DICT-MSEUF: Cybersecurity Awareness Webinar

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] so [Music] [Music] [Music] [Music] so [Music] so [Music] [Applause] [Music] [Music] [Music] so [Music] [Music] [Music] so [Music] [Music] [Music] so [Music] [Music] [Music] so [Applause] [Music] [Music] [Music] [Music] [Music] so [Music] [Music] [Music] [Music] so [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] so [Music] [Applause] [Music] [Music] [Music] so [Music] so [Music] [Music] so [Music] [Music] [Music] [Applause] you may invite your co-teachers or co-professors and students to join in this is a very exciting topic because we all know that we are on the pick of the use of the cyber world as you see on screen by the global head information security this is more than a quote but this is a reminder it says and i quote if you think you know it all about cyber security this discipline was probably ill-explained to you that is why the ict made an initiative in partnership with the mseuf to have this online webinar this morning we'll be having um a topic about cyber security and the cyber threat landscape as well as setting up a secured environment i am miss christine gail ariego your moderator for today and we're live all right again you may invite your co-professors co-teachers and of course again north and south together and again different campuses from the entire philippines from different municipalities and towns um as well uh you invest your precious time with us again initiative of the department of information and communications technology in partnership with the mseuf manuel s and verga university foundation this is the cyber security awareness webinar so what now bucket nothing is in asagawa and webinar we know kali what webinar but this time again this is a refresher a reminder and again i am excited and as i believe as well as it's very important that we are secured even in the cyber world so let's now take a look at the objectives for this online webinar just there as part of the implementation of the fourth pillar of the national cyber security plan 2022 which will protect each and every one of them all right so we are requesting everyone to please mute your audio to avoid uh such distractions okay okay thank you so much ma'am okay so these are our objectives as follows raise the level of awareness of the public on the importance of cyber security and of course help educate not just educate but empower and protect the individuals in cyberspace okay i know that all of you are excited to learn but i'll be giving some guidelines and reminders it's recorded for documentation purposes and will be posted on youtube again a gentle reminder please turn off your microphone and a camera to avoid uh noise or distractions and so as for our um speakers to be able to focus on the topic that they will be having a little later please do not share share your screen or do any annotations of course you already know this for the students and of course um for the uh you may use the chat box and a little later mom rose will post the link wherein you can put your questions and perhaps your clarifications on the topic that will be discussed later by our speakers again these are our reminders also certificates will be provided to those who have attended the full duration answer the post evaluation form and pass the quiz with at least 70 or 7 over 10 points yeah and put valid and active email address when filling out the post evaluation form again um one of the purpose also is for us to receive the certificate yeah and the replay at cybersec lc2 youtube channel you you can see the link there where in you can watch the video of this online webinar again okay again next is ict department of information and communication technology and of course the ccms team of the mseuf manuel s in virga university foundation let's read the mandate the department of information and communications technology or dict shall be the primary policy planning coordinating implementing an administrative entity of the executive branch of the government that will plan develop and promote the national ict development agenda or the ra10844 of course again just uh to share with us we are live on youtube as you can see on screen this are the programs and the projects okay some are the programs and projects of the ict as we can see on screen free wi-fi for all free public internet access program we have the tech 4 ad which stands for technology empowerment for education employment entrepreneurship and economic development so those are the four e's the national government portal or the ngp is a single website for all government information transactions and services that is accessible through the url gov dot ph the national broadband plan or nbp provides the blueprint for a broadband infrastructure in the philippines the integrated electronic business permits and licensing system and of course national cyber security plan 2020 which aims to assure the continuous operation of our nation's critical infrastructures public and military networks and implement cyber resiliency measures to enhance our ability to respond to threats before during and after attacks for the effective coordination with law enforcement agencies and a cyber security educated society you can you can find more information at dict.gov dot ph again i will repeat it you can find more information at dict.gov dot ph or the official website of the d-i-c-t all right again we said earlier that this is an initiative of the git bi city in in partnership with the mseuf from sao paulo and from the other satellite campuses as well the manuel as in virgo university foundation granted by shed as autonomous university offers extremely simple programs that are at par with those of the finest institutions and in the philippines are offered a distinctive hallmark of mseuf is excellence in the delivery of instruction adaptability to the individual students characteristics learning styles and needs and adherence to the truth for the development of creative proactive productive and god-fearing individuals who will help in the transformation of philippine society that is why even in this challenging times the mseuf is really doing its best and its part to be part of what is the government is doing like the the and of course the ccns or the computing the college of computing and multimedia studies one of the academic departments of mseuf that caters and demand it courses that are beyond the standards it continues to fulfill its vision to be a center of excellence providing opportunities and people from neighboring places to experience the quality id education that for many can only be in manila okay so of course with the leadership of being dean of course the professors behind the camera they are working here the team are working um and giving their best to address this uh felt need of course of the viewers which of course is the cyber security of course as you can see on screen the mseuf ccns is a shed center of development in i.t education bscs and bsid programs are pacocoa level 3 accredited ccms is also an official partner of the ict and institutional member of the philippine society of iit educators as you can see on screen [Music] ccs what i mean all right we'll be moving to our next slide so these are all right so earlier about ccns offerings of the mseufccms [Music] um and it will be shared on screen so ccms is the only in kazan offering specialized courses leading to a specific technical skills students at ccms have the option to choose from the following specializations of various programs okay so these are the various programs uh computer science uh information technology information systems entertainment and multimedia computing all right so for more updates you can like follow and share our msc of ccmsfb page it's at mseufccms ccms with the leadership of dean augie also the professors of course this is an initiative of the uh department of information and communications technology all right i i think we can now move to our program proper mulipo non secure place that's uh uh focus our dear professors and our students we are really uh thankful we are really thankful you are so busy with a lot of tasks