Information Security Guide for Parents - Part 2

3. Intro to Online Security

Nowadays online information security plays a vital role in our day to day life. Especially the social media have gone main-stream among the teenagers. Starting from sharing personal information with your friends and connecting with new people and social networking facilities have been trending.

First let’s see what the cyber space is and information security?

Cyber space can be called as a network of networks where we can store and share information and other resources. Nowadays teenagers are addicted to surf the internet which is a part of cyber space for various activities such as educational use, social networking, downloading iTunes or even to play an online game.  The data which children enter in these online activities are considered as information and depending on the type of data which is visible children are vulnerable to exploitation and harm by criminal such as computer sex offenders.  

While posting the personal data online users are vulnerable for threats, therefore let’s consider the rising threats which are coupled with these trends and the article will highlight how to mitigate these attacks. 

How do criminals gather information and use the information to their advantage?

Cyber Stalking using sources such as social media criminals target children and gather information about their personal information such as age , name , school , pictures and videos, social gathering places and upcoming events , interests , music , hobbies.  The data will be used to qualify targets and then gradually seduce the targets using attention, affection and even gifts.

4. Social Networking

First of all let’s dig into the social network. People post sensitive data such as pictures, connect with strangers, chatting and messaging strangers that you have never met before.   Anyone with a malicious intention can deceive children and tempt them to revile sensitive personal data, which will be used for scams and even blackmailing children.  So let’s see how we can mitigate this. First of all control the visibility of your sensitive data. Do not revel sensitive data in the public domain, use the data visibility option in social networks to protect your private data and stop listing it in search engines for public access. Also it is very important to be concern whom do the child add on social networks as a friend. Best practices do not add strangers. Most of the social network attacks are based on deception which is also called as Social Engineering.  This can be used to perform identity thrift.

For an instance if the criminal was able to social engineer the child to double click a file which was sent by him, it will automatically install a key logger in Childs personal computer. The criminal will be able to monitor every key stoke typed by the child ,  all the password the child enter and list of all the web site the child visit. This will be serious threat to the child because looking at the key log information the attacker can use it to blackmail the child, use for cyber bulling,  seduce the child or use the Childs user account such as social media account to spread the key logger among the Childs friend list.

Also some criminals use the social media to get in touch with children. Then gradually seduce the targets using attention, affection and even gifts while spending considerable amount of time and money in the process. They will spend time to listen and empathize to problems of the children to build trust. Then gradually introduce sexual content to their conversation by exploring the curiosity of the children for sexuality and sexually explicit materials. Then use the conversations and the materials sent by the child such as nude picture for blackmail or even cyber bulling.

The power and danger of social media and cyber bulling, as sexually explicit or other humiliating pictures or videos spread like wildfire with a click of a mouse.

One in six US children aged 12 to 17 have received a sexually suggestive nude or nearly nude photo or video of someone they know, a recent study by the Pew Research Center found.

And the Crimes against Children Research Center estimated that police investigated nearly 3,500 cases of youth-produced sexual images in 2008 and 2009. ^[2]

Information Security Guide for Parents - Part 1

5. Reference

[1]. http://www.bcs.org/upload/pdf/pdgc.pdf

[2]. http://sg.news.yahoo.com/two-teens-convicted-us-viral-video-rape-case-033207040.html

[3]. http://www.apa.org/science/about/psa/2003/12/jackson.aspx

[4]. http://www.fbi.gov/stats-services/publications/parent-guide 

Author - Shariyaz Abdeen
http://lk.linkedin.com/in/shariyaz
 shariyaz1@gmail.com

Information Security Guide for Parents - Part 1

Online Information Security Guide for Parents 

Nowadays Information security plays a vital role in our day to day life. Especially the social media have gone main-stream among the teenagers. Starting from sharing personal information with your friends and connecting with new people, online banking, and online shopping have been trending. While posting the personal data online users are vulnerable for threats, therefore let’s consider the rising threats which are coupled with these trends and the article will highlight how to mitigate these attacks. 

