| From DoITT’s Information Security Team |
| October Is Cyber Security Awareness Month |
| In recognition of the 2010 National Cyber Security Awareness Month, this edition of the newsletter is designed to focus attention on the basics of cyber security and how users can protect themselves online.Many aspects of our lives rely on the Internet and computers, including communications (email, cell phones, texting), transportation (traffic control signals, car engine systems, airplane navigation), government (birth/death records, social security, licensing, tax records), finance (bank accounts, loans, electronic paychecks), medicine (equipment, medical records), and education (virtual classrooms, online report cards, research).
Consider how much of your personal information is stored either on your own computer or on someone else’s system. How is that data and the systems on which that data resides (or is transmitted) kept secure?
|
| What Is Cyber Security? |
Cyber security involves protecting the information and systems we rely on every day – whether at hom
e, work or school. There are three core principles of cyber security: Confidentiality, Integrity, and Availability:
Confidentiality: Information that is private or confidential must remain so and is shared only with appropriate users.
Integrity: Information has not been altered or destroyed from its intended form or content.
Availability: Information is accessible, functional and usable when needed by authorized users.
Different types of data and systems require different levels of appropriate security. For example, your confidential medical records should be released only to those individuals or organizations (i.e., doctor, hospital, insurance company, government agency, you) authorized to see it (confidentiality); the records should be well protected so that no one can change the information without authorization (integrity); and the records should be available and accessible to authorized users (availability).
|
| Why Is Cyber Security Important? |
| The increasing volume and sophistication of cyber security threats – including targeted phishing scams, data theft, and other online vulnerabilities – demand that we remain vigilant about securing our systems and information. The average computer connected to the Internet without proper security controls can be compromised in moments. Thousands of infected Web pages are being discovered every day. Hundreds of millions of records have been involved in data breaches. New attack methods are launched continuously.
These are just a few examples of the threats facing us, and they highlight the importance of cyber security as a necessary approach to protecting data and systems.
|
| Threats |
| There are many threats, some more serious than others. Some examples of how your computer and systems could be affected by a cyber security incident – whether because of improper cyber security controls, man-made or natural disasters, or malicious users wreaking havoc – include the following:Denial-of-service: Refers to an attack that successfully prevents or impairs the authorized functionality of networks, systems or applications by exhausting resources. What impact could a denial-of-service have if it shut down a government agency’s website, thereby preventing citizens from accessing information or completing transactions? What financial impact might a denial-of-service have on a business? What would the impact be on critical services such as emergency medical systems, police communications or air traffic control? Can some of these be unavailable for a week, a day, or even an hour?
Malware, worms, and Trojan horses: These spread by email, instant messaging, malicious websites, and infected non-malicious websites. Some websites will automatically download the malware without the user’s knowledge or intervention. This is known as a “drive-by download.” Other methods will require the users to click on a link or button.
Botnets and zombies: A botnet, short for robot network, is an aggregation of compromised computers that are connected to a central “controller.” The compromised computers are often referred to as “zombies.” These threats will continue to proliferate as the attack techniques evolve and become available to a broader audience with less technical knowledge required to launch successful attacks. Botnets designed to steal data are improving their encryption capabilities and thus becoming more difficult to detect.
Scareware – fake security software warnings: This type of scam can be particularly profitable for cyber criminals, as many users believe the pop-up warnings telling them their system is infected and are lured into downloading and paying for the special software to “protect” their system.
Social Network Attacks: Social networks can be major sources of attacks because of the volume of users and the amount of personal information that is posted. Users’ inherent trust in their online friends is what makes these networks a prime target. For example, users may be prompted to follow a link on someone’s page, which could bring them to a malicious website.
|
| What Can You Do? |
It is important that we each understand the risks, as well as the actions we can take to help protect our information and systems.
- Properly configure and patch operating systems, browsers, and other software programs.
- Use and regularly update firewalls, anti-virus, and anti-spyware programs.
- Use strong passwords (combination of uppercase and lowercase letters, numbers and special characters) and do not share passwords.
- Be cautious about all communications; think before you click. Use common sense when communicating with users you DO and DO NOT know.
