SAM KAMANGA - Cyber Security Presentation-JimYonaz

7/28/2019 SAM KAMANGA - Cyber Security Presentation-JimYonaz

1/29

Sam KamangaCyber Security and Computer Forensics Consultant

CYBER SECURITY IN THE SOCIAL NETWORKING ERA

IN TANZANIA


2/29

Contents

Cyberspace

Internet

Cyber Security and Cybercrime

Types of Cyber threatsSocial Media

Cyber-bullying

Preventing Cybercrime

Conclusion

Copyright Sam Kamanga 2012


3/29

Cyberspace

What is a Cyberspace Cyberspace is a world wide network of computers and

the equipment that connect, which by its very design isfree and open to the public (the internet)

Weve become increasingly reliant on the net and its

being used right now to transfer everything from friendlyemails to hypersensitive data.

The Problem has gotten more prevalent with always on,high speed internet access. Attackers are always outthere looking for that computer

As long as your computer is connected to the internet,that connection can go both ways.



4/29

The Internet

Every business is connected to the Internet. Every

businesss network is part of the internet.

The capacity to interact with each other is a key part

of their risk environment. Telco's, businesses,

universities, and households are all connected indifferent ways.

Cyber crime and cyber espionage pose increasing

risk to various Nations.



5/29


6/29

Why Need of Cyber Security

Cyber crimes are increasingat a very rapid pace

Hackers can ; Steal all information from a

victim computer

Can hack Bank Accounts andsteal all the money from them

Can misuse sensitiveinformation for Terrorism orpolitical causes.

Can disrupt critical nationsinfrastructure



7/29

Cybercrime

Computernetworks havedone for criminalsthe same thingtheyve done forlegitimatecomputers users.

Theyve made thejob easier andmore convenient.

What are cyber-

criminals after?Money

Confidential information

Testing out some scripts

Bring-down competition

Political agenda

Identify weaknesses insystems for educationalreasons



8/29

Cybercrime

Cyber attacks generally refer to criminal activity

conducted via the internet

The attacks can include stealing an organizationsintellectual property, confiscating online bankaccounts, creating and distributing viruses on the

other computers, posting confidential businessinformation on the internet and disrupting acountrys critical national infrastructure

Fact: Cybercrimes are costly if not quickly resolved : Cybercrimes can

do serious damage to an organizations bottom line.

All industries can fall victim to cybercrime



9/29

Types of Cyber Threats

Type Motivation Target Method

Cyber Warfare Military or political

dominance

Critical infrastructure,

political and military

assets

Attack, corrupt, exploit,

deny, conjoint with

physical attack

Cyber Espionage Gain of intellectual

Property and Secrets

Governments,

companies, individuals

Advanced Persistent

Threats

Cyber Crime Economic gain Individuals, companies,

governments

Fraud, ID theft,

extortion, Attack,

Exploit

Cracking Ego, personal enmity Individuals, companies,

governments

Attack, Exploit

Hacktivism Political change Governments,

Companies

Attack, defacing

Cyber Terror Political change Innocent victims,

recruiting

Marketing, command

and control, computer

based violence

Source analysis, Dr Irv Lachov Copyright Sam Kamanga 2012


10/29

Cyber Attacks Being Observed

Web defacementSpamSpoofingProxy ScanDenial of ServiceDistributed Denial of ServiceMalicious CodesVirusBots

Data Theft and Data

Manipulation Identity Theft Financial Frauds

Social engineering Scams



11/29

Extortion

Loss of intellectual

property/data

Potential for disruption

As part of cyber conflict

(i.e. Estonia)

As target of cyber protest

(i.e. anti-globalization)

Potential accountability formisuse (i.e. botnets)

Potential for data corruption

Terrorism

Cyber Risks Are An Increasing Threat To Sources Of

Enterprise Capability And Brand Competitiveness

Now

Now

Emerging

Now

Future

Emerging

Phishing and pharming driving increasedcustomer costs, especially for financial

services sector

DDOS extortion attacks

National security information/export controlled

information

Sensitive competitive data Sensitive personal/customer data

E-Business and internal administration

Connections with partners

Ability to operate and deliver core services

Reputational hits; legal accountability

Impact operations or customers through data

DDOS and poisoning attacks

Focused attacks coordinated with physicalattacks



12/29

Africa Could Become The Cybercrime Capital Of

The World

It is estimated that approximately 80% of

computers in the African continent are alreadyinfected with viruses and other malicioussoftware

Broadband services are opening in thecontinentMore users are accessing the web

The number of virus and spam related cases as well asonline fraudsters is in the rise

No clear ICT laws and policies in place

Mobile Phone phishing in Tanzania is common



13/29

Cybercrime Is On The RiseCyber Crime

The computer as a target -attacking the computers ofothers (spreading viruses isan example).

The computer as a weapon -

using a computer to commit"traditional crime" that wesee in the physical world(such as fraud or illegalactivities).

The computer as anaccessory - using acomputer as a "fancy filingcabinet" to store illegal orstolen information.

Cybercrime is on the rise

Organizations' run onvulnerable systems

Cybercrime is borderlessand anonymous

High demand for services,low risk

Relative easy to conductactivities



14/29

Why Cyber Security Needs Special Attention?

