Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3474 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Ethical Hacking and Countermeasures Version 6 Module XLVI Securing Laptop Computers Ethical Hacking and Countermeasures v6 Module XLVI: Securing Laptop Computers Exam 312-50 Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3475 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News Source: http://www.informationweek.com/  News Horizon Blue Cross Blue Shield of New Jersey has informed its clients that an employee’s laptop was stolen that contained personal information and social security numbers of nearly 300,000 clients. The health care insurer alerted its clients by sending letter about the laptop theft, which occurred in Newark, N.J., on January 5. Company officials said that the personal information present on stolen laptop contained name and addresses of clients, but medical data was not present. They also added that the security feature of the laptop was initiated, which can destroy all the data on stolen. According to them, the chances of accessing the data are slim, as the laptop was password protected. In May 2006, a laptop from the Department of Veterans Affairs was stolen, which contained the personal information of more than 26.5 million present and former members of the U.S military. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3476 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • Laptop threats • Laptop Theft Statistics • Fingerprint Reader • Protecting Laptops through Face Recognition • Bluetooth in Laptops • Tools • Securing from Physical Laptop thefts • Hardware Security for Laptops • Protecting the Sensitive data • Preventing Laptop Communications from Wireless Threats • Protecting the Stolen Laptops From Being Used • Security Tips This module will familiarize you with: Module Objective This module will familiarize you with:  Laptop Threats  Laptop Theft Statistics  Fingerprint Reader  Protecting Laptops through Face Recognition  Bluetooth in Laptops  Tools  Securing from Physical Laptop Thefts  Hardware Security for Laptops  Protecting Sensitive Data  Preventing Laptop Communications from Wireless Threats  Protecting the Stolen Laptops from Being Used  Security Tips Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3477 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow Laptop threats Fingerprint Reader Laptop Theft Statistics Protecting Laptops through Face Recognition Hardware Security for Laptops Protecting the Sensitive data Bluetooth in Laptop Preventing Laptop Communications from Wireless Threats Securing from Physical Laptop thefts Protecting the Stolen Laptops From Being Used Tools Security Tips Module Flow Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3478 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Statistics for Stolen and Recovered Laptops Source: http://articles.techrepublic.com.com/ EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Statistics on Security Source: http://articles.techrepublic.com.com/ EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Percentage of Organizations Following the Security Measures Source: http://www.iacis.org/ Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3479 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Laptop Threats • Criminals target laptops for quick profits and misuse of the confidential data • Laptops containing personal and corporate information can be hacked by the attackers and used for their profits Physical Security • Corrupting, destroying, or gaining access to a Laptop through hacking, malicious programs, or social engineering • Accessing the data through weak passwords and open access • Application security and vulnerabilities to attack the vulnerable application • Attacking the laptops with unencrypted data and unprotected file systems • Copying the data through removable drives, storage mediums, and unnecessary ports which are not disabled Information Security EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Laptop Threats (cont’d) • Intercepting and monitoring wireless traffic through various sniffer tools and interception software • Packet insertion and hijacking attacks into the sniffed wireless traffic • Jamming is used where the attacker uses different wireless devices at different frequencies which creates radio frequency interferences for any wireless network in vicinity • Peer to peer attacks is performed by using Ad Hoc mode • Man in the middle attack • Wi-phishing is used by hijackers to setup an access point with SSID that is used by default on most access points Wireless Security  Laptop Threats Physical Security: Protecting laptops from physical attacks is of prime importance. Data present on the laptop hard drive can be encrypted using well-known encryption tools. Data, if lost, can be fatal for any organization’s growth prospect. Attackers look for unattended/unsecured laptops to steal information from the same. Malicious users can misuse data obtained from an unsecured laptop. Information Security: Information present on the laptop can be lost by one of the following ways:  Malicious programs, hackers, and social engineering: Malicious programs like viruses, worms, Trojans, and spywares can corrupt/steal data in the laptop. Backdoors can be used to gain access to a compromised laptop. Hackers also use social engineering techniques to gather information from a user.  Weak passwords and open access: Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3480 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Passwords that consist of characters that can be guessed easily or can be cracked using dictionary attack tools are easy to break in. Enabling guest account with no authorization is an open invitation for attackers to access the data on the laptop with ease.  Application’s security and vulnerability: Applications installed with default options are prime target of attackers as it is easy to break into the applications using known vulnerabilities.  