersecurity in this IMS blog
Carnegie Mellon Researchers Create Data Visualization Tool to Identify Cyber Attacks
By Rhea Kelly 11/07/16
Researchers at Carnegie Mellon University‘s CyLab Security and Privacy Institute have developed a new tool for analyzing network traffic and identifying cyber attacks. The tool uses data visualization to make it easier for network analysts to see key changes and patterns generated by distributed denial of service attacks, malware distribution networks and other malicious network traffic.
presented the tool last week at the IEEE Symposium on Visualization for Cybersecurity in Baltimore, MD.
more on cybersecurity in this IMS blog
A Voice Cuts Through, and Adds to, the Intrigue of Russia’s Cyberattacks
more on Eastern European hackers in this IMS blog:
Google Researchers Create AI That Builds Its Own Encryption
BY TOM BRANT OCTOBER 28, 2016 04:45PM EST
Alice and Bob have figured out a way to have a conversation without Eve being able to overhear, no matter how hard she tries.
They’re artificial intelligence algorithms created by Google engineers, and their ability to create an encryption protocol that Eve (also an AI algorithm) can’t hack is being hailed as an important advance in machine learning and cryptography.
Martin Abadi and David G. Andersen, explained in a paper published this week that their experiment is intended to find out if neural networks—the building blocks of AI—can learn to communicate secretly.
As the Abadi and Anderson wrote, “instead of training each of Alice and Bob separately to implement some known cryptosystem, we train Alice and Bob jointly to communicate successfully and to defeat Eve without a pre-specified notion of what cryptosystem they may discover for this purpose.”
same in German
Googles AI entwickelt eigenständig Verschlüsselung
Google-Forscher Martin Abadi und David G. Andersen des Deep-Learning-Projekts “Google Brain” eine neue Verschlüsselungsmethode entwickelt beziehungsweise entwickeln lassen. Die Forscher haben verschiedene neurale Netze damit beauftragt, eine abhörsichere Kommunikation aufzustellen.
more on AI in this IMS blog:
Privacy groups slam DHS social media proposal
By Sean Carberry Aug 23, 2016
The Department of Homeland Security’s proposed policy to collect information on the social media profiles of foreign travelers violates the rights of travelers and their American associates, according to privacy groups.
n a strongly worded rebuke of the proposed Customs and Border Protection policy, the Electronic Frontier Foundation argued that the rule change would do little to enhance national security and would open the door to greater spying on Americans.
Visa Waiver Program (VWP) travelers by adding requests for social media identifiers to the Electronic System for Travel Authorization and I-94W forms.
As FCW reported in June, the rule change came on the heels of a number of policies CBP initiated after criticism from Congress that potential terrorists could be exploiting the VWP, which allows citizens of 38 countries to enter the U.S. without a visa for up to 90 days.
Other human rights groups and civil liberties organizations submitted a joint letter to CBP stating that “DHS collection of online identity information is an intelligence surveillance program clothed as a customs administration mechanism.”
In more supportive comments delivered to CBP, the Center for Data Innovation said that just as universities, employers and lenders check social media profiles of potential clients, DHS should collect social media information from foreign travelers.