and works for today and we are such as we are so thankful for uh online webinar for the opening remarks we have the director of the ict lausanne regional cluster 2 of the department of information and communications technology engineer reynaldo them for their own purposes marginal hacking fishing and software identity there and even viruses even the graduated number of devices like automatic capturing pictures and videos without us knowing it that's why most companies are strictly imposing and implementing cyber security protocol let's have them firewalls straight virus updates and in that mega white is the more website devices like usb and storage devices however even the most secure network there's the possibility of [Music] is devices in the entire internet i clicked on the click especially on nasa public internet this is the reason why we are here today from the public on the back of cyberattack and crime because all of us are at least we need to be vigilant and mindful of what we are doing in the cyber landscape we should be on guard with what we are doing especially if we are online we have the data we can all be totally confident and say and exploring the stanford landscape they form we say before you click thank you so much engineer reynaldo tc the director of the ict luzon original cluster 2. and again this is um reminder think before you click a message from another one is a message from dr benilda and villanes the vice president for academics and research of the mseuf officials of the department of information and communications technology dean rodriguez a junior the faculty of the college of computing and multimedia studies parents and our students indeed the internet revolution has thrown so many changes in our lives but such revolutionary changes are a double-edged sword both a bane and a boon again because cyberspace has made it easy for criminals to conduct their heinous activities such as perpetrating scams launching cyber attacks spreading malicious malware trafficking of women and children blackmail you name it but it also has been a boon for it brought knowledge at our fingertips made it easy for us to communicate at the flick of our fingertips and easier to exchange research findings and new knowledge the way forward in is to ensure that appropriate safeguards are done to curb the malicious and illegal use of cyberspace hence our webinar today on cyber security awareness welcome to this webinar in partnership with the ict and may you all profit from the responsible news of cyberspace good day everyone thank you dr villanas before we proceed to the introduction to the speaker i'll just uh get some greetings here from the different participating campuses uh from sir question of division of santa rosa city laguna good morning sir and of course good morning city laguna we also have here from don honorio ventura state university of pampanga saint mary's educational institute good morning from ctu again uh universidad or university we also have from galeanosa national high school in sorsogon province wow uh cds cdb surya ayan karate uh town incorporated valencia city pokemon wow this is a reunion of different provinces and uh of course if you want uh to send your your good morning greetings you just key in your message here in our chat box i will now go to the speaker's uh profile she will be sharing with us the introduction to cyber security and the cyber threat landscape is planning officer the critical infrastructure evaluation and cyber security standard monitoring division cyber security bureau department of information and communications technology miss claire reyes graduated with a bachelor's degree in consular and diplomatic affairs from the delazar college of saint benilde although an international affairs graduate she immediately started her cyber security journey with a dict in 2016. she is also graduate of the executive course on the application of international law in cyber operations in bangkok thailand and the alumni workshop on international law norms and capacity building measures applicable to cyber operations in singapore she is an alumni of the cyber investigative training course conducted by the u.s federal bureau of investigation and is also trained under the asia pacific information and security training course in seoul south korea she is the public information education and communications lead of the dict cyber security bureau mam is mostly involved with the cyber security advocacy campaign the cyber security academy initiative and various projects and policies relative to cyber security dear professors dear teachers and of course dear students it's a privilege that miss antoinette claire marie reyes is with us this morning hi ma'am hi miss christine hi mom good morning of course before you start i'm fine just got a haircut yesterday finally after almost how many months finally yes of course yeah we are glad you invest time with us professors and of course this is a combination map of teachers professors professors and students so it's a great avenue a great door for you to share about a cyber security and cyber threat thank you and first man yes ma'am we hope that you are also healthy and safe there ma'am yes very healthy paul yes all right now go ahead paul okay so again thank you miss christine for introducing me hello everyone good morning again i am playa from the dict cyber security bureau and i am mostly involved with awareness team and we have actually been going around the country okay around the country okay to more than 50 schools and institutions as far as north into gagaral and south in tawitawi and of course those cities and regions in between just so that we can make people aware about cyber security however in yappo because of kovid we are now stuck at home pera that won't stop us from making people cyber aware okay so this morning i will be giving you an overview about cyber security and the cyber threat landscape so sit back relax and i hope you listen and please let me ask you this favor please mute your microphones okay so i am so let's begin let me put up my slides with lamppo and can you see my slides now clear number hello i will be introducing to you cyber security and i will be giving you an overview of the cyber threat landscape okay so i'm reality nothing the effect of the coronavirus pandemic gave us no choice but to adjust how we live our lives so living in this new normal how are we coping with things it's been what 10 months 10 movies and series but you know what even way before the covet pandemic we have already been very immersed in cyberspace in fact did you know that back in 2015 the philippines was tagged as the social media capital of the world okay netizens of the country were spending 4 hours and 15 minutes a day on social media platforms now fast forward to 2020 for five years we are still the reigning social media capital globally so congrats number one social media users of the world okay so see five years ago we are already in cyber space related cases and actually even work from home or online businesses are not really new for some people even online dating okay or long distance relationships and when the pandemic arrived our dependence to information and communications technology or ict okay it increased because of logistical limitations we have nationwide protocols now we need to follow we became more reliant in manga gadgets and this data from we are social backs up the notion how we grew very dependent to the internet okay so july 2020 social media users have grown by more than 10 over the past year which takes the global total 2 billion by the start of july this year so this also means that for the first time more than half of the world's population now uses social media with more people using social media than not the global total population is 7.79 billion and kamina 3.96 billion upon government on social media and 7.79 billion 5.15 billion are mobile phone users at 4.57 billion a month on internet users so close to 60 percent of the world's population are on the internet so we see how the pandemic extremely affected us these past few months actually we have shifted from the kinetic world to cyberspace and as we continue to