- Do not open email or related attachments from un-trusted sources.
- Allow access to systems and data to only those who need it, and protect those access credentials.
- Follow Citywide Information Security Policies and Standards and report security violations and issues to the Citywide Service Desk at (718) 403-8888.
|
| Useful Links: |
|
Citywide Information Security Policies and Standards are available at http://cityshare.nycnet/infosec. |
|
ragogli
Thankyou Mr.Angolia for teaching me how to use the computer and helping me with my computer skills.
Dear Mr. Agoli,
You taught everyone in this school about internet saftey.
Internet saftey is important. You told us why google is bad and taught us about copyrights. I appreciate that you were here and gave us labtops and smartboards. You are great and I learned a lot from you. I known you for 3 years.
Thank you Mr.Agoglia for everything you brought to P.S.90. I learned how to use technology alot more because of you. I’m so grateful of what you did and how you did it.
Love, Mystery boy in class 5-308
This year i learned from Mr.Agoglia how to record sounds and putting my vioce on a slideshow. Thank yu for teaching me that i will help me for my future. I’ve learned how to use a laptop. Thank you for giving this school all of the supplies that we need for technology. Thank you for providing our teachers and us with laptops. I will never forget all the things you helped me this year. Thank You!
Dear Mr.Agoglia,
I want to thank you for teaching the teachers how to use the computers the right way.If it wasnt for you we wouldnt have smart boards and laptops.Thank you for giving us the resouces that we need!You helped us use powerpoints in the coolest ways possible!NO words can explain how greatful we are for you so THANK YOU!
Dear Mr.Agoglia,
I want to thank you for teaching the teachers how to use the computers the right way.If it wasnt for you we wouldnt have smart boards and laptops.Thank you for giving us the resouces that we need!You helped us use powerpoints in the coolest ways possible!NO words can explain how greatful we are for you so THANK YOU!
Dear Mr. Agoli,
You taught everyone in this school about internet saftey.
Internet saftey is important. You told us why google is bad and taught us about copyrights. I appreciate that you were here and gave us labtops and smartboards. You are great and I learned a lot from you. I known you for 3 years. You know a lot about saftey.
Thank you for all you have done for our school of Ps90. I also thank you for helping teachers and the students of Ps90 when they had troubles using the laptops. Thank you for training the teachers how to use the laptops. And because of that the teachers were able to help the students when we had trouble with the laptpos. All the things you have done for us made a big change in the school teachers and students know more about technology. Including me I have learned more about technology and i thank you for that. Thank you for all you do and have done.
Dear Mr.Agogli
Having you in the school for 3 years have been great. You are a great tecnology teacher. You taught us about the right websites to use and why google is bad to use. I have learned alot from you about computers and you know alot of things about computers. I just want to say thanks for all you have done for us and the school. So thank you.
Sincerly, Kiana
Dear Mr Agolia Thank you for teaching me about non-safe and safe websites. Thank you for letting us use the laptops teaching the teachers how to use the laptops and computers. With the smartboards we watch the teachers do the work instead of them telling us. All this woulden’t be here because of your help. Your the best Mr Agolia.
I learn that computers how to use computers and kind of sites that we can not use, like myspace and we can’t copy word to word when we are doing a poject. I enjoy, you teaching computers and teaching us how to use laptaps.
Thank you For helping us with computers, and the smart boards.I also want to thank you for helping us when we didn’t know what to do. It was nice having you in the school.Without you the teachers wouldn’t have a smart boards.
Dear Mr.Ragolia,
I would like to thank you for giving students an opportunity to learn about computers. I learned alot about computers. I learned that you shouldn’t use anything copyright. And I also learned alot about powerpoints. Most of the things I learned about computers I learned it from you. I also thank you for the laptops. Mr.Ragolia you are a fanstastic computer teacher.
Dear Mr. agoglia
This year I have learned alot about the internet and other things . Like never put your last name because it is wrong. Even though I’ve known you since last year but thanks to you I know more about computers. And not to go on bad websites like google and many others . So thanks for everything you have taught me and my classmates.