Traveling Safely SIRT IT Security Roundtable - PowerPoint PPT Presentation


PPT – Traveling Safely SIRT IT Security Roundtable PowerPoint presentation | free to download - id: 3beab7-MTZmM


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

Traveling Safely SIRT IT Security Roundtable


Traveling Safely SIRT IT Security Roundtable Harvard Townsend Chief Information Security Officer May 7, 2010 What s on your mind? * * * * * Computrace ... – PowerPoint PPT presentation

Number of Views:99
Avg rating:3.0/5.0
Slides: 35
Provided by: kstateEd9
Learn more at:


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Traveling Safely SIRT IT Security Roundtable

Traveling SafelySIRT IT Security Roundtable
Harvard Townsend Chief Information Security
Officer May 7, 2010
  • What and where are the risks?
  • Using Internet cafes and WiFi hot spots safely
    (is that possible?!)
  • Protecting your eID and other passwords
  • Protecting your personal and financial info
  • ATM security
  • Airport risks
  • Laptop security
  • Things to do before you leave (important!!)
  • USB Flash drive security
  • Beware of export restrictions on certain
  • K-State VPN service

What are the risks?
  • Physical theft (esp. your laptop or phone, and of
    course wallet/purse)
  • Information loss/theft (personal, institutional,
    passwords, acct info)
  • Identity theft
  • Financial fraud/theft

Where are the risks?
  • Internet cafés
  • WiFi hot spots
  • Any public computer, even some private ones (e.g.
    hotel business center)
  • Airports
  • ATM machines
  • Any country with lax law enforcement or
    untrustworthy government

Is China a Risk?
  • January 2010 Google discloses cyber attacks
    from China that target Gmail accounts of Chinese
    human rights activists as well as intellectual
    property some 30 other corporations similarly
    attacked Google implicates the Chinese
  • January 25, 2010 five web sites of Chinese
    human rights groups hit by DDoS
  • April 2010 NY Times reporters email hacked
    while in China reports that many of his
    colleagues experienced the same thing
  • April 2010 - Researchers at University of Toronto
    exposed a cyber spy ring that pilfered documents
    and email from computers in 100 different
    countries the common thread is the attacks
    originated from computers in China and targeted
    the Dalai Lama (stole his email), Tibetan human
    rights advocates, the Indian Defense Ministry,
    and foreign journalists who cover China and
  • China is a hotbed for cybercrime, state-sponsored
    or otherwise
  • Extremely lax IT security
  • Recent amendment to Chinese Law on Guarding State
    Secrets states that "Information transmissions
    should be immediately stopped if they are found
    to contain state secrets," and that if state
    secrets have been found to be leaked, the
    companies must keep records of the incident and
    notify authorities. The definition of state
    secrets in China is quite broad information such
    as maps and economic statistics could be
    considered prohibited for discussion. Theres no
    such thing as privacy or net neutrality in

Internet Cafés
  • Technology typically not managed well.
    Susceptible to
  • Worms, Trojan horses, etc.
  • Keyloggers
  • USB thumb drive infections
  • Browser cache, temporary files, deleted files,
    log data leave a trace of your activity
  • Staff sometimes part of the conspiracy

Internet Cafés
  • What can you do about it?
  • Avoid them altogether, or just use them for
    innocuous activities like checking the weather,
    bus/train/flight schedules, tourist sites
  • Research local Internet Cafés before you leave or
    ask someone you trust (hotel concierge?) to
    determine which ones are reputable
  • Never use them for financial transactions
  • If at all possible, dont use your K-State eID
    and password (even secure web access with https
    does not protect you from keyloggers)
  • Make sure it has antivirus software running and
    up-to-date do a manual scan if possible check
    for a firewall too
  • Or run a free web-based AV check (like Trends
    HouseCall - http//,
    although this can be time-consuming and youre
    paying for your time on the computer
  • Check installed programs, programs running in
    memory for anything suspicious (difficult for
    average user, esp. if the programs are in a
    foreign language)

Internet Cafés
  • What can you do about it?
  • When you delete a file, use a secure delete tool
    like Eraser (if you can install programs on the
  • NEVER let it save your login/account
    informationin the browser
  • Use Private Browsing in Firefox or IE which
    doesnot save any history/cache/cookies
  • Or clear the browser cache, cookies, history
    beforeyou leave
  • Firefox Pull down Tools menu, select Clear
    Private Data, check all the boxes, select Clear
    Private Data now
  • IE Pull down Tools menu, select Delete
    Browsing History, select Delete All
  • Watch for shoulder-surfing
  • Dont leave your computer unattended with any
    sensitive information showing, or authenticated
    sessions open (lock the screen)
  • Carry your own programs on a USB flash drive
    (browser, AV software, email client, password
    safe, VPN client, Secure erase, etc.)
  • Summary AVOID or BE PARANOID!