spend more time on the internet and grow dependent on our devices must not go grow the new chance na okay we must understand we are all vulnerable to online threats no exceptions i may be part of the cyber security bureau but i can also be a victim to cyber attacks we must keep in mind now someday we can be a victim as human as we are and the question is not if you are going to be a victim but when are you going to be a victim and right now let me give you a picture on what is going on with the world in terms of cyber security so just this year say there have been several cyber attacks in the asia-pacific region way back in may thailand's largest cell network by subscriber numbers had its database of over eight billion internet records left open and exposed on the internet for three weeks bago marisol no company young issue and at the same month indonesia probed a data breach of more than 2 million voters voters okay they were released on a hacker's website and dundee's website on the hacker threatened to release about 200 million more data of indonesians then a month later australia got targeted in a massive state-based cyber attack sabine australian prime minister the malicious attack was targeting all levels of government political business education and health organizations then last august inaccused won on china for infiltrating government agencies to collect its citizens sensitive information as part of the ongoing attempts to influence taiwan so between taiwan and china okay then then last september a stock exchange in new zealand ceased operations in the asia-pacific region now aside from these attacks what are the top cyber attacks in 2020 well first we should know that data is now more valuable than oil it is the most expensive asset in the world today so you may be familiar the facebook cambridge analytica data scandal so my documentary unavailable netflix and titania is the great hack documentary you will get a picture of how the public's data was used for major global political issues puladnong there's data and they demand ransom from the victim before they decrypt the files they commonly demand bitcoin transaction would be difficult to trace and you may remember the 2017 wannacry incident everyone was scared everyone was panicking because who knows who will get a tap okay the thing about ransomware triangles because the the threat actor okay they demand something in return which i have mentioned earlier bitcoin and so what happened and wannacry emphasized the importance of updating operating systems or os tested those that were exploited issuing a lower versions of windows and then shortly after wannacry there was another global cyber attack so because you wanna cry not petya which is also a malware um it pretended to be a ransomware when in fact wiper wear talagasha or wiper malware which means designed files now victim so even if your files will no longer be decrypted because it was already destroyed in the moment and you know in 2017 around 50 000 company laptops of the day in a shipping giant commerce was affected okay and its data got destroyed by not petya soditos um computer systems the ground staff had to manually check the containers case damage that this malware cost mirsk amounted up to 10 billion u.s dollars okay so um what somehow saved the network infra of mars during the not petty attack was the power cut in nigeria's capital city okay totally um see how a cyber attack caused this company a 10 billion dollar damage and ayan another cyber threat is the targeting of children bisexual predators or aussie online sexual exploitation of children but the philippines has emerged as a global hot spot for online child sexual exploitation and now because of the lockdowns and quarantines that are put in place due to the pandemic millions are restricted to their homes which have uh worsened the abuses what's really worse is although my manga online predators um lurking and luring children what's worse is there are incidents the parents permission enablers or abusers so yeah it's sad guys and aina as mentioned by director racy kanina fishing attacks and social engineering so social engineering is when attackers okay um they psychologically manipulate its victims para victim we would disclose their personal or confidential information then attackers would use those information for fraudulent purposes now so in social engineering may sabine or gagawino threat after that will lead the victim to give them the details they need then fishing this is a form of social engineering where hackers trick users into clicking on malicious links or opening unknown attachments for them to provide sensitive data like financial details passwords okay and when the pandemic happened we have been receiving reports and have been assisting people um people became reliant to online services messages most of the time they would believe that the information they are getting are legit common reports are getting fished by banks update your account now and click this link to update your account or else it will be deactivated so since [Music] [Music] [Music] is you would receive messages in a limited time only answer this survey to get a chance to win a free voucher to a pizza or burger okay as simple as that pudding pudding fishing simply saying a friend or sis [Music] [Music] so remember most of the time attacks won't happen if walang user engagement give yourself time to think again check out their official websites the banks will never okay they will never talk in my personal information you online okay this is sensitive they will never ask for that okay again give yourself time to think take it slow okay next zoom bombing i hope i hope okay zoom bombing this is when an unauthorized person or my internet troll intrudes an online conference meeting or session so since throwing asylum what they do is they share explicit and hate images they spam the chat box parameter audience so everyone has been relying on online conferencing applications due to the crisis we take all the necessary caution when holding online sessions because the threat actors are out there we at the cyber security bureau we have been releasing advisories on this you may check our facebook page remain vigilant be on your guard at all times especially when you are online remember it's only a matter of when you will be attacked okay cyber security so cyber security is basically the balance of cyber attacks and cyber threats and as defined by the international telecommunication union cyber security is the collection of tools policies security concepts security safeguards guidelines risk management approaches actions training best practices assurance and technologies that it is that can be used to protect the cyber environment and organization and users assets so in essence cyber security is the state or process of being protected against cyber attacks or the techniques or measures taken to achieve this and everyone is already involved in cyber security and we should know that cyber attacks will only ever evolve and that is why we are continuously improving our country's cyber security posture and policies and also that is why part of the thrust of the dict is to spread cyber security awareness campaigns because everyone really needs to be aware la lunas where we are now shifting from offline to online we are now becoming more reliant independence adding manga gadgets and in cyber security it should be a whole of nation approach cyber security is not just for the tech savvy okay no it is everyone's concern when i was introduced i my undergrad was um consular in diplomatic affairs okay so super lions cyber security but here i am so everyone has the right to be cyber safe and as said by jett johnson cyber security is a shared responsibility and it boils down to this in cyber security the more systems we secure the more secure we all are so we are all connected online and a vulnerability in one place can cause a problem in many other places so yan again let me plug the official social media pages of the cyber security bureau you can go ahead and check out our facebook page of advisories and online campaigns and other cyber security updates we are also on twitter and