First of all let’s dig into the social network. People post sensitive data such as pictures, connect with strangers, chatting and messaging strangers that you have never met before.   Anyone with a malicious intention can deceive people and tempt them to revile sensitive personal data, which will be used for scams and even blackmailing people.  So let’s see how we can mitigate this. First of all control the visibility of your sensitive data. Do not revel your sensitive data in the public domain, use the data visibility option in social networks to protect your private data and stop listing it in search engines for public access. Also it is very important to be concern whom do you add on social networks as a friend. Best practices do not add strangers. Most of the social network attacks are based on deception which is also called as Social Engineering.  This can be used to perform identity thrift and steal your virtual presence.

When we look into online payment fraud, credit card fraud, banking fraud and social network password hacking attempts a technique called phishing is frequently used. The base of this attack is creating an identical web page of the original web site and tricking the user to enter the user credentials such as the username and the password. For instance you will receive an email from facebook which contains a link to win a free iPhone. The temptation is irresistible so the users will click the link and it will land into a page which is similar to facebook and the user will enter the user’s credentials, which is accounted by an attacker.

To mitigate this we have to click links with caution. Also by analyzing the URL we can easily segregate the fake facebook login page from the original. ( http://www.facebook.com) because even though the attacker can create an identical page they cannot manipulate the URL. Couple of other factors to consider while doing an online payment is to look whether the URL changes for HTTPS, which is a secure socket layer. So the data transfer between the server and your PC such as bank logins, credit card detail is encrypted. The attacker who uses to monitor your internet traffic using an attack such as sniffing will not have access to your bank login or credit card details. We can use some core level guidelines such as installing a viruses guard and updating it frequently to shield your data against viruses, Trojans houses and worms. Also using strong passwords or making your password bomb proof will protect you from brute force attacks. To strengthen the passwords use at least one upper case, one lower case, one number and special symbol character while exceeding the password length of 8 characters.

No system is perfect in fact only way to make it safe by locking the computer in a safe and barring it underground.

1. Introduction for parents on online child safety

Internet has become the information highway of a teenager’s day to day life. While internet opens the doors for many opportunities to learn and share knowledge, it also opens a gateway to access content which will harm the child such as pornography, illegal communities or illegal content with a click of a mouse. Also internet will be the ideal place where a stranger can introduce himself and keep in touch very easily using the social networks, chat and any VOIP (Voice over Internet Protocol) facility such as Skype or email.  There is nothing wrong surfing the internet but parents and children should be aware of what lies beyond the browser. On the other hand, the internet enables them to make new friends who are situated in distant places, and remain in touch with old friends. It encourages shy people to come out of their shell. This would also indirectly equip them to appreciate people around them. Research on these two paradoxical views has shown that the internet did not undermine social and communication skills development.

2. Personal Information

Children should be aware of the information they are submitting to the web sites and the standard that should follow by the organization. Especially children should go through the data assurance and privacy policy of the web site before disclosing personal information. This is very important because most of the social networks gather personal data of individuals and sell them to third party vendors, who will use the information as a part of their marketing strategy.

What are your responsibilities in protecting your personal data?

·         Think before disclosing your information, and think again.

·         Never give your bank account or password information when the conversation was not initiated by you.

·         Only disclose information that is needed by the organization.

·         Question why someone might ask for your particular personal information.

What are your rights? ^[1]

You have the right to:

·         Obtain a copy of all of the personal information that an organization holds about you. You may need to pay a small fee to the organization

·         Choose not to receive direct marketing information. You can request this by writing to the organization concerned.

·         Have incorrect, misleading or out-of-date personal information about you corrected.

·         Know whether an organization, or someone acting on their behalf, is processing personal information about you.

·         Know what information is being processed, why it is being processed and to whom it may be disclosed.

·         Know where an organization received its information about you.

Click Here for Information Security Guide for Parents - Part 2

5. Reference

[1]. http://www.bcs.org/upload/pdf/pdgc.pdf

[2]. http://sg.news.yahoo.com/two-teens-convicted-us-viral-video-rape-case-033207040.html

[3]. http://www.apa.org/science/about/psa/2003/12/jackson.aspx

[4]. http://www.fbi.gov/stats-services/publications/parent-guide 

Author - Shariyaz Abdeen
http://lk.linkedin.com/in/shariyaz
 shariyaz1@gmail.com