Other public computers
  • Treat them ALL with suspicion
  • Hotel business centers
  • Probably better than Internet café, esp. at
    reputable hotel, but even those are not without
  • They typically use an acct with Administrator
    privileges, so anyone can install anything
  • Use same precautions as Internet Cafés
  • Dont use for financial transactions, your
    eID/password, or other sensitive sessions if at
    all possible
  • Plug your own laptop in if possible turn off
    File/Printer sharing

Other public computers
  • Public libraries
  • In U.S., have extensive filtering that can
    prevent some malware too. Might be better managed
    than other public computers, depending on the
    staff at that library
  • Public Kiosks
  • Danger, Will Robinson! (just check the weather
    and news)

The WiFi Dilemma
  • Its SOOO useful and SOOO risky
  • Unsecured wireless networks are very easy to
    snoop someone near you or even across the
    street can watch ALL of your traffic
  • Are freely available programs that watch WiFi
    traffic looking for anything that looks like a
    username and password, or account info
  • Hotels just because you have to register/pay or
    authenticate doesnt mean its secure. They
    typically are not encrypted and you dont know
    who is in the room next to you.

Wireless security
  • Use K-States VPN service to access K-State
    systems this does NOT protect your other
    Internet traffic
  • Dont do financial transactions or other
    sensitive work in public WiFi zones, if possible
    HTTPS reduces the risk
  • General wireless
  • Wireless

Protecting your eID
  • Avoid using it in Internet Cafés and other public
    computers, if possible
  • Use K-State VPN service to access K-State
    resources when possible
  • Change your eID password when you get home as a

Protecting Your Personaland Financial Information
  • Take all the online precautions mentioned thus
  • Always know where your passport is
  • Stow it securely on your person
  • Hide it in your hotel room or put it in a safe
  • Beware of pick-pockets
  • Conceal your valuables
  • Dont let a vendor/server take your credit card
    out of your sight
  • Pay with cash as much as possible (so you dont
    have to use your credit card)
  • Let your credit card companies know your travel
    destination and dates (can now do this online
    with some major credit cards)

ATM security
  • US Secret Service estimates annual loss from ATM
    fraud at 1 billion (350K per day!), 80 of that
    due to card skimming (bogus card reader placed
    over the top of the real card reader)
  • ATM skimmer device attachedto an ATM machine
    to steal bank account info
  • Rampant in Europe, growing threatin U.S. too
  • Look for indicators of tampering with the keypad
    or card swipe/feed mechanism
  • Device fits over real card reader and stores or
    transmits (via cell phone, for example) the data
    from the magnetic stripe on the card criminals
    also get PIN with camera or fake keypad
  • Can buy skimmers online for 1500-2500

ATM Skimmers
Bogus keypad designed for Diebold ATM
Skimmer found at Citibank ATM in Woodland Hills,
CA, Dec. 2009
Skimmer found at Wachovia Bank in Alexandria, VA,
Feb. 28, 2010 loss to customers exceeded 60,000
ATM security
  • Only use ATMs in the lobby of reputable banks
    esp. beware of solitary ATMs in secluded places
    at night
  • Watch for people looking over your shoulder
  • Make a few large withdrawals instead of many
    smaller ones so you use the card less often

  • High risk of theft
  • 16,000 laptops lost or stolen in airports in US
    and Europe PER WEEK!!
  • Will cover laptop security later
  • Dont let valuables out of your site, esp. at
    security screening criminals target airports and
    create diversions to distract you while they
    steal your laptop

  • Use same precautions with the public WiFi in
    airports that you would in any public WiFi hot
  • General rule dont connect to unknown wireless
  • Remember that just because you pay for the
    service does not mean its secure.

  • Beware of the oft-seen but bogus Free Public
    WiFi adhoc/computer-to-computer wireless
    network dont try to connect to it.
  • It may give someone access to your computer if
    you have file sharing enabled without password
    protection or an account without a password
  • In most cases, its harmless, but your computer
    may start advertising Free Public WiFi to
    people near you

  • Know what you can and cannot bring into the
    country dont discover that at the Customs
    check at the destination airport
  • Israel would not allow iPads into the country for
    about two weeks in April due to an unfounded fear
    that its WiFi implementation might interfere with
    communications and did not meet European Union
    standards (not true)

Laptop Security
  • Six stolen on K-State campus thus far in 2010
  • Stolen laptops a daily occurrence in Manhattan
  • Never leave unsecured laptop unattended
  • Use a locking security cable
  • Hotel room
  • Public locations, coffee shop
  • Conferences, training sessions
  • Cost 15-50, combination or key lock
  • Dont leave it in view in your vehicle
  • Dont trust the trunk - remember the quick
    release lever inside the vehicle?
  • Use strong password on all accounts
  • Dont store sensitive info on it, but if you have
    to, encrypt the entire hard drive (K-State uses
    PGP Whole Disk Encryption software for this