youtube so instagram okay so please like follow and subscribe so that ends my discussion on cyber security and the cyber threat landscape because the next discussion by mr villan from our cert ph is exciting and very interesting thank you let's stay healthy and remember to stay cybersea salamat thank you once again mom claire for um informing us and sharing with us the uh information and how to be cyber secured and of course to share with us uh cyber threat nato just to recap know what you have just share with us the cyber attacks in politics and companies you have their the targeting of children by sexual predators uh phishing attacks and social engineering zone bombing so these are our issues or threats that we should really be aware of and making the points these are not just for the the tech savvy online classes and of course philippines is [Music] social media for hours and more dilemma for hours six i i don't know six like passengers we should really be aware we should really be mindful we should really be knowledgeable into this kind of uh talk specifically about the cyber threats and marami but of course we will read that a little later after the next uh speaker's talk so i will not go straight in uh speaker but of course just a reminder you can key in your questions uh we really get into the answers yeah feel free uh we are in this together and again one of our goals really is to be knowledgeable enough uh in this kind of talk again questions and of course a little later our speakers will address those our next topic is about setting up a secured environment let me introduce to you our next speaker mr van montalba is the information system analyst of the national computer emergency team cyber security bureau department of information and communications technology via is an analyst from the national cert of the philippines he loves uh dogs and capture the flag game he is one of the accident responders who handle security intents that are reported to and detected by the cert ph he graduated from the polytechnic university of the philippines manila or pup with a bachelor's degree in computer science his main focus is to continuously develop his skills and knowledge in digital forensics and incident response but also studying some of the approaches and methodologies of red timing he was trained in digital forensics cyber defense exercises and cryptocurrency and dark web investigation though he is just young in the field of cyber security it actually leads him to give awareness campaigns and lectures regarding data security fundamentals of cyber security and some of the social engineering schemes to various government agencies dear professors dear teachers and hello good morning good morning everyone uh i think major novella in sounds up i can't here hello all right sir okay yes sir uh yes and i'm doing fine right now actually uh i'm working from home well we are uh working on site uh with uh skeletal work or with our uh daily i know uh daily tasks [Music] data breaches with our government agencies yes sir and of course uh just uh before you start sir would you love to greet our professors our teachers and our students who participated for today's webinar yeah um with this webinar and i would like to thank the organizers for uh inviting us today and we will uh share with my together with my colleagues yes simone playa and also with mom diane we would love to share our insights our knowledge regarding the basics of cyber security and now uh some concepts [Music] and also with uh mom dayan later on with the digital parenting and uh uh together we love to sharing because we want to promote cyber security awareness because and [Music] so you want to inform everybody we want to inform everyone uh regarding the cyber security and i think you have a very big teamster you know i'll say uh we are focusing nationwide and dominating social media users i guess sir big team no how you chance at the ict uh actually mom yes we have a big team but so actually cyber security is having an even player it's not just for iep or the information security enthusiasts pero it is a responsibility [Music] shared responsibility yeah yeah that's the word shared responsibility no one is excused and one more thing sir before you start it it seems like you look so young why am i saying this i felt like youth is on their eyes against this cyber attacks yes ma'am actually uh two years palumbo from from being a fresh grad so so two years long dinosaur working as the information system analyst at the ise and yeah i think yeah so even in cyber security i think we are the hope and you are one get started sir with setting up a secured environment thank you mom thank you go ahead sir so let me [Music] oh valado so i got an uh error report oh yeah arena ayan thank you thank you mom thank you mom charlene and sir gilbert for confirming okay so uh now we will set up a secure environment but we need to go back to the basic first so well now and i just give a short introduction of myself i am vienna montalba but you can call me v for short so five letter words but you know so you can call me yeah and i am a computer science graduate at the polytechnic university of the philippines and i'm also a former intern at the cyber crime investigation and coordination center or the cicc last i think 2016 if i'm not mistaken uh i am also i am right now right now i am an analyst at cyber security bureau and i'm acting as one of the former incident responders and also i am a cyber security advocate under this uh this non-government organization ph cyber units so we share our insights our knowledge with this they invite us to talk and to give cybersecurity awareness also a script is a hack the box so the box is a penetration testing platform skills with with it when it comes to pen testing and also digital forensic investigation and i am currently a blue team yeah it's a different support but i am studying some approaches of red teaming so i'm turning to purple red offensive right now so and uh according to google yeah attain cyber security uh meaning cyber security but for me in my own words cyber security is a proactive approach in developing a strong defensive strategy against potential cyber threats and tatuu lagnan sinabinate anime clay arganina it is a collection of tools policies security safeguards guidelines peace management approaches chambray actions then also training and best practices assurance technologies harder and softwares and security concepts that can be used to protect the cyber cyber security environment and our organization's assets so all in all uh i decided nah uh sabihin ortawagency cyber security is a proactive approach in terms of uh strong cyber security stance against this uh cyber threats on the internet and sir uh parallel people guys so it is not only for the technical people well it is uh the responsibility and about is a saturn to protect ourselves against these cyber attacks and excuse me we make the mistake of thinking that our data has no value when it's actually the main reason why cyber attack occurs yes it is correct on facebook on social media so when we talk about cybersecurity one might wonder at ourselves or uh what are we trying to protect ourselves against well uh there are three main aspects that we are trying to control una una is the unauthorized access of our data and so on also the unauthorized deletion and lastly is the unauthorized modification so uh foundation on cyber security which is the cia triad so in the eccina central intelligence agency agency cia is uh meaning confidentiality integrity and availability so these three things is the foundation of the cyber security first is the confidentiality so yuma daytana tinathan smith and on the internet actually uh some uh you see most of us familiar uh we have a production website or for example uh school nato university nato we have our uh website univer our university website tala so if i burn my compromision shoulder in a safe way or in a safe environment so these three terms are synonymous with the very commonly known as cia triad and this uh tree is referred to the three pillars of security and most no manga security policies nama organization is built long principles