Unencrypted data and unprotected file system: Data stored in the laptop that is unencrypted or in clear text enables the attackers to access the data.  Removable drives, storage mediums, and unnecessary ports: Using removable drives such as a USB drive is an easy way of copying the information in the laptop and inserting malicious applications in it. These drives are not easily traceable and cannot be detected by scanning the network. Wireless Security:  Intercepting and monitoring wireless traffic: Information sent to the wireless communication links can be interrupted by using various sniffing tools and interception software. Intercepting and monitoring wireless traffic is a passive wireless attack.  Packet insertion and hijacking attacks: An attacker injects the false packets or commands into the wireless packet stream after sniffing the wireless traffic. This type of attack is called as packet insertion and session hijacking attack.  Jamming: The attacker uses different wireless devices running at various frequencies. These devices create radio frequency interferences for the wireless networks in the surrounding area. Due to these interferences, the victim’s network gets jammed.  Peer-to-Peer attack or ad-hoc mode: Peer-to-peer connection is created between two wireless devices by the ad-hoc mode to share the files. Attacker enables this mode and accesses or transfers the malicious files into the victim’s laptop.  Man-in-the-Middle attack: The attacker places a fake access point in the legitimate wireless network. They configure the fake access point with the help of valid SSID of victim’s wireless network gathering all sensitive information from the user connected to the wireless network.  Wiphishing: Wiphishing attack occurs when the users enable the wireless adaptor on the laptop and configures the connection to connect automatically to any wireless access point in the vicinity. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3481 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Laptop Theft • What information of a strategic nature would be disclosed? Real examples of this type of information include pending mergers, new product intellectual property, strategies and launch plans, and previously undisclosed financial operating results • What information of a tactical nature would be disclosed? Examples include private compensation information, plans for organizational changes, proposals to clients, and the myriad of similar information that can be gained from reading a person's email, calendar, contacts, or collection of documents and spreadsheets If a laptop were lost . EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Laptop Theft (cont’d) • What information about the company's network or computing infrastructure would be revealed that would facilitate an electronic attack? Examples of this type of information include usernames and passwords, dial in numbers, IP addressing schemes, DNS naming conventions, ISPs used, primary mail servers, and other networking details related to connecting the laptop to the corporate or Internet environment. • What personal information about the laptop owner can be obtained? If a laptop were lost .  Laptop Theft Source: www.systemexperts.com/laptop.html If a laptop is lost:  What information of a strategic nature would be disclosed? Real examples of this type of information include pending mergers, new product intellectual property, strategies and launch plans, and previously undisclosed financial operating results.  What information of a tactical nature would be disclosed? Examples include private compensation information, plans for organizational changes, proposals to clients, and the myriad of similar information that can be gained from reading a person's email, calendar, contacts, or collection of documents and spreadsheets.  What information about the company's network or computing infrastructure would be revealed that would facilitate an electronic attack? Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3482 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Examples of this type of information include usernames and passwords, dial in numbers, IP addressing schemes, DNS naming conventions, ISPs used, primary mail servers, and other networking details related to connecting the laptop to the corporate or Internet environment. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Securing Laptop Computers Module XLVI Page | 3483 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Fingerprint Reader Fingerprint Reader enables the user to access the laptop in a more secured and easy way It provides higher level of security while accessing the data or network BioNet 2 laptop fingerprint reader designed from Biometric fingerprint reader is specially used for portable storage devices such as laptops and PDAs It offers secured access to the applications like, valuable logons, web links, documents, image files, and more  Fingerprint Reader Fingerprint Reader enables a higher level of security mechanism for laptops. The user just needs to swipe the finger to access his/her system and the sensitive data present in it. It secures the online activities such as accessing the emails, bank, and other accounts. The BioNet 2 laptop fingerprint reader designed from a biometric fingerprint reader is specially used for portable storage devices such as laptops and PDAs. It permits secured access for the applications such as valuable logons, documents, image files, and more. It eliminates the growing complexity involved in maintaining password protected applications. The access to the applications and websites can be derived by the password manager using a fingerprint. The password manager stores multiple web and application passwords of the user in a hardware secured location that can be accessed by a single finger swipe. This can be used to even access the encrypted data.