Laptop Security
  • Dont let it out of your sight when you travel
  • Be particularly watchful at airport security
  • Always take it in your carry-on luggage
  • Never put it in checked luggage
  • Use a nondescript carrying case
  • One that doesnt look like a laptop carrying case
  • Remove the manufacturer logo from the case
  • Be careful when you take a nap in the airport
  • Wrap the carrying case strap around your body
  • Or use the locking security cable to secure it
  • Take a cheap netbook or an iPad instead of your

Tracking RecoverySoftware
  • If stolen, the computer contacts the company the
    next time its on the Internet the company then
    traces it and contacts law enforcement to recover
    it very effective in the U.S. inconsistent
    results outside the U.S.
  • This software led to the recovery of a laptop
    stolen in Columbia, MO, that later appeared on
    the K-State network (January 2010)
  • Computrace LoJack for Laptops from Absolute
    Software ( is an example
  • Pre-installed in BIOS on many laptops
  • Dell
  • HP
  • Have to buy the license to activate
  • Costs about 30-50 per year

Before you leave home
  • Backup your data
  • Record identification information
  • Record make, model, serial number of laptop
  • Take pictures of it
  • Label it with ownership and contact info a
    conspicuous label is a significant deterrent
  • Write down credit card account numbers and phone
    numbers for credit/debit card companies (and take
    it with you) cant use U.S. toll-free numbers
    overseas but can call them collect so take the
    right phone numbers with you
  • If leaving the country, notify the financial
    institutions of the accounts you will use
    (destination and dates of travel) otherwise,
    they are likely to lock your account when they
    see transactions from another country
  • Notify the U.S. state department if going to a
    volatile location

USB Flash Drive Security
  • DO NOT store confidential data on them!!
  • Too easy to lose, easy target of theft
  • Common way malware spreads dont use it in a
    computer you cannot trust, like an Internet Café
    just putting the drive in the computer can infect
  • Dont use it as a backup device
  • Delete files so they arent recoverable
  • Good tool for this is Eraser (
  • Encrypt files on it with TrueCrypt
    ( or -
  • Buy an encrypted USB flash drive
  • Ironkey a popular brand 8 GB encrypted drive
    about 200 -

Export Controls
  • Export broadly defined by Feds, includes
    actual shipment of any covered goods or items
  • Export Administration Regulations (EAR) by the
    Commerce Dept. controls technology types of
    encryption technology have historically been an
  • Intl Traffic in Arms Regulations (ITAR) by the
    State Dept. controls weapons (duh!)
  • K-States University Research Compliance Office
    (URCO) has training

Is the Cisco VPN clientrestricted?
  • Civilian Solutions Restricted Encryption and
  • Cisco's restricted strong encryption solutions
    may be exported or re-exported to most
    civilian/commercial end users located in all
    territories except the embargoed destinations and
    countries designated as supporting terrorist
    activities. Countries listed in Part 746 of the
    EAR as embargoed destinations requiring a license
    are Cuba, Iran, North Korea, Sudan, and Syria.
  • See list of countries with embargos at

Cisco VPN client?
  • Government Solutions Restricted Encryption
  • Government entities not located in the following
    countries require a U.S. export license in order
    to obtain restricted non-retail strong encryption
    items Austria, Australia, Belgium, Canada, Czech
    Republic, Cyprus, Denmark, Estonia, Finland,
    France, Germany, Greece, Hungary, Ireland, Italy,
    Japan, Latvia, Lithuania, Luxembourg, Malta,
    Netherlands, New Zealand, Norway, Poland,
    Portugal, Slovakia, Slovenia, Spain, Sweden,
    Switzerland, United Kingdom, United States.

Virtual Private Network (VPN)
  • VERY good thing to use to access K-State from
    off-campus, like public WiFi hotspots
  • Encrypts all network traffic between your
    computer and the K-State border
  • Makes your computer appear to be on campus to get
    access to restricted resources
  • Does NOT necessarily encrypt everything that goes
    to the Internet (split tunneling)
  • Also does not encrypt traffic once it is on
    campus, but thats not important when youre

(No Transcript)
Virtual Private Network (VPN)
  • Must install Cisco VPN Client software
  • Information and software (including a new 64-bit
    Windows client) available
  • Cannot use it on campus yet (to secure your
    wireless, for example) will be able to soon.
  • If can get to Internet but not K-State, modify
    the Transport configuration in the VPN client
  • Enable Transparent Tunneling
  • IPSec over TCP

Whats on your mind?