so again confidentiality integrity and availability so next slide sir uh not so good habit though when it comes to the internet or simply internet we like to connect on an unknown public wi-fi network right and we do search on google and then uh any other search engine um on the internet and once we do our searching sometimes we always click on a link without having a computer we are not thinking twice so is we download and install an application on our devices without confirming if uh the source is legitimate or not finance we send and receive email in a messenger in our in other social networking sites and uh sometimes different time key click number links device [Music] and we like a publication on social networks we react on every post nasa facebook twitter instagram and so on and lastly we publish content on our facebook blogs applications and our websites yeah uh familiar did i say sometimes same with your username is our developers they don't store passwords so production uh team jen a developer team sometimes uh it is a not so good habit and not encrypted so not so good habit and etho we use uh same password for everything password on facebook password twitter password mon instagram and on your email is same and [Music] and we need to have a solid understanding of these attacks but we can uh anticipate an attacker's move and analyze more effectively so some of the incidents and threats in the cyberspace these are the danger on the internet which exists for absolutely everyone and [Music] i know human hackers that uh zero risk does not exist so parasanilla cyber security is just a fantasy it's just a unique word [Music] once in my vulnerability uh once there is a vulnerability and for that reason we should uh not stop trying to protect ourselves okay so dapa little daba consistent uh preventive measures to protect our environment and to secure ourselves against the cyber attacks cyber attacks because from january to i think january to july and no one should ever ask an end user for their uh password even humana banking uh institution indian hindis credentials on their users [Music] emotional manipulation [Music] sense of urgency on every uh their clients on text on email in disciplinary or in disciplinary demand from their clients to change their password to input their data on this website and uh if someone asked for password we should assume immediately well this is this is a simple lesson that should be continually reinforced so now we should think twice we should uh give ourselves a time so this is an example of a failed [Music] fishing campaign is from video then once you click on that verify my account nah partner i don't verify my account on the link and alligato once you click on that link bpi express online so imagine epic fail and then you will be directed or redirected into a dpi uh interface so how i run it and come up the link above or the url above is uh not related with any of those two bank uh banking institutions nana banker so um is www.sofoglowgroup.com slash account update well uh schemes mobile users bucket mobile user sir because on our mobile devices once you uh click on this this link this verify my account is uh softgroup.com so uh users mobile device users [Music] express online.com your account will remain black until fishing campaigns these fishing schemes again are going among attackers actually there are no software there are no uh hardware magapag protects saturn against this fishing campaigns well um uh awareness and education and uh no one anya no one should ever uh give their password their username or password on a on an illegitimate website uh [Music] [Music] [Music] uh sometimes humongous when it comes to uh compost emails you should check and read those emails first and check typographical errors education and awareness regarding this attack vector is an essential key to be secured so sobrangdaming among ways to protect ourselves to educate ourselves and to make us aware regarding fishing campaigns [Music] next is malware infections [Music] any software is intentionally designed to cause damage play computers server servers clients or computer network so with versatile they are designed to make this make a destruction saison it's an organization or on us individually and this is the term that represents all software whose purpose is malicious in nature so malicious and sometimes it is a program which is inserted into a system with the intent of uh compromising the cia belonging and sometimes the applications or the operating systems i uh i'm not excused with uh this kind of uh attack or this uh threat because before uh cyber security bureau uh victim [Music] [Music] [Music] user interface uh [Music] [Music] uh [Music] later on so next slide [Music] possible [Music] first of all is spam emails well uh malware authors often uh tricks or often use tricks to try to convince us thai oma use my users to download malicious files so catalase and this can be an email with a file that tells you it is a reciprocal delivery or sometimes tax receipt or tax refund or sometimes it is a it is an invoice ticket and it might say to us to get the items delivered for us or sometimes to get the money [Music] involved for example pesos pay credits if we open the attachment we end up installing malware on our pc so sometimes and what is our imagination against this course and if an email says you have to update your details uh don't click on the link also don't offer uh don't open an attachment to an email that you weren't uh expecting or that was sent by someone you don't know so vigilant and another thing is uh infected or malicious [Music] uh computer without our knowledge without knowing uh infected young with rubber duckies so [Music] computer automatic run automatic install and these are infected removable devices um many worms or viruses generally spread by infecting removable drives such as a flashlight those malwares can be automatically installed when you connect the infected drive to your pc so removable flash drives or removable drives at all if uh make sure that it is not infected so our remediation for that is uh first and foremost be wary of any usb device that you don't own so in this io [Music] techniques on a certain organization again they are waiting another thing is uh if you don't plug it in you can get infected or laptops okay and lastly if you do if you do plug an unknown uh device or removable device into your laptops or computers be sure now uh iran with a security scan [Music] computers on your on your laptops and then run a security scan immediately so some these are some of our possible actions next is these malwares sometimes bundled with other software so familiar torrents familiar familiarity uh download sites videos software we don't have knowledge nah sometimes these torrents uh torrent downloads these uh sites snapping the download and nothing is bundled with uh malicious software or malwa and these some of these malware or malwares can be installed at the same time as the other programs that you download shared through my peer-to-peer networks and also some programs will uh install other software that microsoft detects potentially unwanted software so melala basically warning means and this can include toolbars or programs that that may show us extra ads or imagine nothing at all as we browse the uh internet or the web programs used to generate uh software to activate our microsoft our uh windows uh pc the windows operating system i mean windows 10 uh illegitimate so those softwares are bundled with another malicious softwares and my according to microsoft security they find malwares on more than half of pieces with keygens installed so on their research microsoft or windows 10 or windows operating system is uh installed offer on a legitimate website vendor website or provider website so if we want a windows operating system microsoft download [Music] like linux or uh i think uh linux open source operating system and make sure nah we read what we are exactly installing [Music] on the files readme.txt so important uh these webpages sometimes contains malware malicious softwares so when once we visit uh we visit these uh websites or web pages website now