Cyber World
Threats & Solutions

Threats
Malwares
Cases
Statistics
Online Banking Rules
Online Shopping Rules
Wi-Fi Network Security
Passwords System
Protecting Kids
Avoiding Phishing Scams
Contact

The rapid development of high-technologies and virtual world makes the cyberspace more and more important for every person’s daily life and therefore brings those threats which are significantly dangerous and sometimes lead to fatal results.

The project implies to introduce the most popular and dangerous threats of the cyber world today and also offers the most efficient solutions.

Hacking

actions taken by someone to break into a computer without permission

Process:

By which cyber criminals, attackers, hackers gain access to a computer without allowance.

Features:

Get through a computer’s security settings and exploit them in order to access private information Use various bugs, viruses providing a back door for hackers to enter and search for private information

Phishing - attracting people by sending masqueraded messages

Process:

Of sending fake emails, text messages and websites created to look like they're from serious companies for stealing the personal and financial information.

Features:

Prank a person by giving them information for an updating, validating or confirming their account. It is often presented in a manner than seems official and real in order to encourage the receiver and make them take an action Provide cyber criminals with usernames and passwords that they gained by tricking others so the hackers can access the accounts (online bank account, shopping accounts, etc.) and steal credit card numbers

Wi-Fi Network misappropriation – common method used by cyber criminals, hackers, attackers to gain personal information.

Process:

Of capturing the personal information that's shared over an unsecure/non-encrypted Wi-Fi network.

Features:

Potentially access a computer with the right equipment Steal personal information including logins and passwords

Viruses – programs infecting computer

Process:

That infects one’s computer by an email attachment or a download. Even just visiting a site can start an automatic download of a virus. USB and other external hard drives can also be infected.

Features:

Disable computer security settings Send spam Scan and find personal information including logins and passwords Provide criminals with access to computer and contact lists Seize the web browser Display unwanted ads

Malware - common way to damage a computer

Process:

That infects your computer with viruses, worms, Trojan horses, spyware and adware.

Features:

Steal private information. Reformat the hard drive of your computer, which erases all the information Alter or delete files Send malicious emails Take control of the computer and all the software that runs on it

Spam - common method of sending information out and collecting it from unsuspecting people

Process:

Of spreading malicious messages, advertising or pornography to addresses which can be easily found online (on social networking sites, forums, company websites, personal blogs, etc)

Features:

Capturing personal information by making people clicking and following malware links. Junk mails

Scams - attempt to lure victims into a type of fraud known as an 'illegal advance fee'.

Process:

Of sending fraudulent spam emails to random email addresses in the hope of enticing someone to respond.

Features:

Capturing bank account or personal details Victims pay large sums of money to cover various false costs and fees

Online Banking Fraud - fraud or theft committed using online banking technologies and conducting transactions

Process:

Of illegally removing money from, or transfer it to a different bank account.

Phishing Actively using smartphones, tablets and other mobile devices for capturing sensitive information Focus on tricking victims into revealing confidential information

Shopping and Auction Web-site Fraud - fraud or theft committed using online shopping technologies and conducting transactions

Process:

Of illegally breaking into an online shopping transactions

Features:

Phishing Spreading viruses, malware Making online shopping transactions without permission

Capturing sensitive information

Strangers on Internet – the danger of a stranger

Features:

Anonymity Introducing herself/himself as another person An individual can surf and search without interference for others Sexually exploiting vulnerable audience ( mostly children) Pedophiles pretending to be a child’s peer Pedophiles attempt to lure the child into meeting them face-to-face Children exposing themselves in chats with messages, posts, revealing sensitive information Pedophile threatening children: “I will tell your Mom and Dad that you did something bad”, “I will show your friends you did this”, etc.

Stuxnet

Stuxnet is an example of a virus created for the purpose of cyber warfare, as it was intended to disrupt the nuclear efforts of the Iranians. It was estimated that Stuxnet has managed to ruin one fifth of Iran’s nuclear centrifuges and that nearly 60% of infections were concentrated in Iran. This 500-kilobyte computer worm infected the software of at least 14 industrial sites in Iran. It is believed to have been created by the Israeli Defence Force together with the American Government.

Flame

Flame is the largest cyber weapon and nearly impossible to track down, discovered by Kaspersky Lab’s experts – during an investigation that was prompted by the International Telecommunication Union (ITU) – Flame is designed to carry out cyber espionage. It can steal valuable information – including but not limited to computer display contents, information about targeted systems, stored files, contact data and even audio conversations. Its complexity and functionality exceed those of all other known cyber weapons. Flame’s victims range from individuals to specific state-related organizations or educational institutions. Flame is a sophisticated, malicious program that is capable of stealing large volumes of data and many different types of information.