Nowadays almost everybody isusing computers, smart mobiledevices

Individual persons, Business andClients

White collar criminals Hackers

Terrorist organizations

There are more Cyber-criminals thanlaw enforcers

Information has become a big asset

Money transactions are moving throughthe internet (Mobile money)



15/29

The Dilemma of Security The problem that we cannot get

away from computer security.

We can only have a good Cybersecurity if everyoneunderstands what Computersecurity means, and agrees withthe need for security.

Computer Security is a socialproblem, because it has nomeaning until a person defineswhat it means to them.

The harsh reality is thefollowing:

In practice, most users havelittle or no understanding ofcomputer security.

THIS IS BIGGEST SECURITYHOLE

Is your computer

secure?



16/29

Social Media As computer technology

increases, social media

becomes more and more of awidely used source ofcommunication. It has becomeso popular that it is completelychanging the way people viewand respond to society, andopening up new ways for people

to interact with each other.

This is both a good and badthing. Advantages being that ithas given people theconvenience of being able toconnect with others all over the

world without having to step afoot out of their homes and alsothe rare cases that crimes aresometimes solved through thehelp of a social media site.

However, the problems createdby these sites are much more

prevalent than advantagesbecause it gives maliciouspeople the ability to create moredanger among the millions ofinternet users.

Information that is posted onthe internet by people who

believe it to only to be viewableamong their friends often findthat they have unintentionallyshared personal facts withhundreds of people, somewhom plan to use it againstthem.



17/29

Social Media It is amazing how technology

has sped up every process of

life, from social interaction toyour local public getting itsnews.

The social media also has a wayof molding the minds of people,especially the youth, toopinions presented ontelevision and the internet.

These stories are usually basedon entertainment and politicalvalues. People begin to seewhat is popular and what themajority of people think aboutcertain events. This can alterthe way they may think ofsomething that happens even ifit wasnt their initial opinion inthe first place.

Facebook has reached 900 Million

global users



18/29

Facebook's Impact

A Driver for Democracy

With roughly 80% of Facebook's monthly userslocated outside the U.S. and Canada, it is no

huge surprise that Facebook is responsible forsparking the uprisings in the Middle East at thebeginning of 2011, which started in Tunisia aftera man selling fruits and vegetables set himselfon fire in a market. He felt humiliated whenpolice demanded him to hand over his cart fornot having a permit. His personal revolt ignitedprotests in Tunisia which spread to Egypt, Libya,Syria and Yemen.



19/29

Facebook's Impact

Facebook was gigantic in the Arab Spring and in

every other political uprising that we have heard ofin Spain and the Occupy Movement becausepeople do not think of it as a political act.

Facebook users can just update their status on

Facebook and their friends see it and they arebroadcasting without even knowing it.

In 2009, a video showing the death of a youngfemale Iranian protester, named Neda, shot by a

government gunman gripped the world. The videowent viral with the help of Facebook and othersocial media networks.



20/29

Employment and Social Media Networking

Although these social networking sites areintended for friends to see, a recentMicrosoft survey found that 79 percent of

employers use these site to evaluatepotential employees.

Microsoft also found that 70 percent ofrecruiters and hiring managers haverejected an applicant based on informationthey had found online.

Lets say you are an employer looking over

somebodys application and CV. Everythingis looking good, this person seems to bequalified, they have a good CV and no runs-ins with the law. Now all you have to do ischeck their Facebook or MySpace to seehow they spend their time out of the officeto try to get a feel of what kind of personthey are.

E.g. You get to the page and look at thepictures to find that they are pictures of youat parties; drinking or using drugs.

It isn't just the photos that are causingemployees to make rash decisions, but alsotext content found on users home pages.

A study conducted by Career Builder aboutwhat content caused employers to not hirecandidates;

E.g. Job Candidate: Gangemasi Sempili

Study showed inappropriate photographs onsocial media networks or information, contentabout drinking or using drugs were the majorcauses of not employing certain people.



21/29

Cyber Bullying in Social Media Networking

Source: Mwananchi Newspaper August 2012



22/29

Social Media Websites

Composite of the logos of more than 200 social media websites



23/29

Are We Safe ?



24/29

It Is Happening

Source: Mwananchi Newspaper August 2012



25/29

Preventing Cybercrime



26/29

Conclusion

The threat on Cyber Security is real.

Cyber security management requires acombined

effort and collaboration between all

stakeholders.

As a country we need to develop relevantPolicies, Legal and Regulatory.

We need to build capacity in ; Technical

Legal and

Policy.



27/29

Quote Of The Day

The only system which is trulysecure is one

which is switched offandunplugged, locked in a

titanium lined safe, buried ina concrete bunker,

and surrounded by nerve gasand very highly paid armed

guards. Even then, Iwouldnt stake my life on it.

- Professor Gene Spafford



28/29

Questions



29/29

Contact Information

Email: [email protected]

Tel: 0784-761167

Tel: 0715761167
mailto:[email protected]:[email protected]

Documents

SAM KAMANGA - Cyber Security Presentation-JimYonaz