or somewhere pages now and malware can use known software vulnerabilities to infect our pc and a vulnerability is like a uh software that can give malware access [Music] laptops or devices and another thing is uh vulnerabilities uh sometimes are usually fixed by the company that made the software so for us to be protected also so indeed features updates it so it is also to strengthen our security posture [Music] [Music] and the website might be malicious or it could be a legitimate website that has been uh compromised or hacked well uh ph madame [Music] uh timely update if your software is not up to date you could uh also get repeated alerts about the same thread so be sure to update your software or you might uh take technologies with nothing our phones our laptops our uh admins as web administrator system administrators some other malwares these sorry this uh some types of matter can download other threads on your pc once uh these threads are installed on your pc they will continue to download more threats so catalase cnc server or command and control server natto and well the best protection from these uh malware or malicious software is update them and a real-time security product such as microsoft defender antivirus says obtain on the internet so antivirus but see microsoft meron built in uh uh security product or security tool which is autonomous microsoft defender not in comedian actually see microsoft defender uh magandana [Music] si microsoft naman is continuously developing technologies in order to give batches in order to give updates regarding this cyber threats nanak on the internet so if you want to uh to have more details but you can uh have more insights about uh on how to protect our pc against these uh malwares and uh unwanted software so you can see it on this qr code another is data breach well data breach is an allegation it is a security incident which information is accessed without authorization so this data breaches can hurt businesses and consumers in variety of ways their costly expense there are they are a costly expense and that can change or can damage lives and reputations and take time to refer usually uh as technology arises or progresses more and more of our information have been moving to the digital world and as as a result cyber attacks have more increasingly common and temporary to ponemon's institute and this means that uh it is 848 on an average uh per stolen record or online [Music] data breaches is uh exploiting non-system vulnerabilities so if we are the system administrator or the web administrator these out-of-date softwares and hardwares can create holes that allows the attacker to sneak a malware computer and that's the time they will steal data or data exploration will occur another thing is weak passwords weak and insecure passwords are easier for hacker to guess admin admin username and password that's why experts among experts uh security experts in my security researchers again i go online advice against simple passwords and in favor of unique complex passwords so there are uh complex the password drive by downloads [Music] so you could unintentionally download a virus or malware by simply visiting those compromised web pages so they uh these uh downloads uh usually uh take advantage of a browser application yamagametratima browsers or human operating systems a gambit nathan which is out of tip or meromona security flaw and another thing is uh yuma targeted malware attacks targeted malware is uh usually uh done being done by [Music] uh [Music] so these attackers are funded by these organization to attack a certain or a specific organization then so these attackers uses uh spam speaking emails cyber attacks to try to trick the user into revealing user credentials your username and passwords also uh tricking them to download malicious attachments and sometimes users to visit the vulnerable websites and the common vector nagamet is usually email and links or attachments included on that email and doing so uh can infect our computer with malwares malicious offers so we should keep in mind that an email can be made to look like it uh to look like it comes from a trusted source even when it's not okay regarding this well uh once now affected thailand data breach or non-data leakage we should take action as soon as possible uh philippines [Music] [Music] that the affect affected agency should notify the national privacy commission within 72 hours of knowledge or of discovery network data breach so it is important then name a data privacy officer in bhawat organization so we must take action again again so we need to inform our government regarding uh [Music] so [Music] so you can take a look for more actions when it comes to data breaches and some points to remember we should establish strong passwords and we also had to install uh antivirus antivirus protection or antibiotics and after update our programs timely and or regularly secure our laptops our mobile devices device and we should backup regularly also be careful with email instant messaging apps and surfing the web internet it is very useful for us but we should be careful on the data and information that you generate that and online and lastly we need to educate ourselves regarding this uh cyber threats or cyber attacks another is what is the role of cyber security in public safety well in the national cyber security plan 2022 the philippines meron tayong uh ncsb 2022 and under known my [Music] critical information infrastructure nothing well under under the department circular cr03 and [Music] critical information infrastructure sector snapping so by the national visiting on the dict website just look for the department circular 03. so another uh part is the making government information environment secure or inside birth of ph government agencies not in and next is making individuals aware and secure or the cyber ph security awareness security capacity buildings another is a human business businesses here in the philippines or the excuse me the cyber assurance ph well under the ncsp 2022 the protection of every citizen of the country is the environment is primary to the functions of the government and protection is not only confined to the physical environment but also applies to the cyber environment or in cyber site to protect our cyber environment however when we equip the citizens with the right knowledge and uh awareness awareness regarding on how we should secure our cyberspace and is the national computer emergency response team and uh we are the highest body for cyber security related and the national computer emergency response team is under cyber security bureau and uh [Music] well some of the attack [Music] from january to july 2020 sorry to update it up to the uh early december but we will try to uh update it as soon as possible projects and activities insert ph so answer.ph buddhism and another thing is ransomware so siran summer is part of uh the malicious software or imam alive so for incidents ransomware also uh data leakage or data leak so makita 181 incidents [Music] work or work environment or inside our organization and next is how it is harder to monitor the threats to the personal devices work from home basis right now and also personnel or um students are becoming the prime targets by these cyber criminals in which they are exploiting paris uh vulnerabilities so we should make sure working from home or working remotely or studying remotely personal latin or you must do this we should ensure that they are safe from these uh cyber dress and cyber attacks one of the preventive measure is doing cyber security awareness now and also uh id personnel uh has inability to respond to these cyber attacks on home users so uh lack of knowledge of education and awareness regarding bug response cyber attacks so these are some of the challenges so we should always think if uh we are compromised or not uh if you think about it most uh most compromised passwords or devices and if you truly want to protect your organization we should protect humana devices nathan from getting infected and uh learning to recognize a cyber threat is a fundamental exercise to protect the resources of an organization we need a