Cisco Blogs


Cisco Blog > Security

NCSAM Tip #7: Surfing in Different Oceans

Web-based threats have never been higher and are expected to keep growing. Remember the days when viruses were spread via floppy disks, then email, then USB flash drives, and then instant messenger applications? While most of those risks still exist today, they are overshadowed by the enormous risk that casual web browsing has become. Some of the most common threats include technical problems like “cross-site scripting” and “cross-site request forgery” that cause browsers to behave in unexpected ways, often without any indication of a problem. “Phishing” and silent unintended downloads called “drive-by downloads” are also serious threats that can leave an unsuspecting user with malware that steals banking and personal information.

It’s also true that many of us have multiple web browsers installed on our computers. If not, they are easy to install. The most common choices seem to be Internet Explorer, Firefox, Safari, Chrome, and Opera. We can take advantage of this fact to create a very simple but effective security advantage.

Read More »

Tags: ,

NCSAM Tip #6: Three Tasks to Make Your Network Significantly More Secure

Securing a large complicated network can be a daunting task with so many technologies and devices. You may be asking yourself where to start. What could I do to get the most out of the time I spend securing my network? There are three areas that you can start with that will significantly reduce your attack surface and make your network more secure in the process. It is such a simple list yet overlooked by many: patching, maintain passwords, and disable unnecessary services.

Read More »

Tags: ,

NCSAM Tip #5: Social Engineering Techniques and How to Avoid Them

October 7, 2011 at 5:00 am PST

Today’s NCSAM Tip is on recognizing and avoiding the most commonly used social engineering techniques. The root of the problem is simple enough: people are too trusting of content on the Internet. There is a long promoted perception of community, information sharing, free items, help, and friendliness on the Internet that has lulled many into a false sense of safety or security. Unfortunately, the reality is that just about every “con, scam, grift, hustle, bunko, swindle, flim flam, gaffle, sting or bamboozle” known is alive and well on the Internet. When you more closely examine the social engineering techniques that are used by criminals on the Internet, you see they are often the same or variations of con games and scams that go way back, and that many people are familiar with. This too gives people a false sense of security in that many believe they can identify these malicious attempts to exploit them. But, many tests of these beliefs have shown that most fail.

Instead of looking at the complicated technical details or various techniques themselves, it is easier to see the human factors they are attempting to exploit. Cisco SIO did some research of those human factors commonly exploited in 2010, and included the findings in the Cisco 2010 Annual Security Report. What we found was that regardless of the technical details or specific techniques and variations, the attackers commonly attempted to exploit a short list of human weaknesses:

Read More »

Tags: , , , ,

NCSAM Tip #4: The Hidden Data in JPG Photos

Digital photography has certainly brought considerable joy into the lives of millions of people around the world, but there are also security implications and they may be somewhat different than what many people believe. Many images, including JPGs, can contain metadata, data about the data in the image. To illustrate, I took a picture of the Ike cutout in front of my cube.

ike

Seems harmless enough, but let’s take a look at the EXIF data in this image.

I used http://regex.info/exif.cgi but there are other sites and apps that will let you view and/or manipulate EXIF data. Per regex.info here is some of the EXIF data:

Basic Image Information

Description: SAMSUNG
Camera: Samsung GT-I9000
Lens: 3.5 mm (Max aperture f/2.6)
Exposure: Auto exposure, Program AE, 1/13 sec, f/2.6, ISO 100
Flash: Off, Did not fire
Date: September 15, 2011 9:26:08AM
Location: 37° 24′ 30″N, 121° 55′ 39″WAltitude: 0 m
Timezone guess from earthtools.org: 8 hours behind GMT
File: 1,920 × 2,560 JPEG (4.9 megapixels)
1,542,855 bytes (1.5 megabytes) Image compression: 90%

Look, it put me correctly in Building 17.

Read More »

Tags: , , ,

NCSAM Tip #3: What You Should Consider to be a Secure Password

Passwords are the prevalent means of authentication. Even though there have been many complementary authentication mechanisms and schemes, passwords are used almost everywhere that a user wants to prove that he knows a secret that only he is supposed to know. On the other hand, if someone else can guess that password, along with the username (often easy to find), then he could pretend he is the user and do all sorts of things on his behalf. We have seen multiple examples of corporate executives having their personal email accounts hijacked. We have seen celebrities having their Twitter accounts stolen and posting things they would never do. We also have seen studies that show that a vast majority of users still use standard and pretty easy password to guess.

It is common knowledge that passwords need to be hard to guess; that is a requirement. Andy Balinsky’s post describes some guideliness about choosing numeric passwords (aka for handheld devices). In the same context, David McGrew’s post provides a script that can generate random keys that can be used for pre-shared key authentication. Electronic user passwords are a little different because they involve letters and completely depend on the user (system checks are usually also employed). Users need to be able to chose and remember them in order to use them when needed. But the “hard to guess” and the “easy to remember” requirements don’t go well together and that is the basic challenge.

Read More »

Tags: , ,