solid understanding of uh these attacks so we can anticipate an attacker's move and uh to provide or to develop a counter the effect against uh attacks and threat factors so ano abu mah counter planet first of all uh you should know who you are you know uh know exactly what you have and where you keep it where you keep it [Music] credentials and so on and and maintaining a data asset log will ensure that any preventive measures you introduce will refer and include all the relevant relevant data assets so personally [Music] another thing is education or training the troops training yourselves actually [Music] well data privacy and security is our key part of the new gdpr or general data protection regulation and it is crucial now i ensure you must have nothing more personal even our students are aware of this importance and your most common and destructive mistakes you know gawana then is human error so most of the fishing campaigns are not effective because of human errors and it is vital it is very essential now human organization institutions should consider unengaging stuff training training programs to ensure that all our employees our personal and also our students are aware of these valuable assets and security awareness and this backup doesn't fail and uh we should ensure to run a regular backups of our important and sensitive data and information and also the first layer of protection well generate our antiviruses and our endpoint protection among us for fairs so we should run a regular scans we should always turn our antiviruses on next uh some tools so these are basic tools lama to protect ourselves one is secured browsers so familiar namaste with incognito or the private browsing control control i mean secure browser okay google them and it's control p ah i mean control shift and if the camera can say firefox you'll go sorry and also microsoft edge smarting secure browser or the private browser and next is a tor browser maybe a dk familiar with with tor browser tor means the onion router so this browse browser hides your ip addresses every time you send request data on the internet so it is more secure than those browsers again again online and this uh tor browser and disadvantage is it is a slow browser every time you uh your requests pass through do uh duns notes is uh those steps raise the time between when you request a website and when it appears appears in your screens and since your data is routed through multiple relays [Music] multiple nodes or multiple relays and each nodes or each relay varies with a different bandwidth so measurement or browser non-content yes password manager can help you personally password manager and uh password call on every website and and it can be it can also be on-premise or installed offline satin computers or laptops so [Music] [Music] okay next is virtual private network or vpn so canadian is a not so good habit and on the internet we connect only public uh public wi-fi on internet cafe and this vpn can help us because uh or can help us to hide our identity online our ip addresses and so on because it creates a tunnel like cover in our network so it can hide our identity when we connect online especially in public places so so it is attitude when it comes to cyber security and uh next is uh anti-virus not in our on our pc next is uh firewall uh some of us are familiar firewalls well uh young firewalls it is a network security system which monitors and controls incoming and outgoing network traffic starting my networks so yuma pc not nc windows i think mero narration built-in firewall it's among pc and laptops and uh human network traffic based it is based on a predetermined security rules so next is developing your personalized cyber security culture we should have a personalized security training activity inside our organization next is we should ask ourselves what is right we should have a specific policy for sensitive data of our company or our organization and our clients if ever and also for our students and uh protocol of action if we suspect the [Music] well this next slide is uh this is a slide of my colleague so sina in terms of a cyber security field well uh this is the understanding and securing our uh digital devices so compromise devices [Music] and [Music] uh if eberna see malware is a compromising pc and then they learn antivirus well we should install another antivirus and see if it will work then we should scan our computer another thing is you must suspicious icons on our browser well these are suspicious icons these guys trojans and malwares you should get the name of the icon or your website then we should search on google in order to immediate this uh this kind of uh suspicious activities adding browsers another thing is direct different websites what to do is uh we should visit our etsy hosts and technology malicious or suspicious domains [Music] so probably uh we are compromised so man another thing is maraming antivirus warnings so we should we should get the error message and google it on how to remove or immediate those another thing is webcam behavior uh one of the sign uh my suspicious baby web comes out and is led light indicator is linked randomly so what we need to do is uh a factory clean install okay factory reset so we can remove those malwares now possibly in the installation another thing is human applications is uh and what we should do is reinstall those applications because mama is compromised and so i think this is my last slide basic security and open source tools and commands [Music] we should upload it on virustotal or uh suspicious files and urls so uh database channel signatures now uh malwares uh viruses trojans and worms so freelancer you can search it online another thing is abuse ipdb so uh to detect if the ip address is compromised so it can help us to detect if a specific ip address is small issues or not other thing is your urlvoid.com turlvoid.com is uh blacklist engines so if i burn a blacklisted domain so we can search it here so um to determine if blacklistednato is so it can help us also to identify websites which involved in malware and fishing incidents so failure so free anorexia freeze of service it is designed to identify all connection on our system so active connections on our system and another thing is wireshark wireshark is a free is it it is a open source tool so it is a free tool which is uh you are goi based and this tool help us a lot when it comes to digital forensics because it helps us it helps us to analyze those packets which is traveling in and out address and so on so these are some of examples filters k wireshark but nothing shy filter based on ib address or base from ports above 1500 or and storage devices so it is a open source day i think or everywhere so uh [Music] and knowledge regarding cyber security thank you all right again thank you so much sir for the very comprehensive discussions um you have given us a very detailed discussion you started then you know with the cia triad the confidentiality integrity availability and that it branches out with um other important informations that our online viewers our teachers and our students should know okay so sir uh we will proceed now to our q and a participants are very active in um sending their questions we really appreciate you uh it's a very good indicator that you are really on to listening participants from different campuses um for for sending your questions but uh i'll be i'll just be reading a few um all right sir are you ready nepal um and sir via we will just entertain a few questions from the uh list hello for sure miss christie all right um all right first question what to do in case nama victim ran somewhere uh any of the two uh mom or sir would like to answer uh i think uh abuela voices are good all right survey and go ahead box uh mom if ever nah affected both einan run somewhere and some of the experts yeah or reverse malware processes [Music] you or on our laptops or computers and if you search for that name on the temporary folder folder nothing if you search it sometimes it is related to one acrylic ransomware is to delete those files and immediately remove your connection no laptop on [Music] [Music] [Music] so if you are infected with a ransomware marijuana decryption key you can search it on the crypto sherry so that you can uh immediately decrypt your files and uh one of the biggest uh preventive measure but nothing going is to back up our files uh this one is for mancleya ma'am yes miss christine yes ma'am ma'am another question for from our online viewer how do we differ cyber security from data privacy law i think it's between the uh specifically between the uh cyber security and data privacy okay so as mentioned ganina cyber security is the state or process of being protected against the cyber attacks or the techniques or measures taken to achieve this sturve nina cyber security is the development of a strong strategy for a cyber defense against cyber threats so uniform cyber security data privacy on the other hand okay and concentration yeah is the protection of piis or personal identifiable information but data privacy and cyber security are related in the sense that data protection is also part of cyber security so ayun posha actually at the ict meron den potion attached agency and national privacy commission who is in charge of protecting the data rights of um filipinos in the country okay paul thank you for um another one paul uh this one is for a survey answer how common are uh mitf attacks on public places uh good question to enron thank you for that question [Music] adversaries in the middle [Music] because they want uh they want to gather information on the long run in the long run and or they are stealing credentials through this man in the middle attack or mit so much for that uh last three questions but just a very quick sorry no and and mongolia um another one from our participant meron pong instances for example registering somehow webinars they are asking the google account and password to proceed with the registration would like to ask if this is safe and necessary um so just for um information companies conducting the webinars email addresses yes because as far as i am aware some other google forms depending settings if they wish to collect verified and legit email addresses from participants so bad uh register okay you need to sign in first to your google account so for me as i've also experienced um organizing online events this may be necessary because all right thank you so much mamclea one more do we have cyber insurance servian and playa a question from our online participant do we have cyber insurance cyber insurance you mean insurance company they issue this insurance policy for cyber related crimes uh into that sir yes sir go ahead sir i think uh philippines actually uh if hacking incidents are involved policy insurance policy regarding that and also detox of philippines but i think they are already into that trend [Music] serbian again i'm sorry when and when and why will you recommend using incognito tab okay so i recommend committing attention when we are accessing uh computer shops in my internet cafes credentials is uh from those [Music] and records browsing history browser history records so it is good when we are surfing on the public places [Music] thank you for that serbian uh last one question i think uh what security app or anti-virus app would you recommend for mobile phones actually use whatever you are using just make sure now updated yan okay man free licensed just uh make use of it conditions all right so that's a good reminder ma'am clay another just uh go over the terms uh and conditions again for those questions just visit the fb page of our cyber security bureau also the national computer and emergency response team visit fb page address uh just very quick to present the certificates of appreciation to you man and sir on behalf of ms euf college of computing and multimedia studies i would like to present this certificate of appreciation to miss anginet clay marijee reyes for her invaluable and exemplary service rendered as guest speaker during the webinar on cyber security awareness conducted by department of information communications technology in partnership with the manuel s in virga university foundation lucena city via google meet given the seventh day of december 2020 signed by rodrigo c belize jr dean of the college of computing and multimedia studies the same certificate is given to mr vihan montalba again [Music] thank you for thank you everyone for listening thank you mr steam yes educate and we are really grateful for our closing remarks we have the dean of the college of computing and multimedia studies of the mseuf dean rodrigo c bellezza jr thank you very much mom gayle good morning almost uh lunchtime natalya to the ict lausanne regional cluster 2 headed by director reynaldo c our two resource speakers and of course our participants of today's cyber security awareness webinar so in behalf of manufacturing berg university i would like to express our gratitude to the ict for collaborating with our university through our college the college of computing and multimedia studies in conducting the cyber security awareness webinar and and this in this afternoon the digital parenting webinar so this webinars are very timely because most of our transactions our work uh including uh education is being conducting or being done online in the new normal so the use of internet and values online platforms enabled various businesses companies industries including university schools to continue doing business and deliver their services online in this time of pandemic however we must be aware and vigilant on several security threats that was mentioned by our resource speakers and cyber crimes our webinar gave us background on various security threads the do's and don'ts online and tips on how to avoid to be a victim of this threats and cyber crimes it educates us to be cyber safe or uh on the safer and security uh use of the internet and various online platforms so i hope that you can apply what you have learned from this webinar to keep you safe online so thank you and good day everyone thank you dean augie and again that is our c uh same hope that we will all be cyber safe for our few guidelines and reminders for our participants and online viewers on screen you will see there the guide certificates will be provided to those who have attended the full duration of webinar answer the post evaluation form and pass the quiz with at least seventy percent of or seven over ten points okay so the the link will be posted and i think is already posted in our google my chat box and for youtube description again input valid and active email address when filling out the post evaluation form and our cut of time is tomorrow 4 p.m and it is made available because the replay will be found in the link available that you can see on screen all right so this is our post evaluation link again uh made available already posted uh in our uh google me checkbox and post a youtube description and don't forget to follow us on facebook at mseufccms at the ict gov ph dict.lc2 at dot kazon and at cybersect.lc2 now from the very start up to this uh for those who are watching on youtube and let's keep the information this is a very relevant and very uh comprehensive topic not just for the teachers or students uh but of course to all uh citizens as newton lee said as the world is increasingly interconnected everyone shares the responsibility of securing cyberspace that we have this shared responsibility once again this is again riego and thank you for attending our webinar thank you everyone [Music] [Music] [Music] [Music] [Music] [Applause] [Music] so [Music] [Music] [Music] [Music] so [Music] [Music] [Music] so [Music] so [Music] [Music] [Music] [Applause] [Music] [Music] do [Music] [Music] [Music] [Music] so [Music] [Music] [Music] so [Music] so [Music] so [Music] [Applause] [Music] [Music] [Music] [Music] [Music] so [Music] [Music] so [Music] do [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] so [Music] [Applause] [Music] [Music] [Music] [Music] [Music] so [Music] [Applause] so [Music] so [Music] [Music] [Music] [Music] you

Info

Channel: cybersecLC2

Views: 1,898

Rating: 5 out of 5

Keywords:

Id: lyEg2uNdfRI

Channel Id: undefined

Length: 191min 16sec (11476 seconds)

Published: Sun Dec 06 2020