Zeus

Zeus is a malware made to infect Windows computers in order to perform various criminal tasks. Mostly the computers were infected by downloads or phishing scams. First identified in 2009, it managed to compromise thousands of FTP accounts and computers from large multinational corporations and banks such as Amazon, Oracle, Bank of America, Cisco, etc. Controllers of the Zeus botnet used it to steal the login credentials of social network, email and banking accounts. In the US alone, it was estimated that more than 1 million computers were infected, with 25% in the US. The entire operation was sophisticated, involving people from around the world to act as money mules to smuggle and transfer cash to the ringleaders in Eastern Europe. About $70 million were stolen and in possession of the ring. 100 people were arrested in connection of the operation. In late 2010, the creator of Zeus announced his retirement but many experts believe this to be false.

SpyEye

SpyEye is a malware which creates fake online bank statements, with this program cyber criminals steal passwords from browsers, use your debit card details to drain accounts, whenever a victim visits bank, it adjusts figures so the criminal transactions don't appear. It actually steals the money and then offers false reassurance that it's still there. SpyEye attack has been used in U.S. and UK The main idea of the malware is that that it gives hackers more time to use victims’ debit card details on fraudulent transactions without making them even suspect that anything wrong is happening.

CryptoLocker

CryptoLocker is a computer malware targeted at computers running Windows. It hijacks users’ documents and asks them to pay a ransom, with certain deadline. It encrypts files on the compromised computer and demands a ransom to provide the decryption key needed to decrypt the files. It is spread by emails, and once a computer is infected, it will proceed to encrypt certain other files too. It is easy to remove the malware from the computer, but the idea is that the files still remain encrypted. The only way to unlock the files is to pay a ransom by a deadline. If the deadline is not met, the ransom will increase. The ransom amount usually is USD 400. The ransom operation was stopped by the law enforcement agencies and security companies which finally managed to take control of the CryptoLocker and Zeus. Evgeniy Bogachev, the ring leader, was charged and the encryption keys were released to the affected computers. The official number of infections is approximately 500,000, 1.3% of them paid the ransom, which equals for about USD 3 million.

Turla Following worldwide security researchers and Western intelligence officers, Turla is suspected to be the product of a Russian government agency. It has been targeting governments and militaries since at least 2008. According to the latest Kaspersky Lab research Targets were the goernment entities (Ministry of Interior, Ministry of Trade and Commerce, Ministry of Foreign/External affairs, intelligence agencies), embassies, military, research and education organizations and pharmaceutical companies. Most of the victims are located in the Middle East and Europe, it was actively used against Georgia. Following Kaspersky Lab experts research, there are several hundred victim IPs distributed in more than 45 countries, with France at the top of the list. In total, the research has observed more than 100 injected websites.

MiniDuke & CosmicDuke

This malware together with Turla was also actively used against Georgia. Following Kaspersky Lab’s latest report the MiniDuke malware was used to attack multiple government entities and institutions worldwide during the past years. According to Kaspersky Lab’s analysis, a number of high profile targets have already been compromised by the MiniDuke attacks, including government entities in Ukraine, Georgia, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, a research institute, two think tanks, and healthcare provider in the United States were also compromised, as was a prominent research foundation in Hungary. As for CosmicDuke, it was discovered in 2014, which uses the old style Miniduke implants from 2013 that are still around and are being used in active campaigns that target governments and other entities, Kaspersky Lab team reported. “The main “new” Miniduke backdoor (aka TinyBaron or CosmicDuke) is compiled using a customizable framework called BotGenStudio, which has flexibility to enable or disable components when the bot is constructed”.

Sofacy

The Sofacy malware, also known as APT (Advanced Persistent Threat) 28 about a Russian-speaking threat group that has been active since at least 2008 carrying out targeted attacks against military and government offices of NATO countries, Georgia and the Ukraine. Moreover, Kaspersky Lab experts have discovered new, even more advanced tools in Sofacy’s arsenal: Interchangeable: The attackers use multiple backdoors to infect a target with several different malicious tools, one of which serves as a reinfection tool should another one be blocked or killed by a security solution. Modular: The attackers use malware modularization, putting some features of the backdoors into separate modules to better hide malicious activity in the attacked system. This is an increasingly popular trend which Kaspersky Lab sees regularly in targeted attacks. Air-gapped: In many recent (2015) attacks, the Sofacy group made use of a new version of its USB stealing implant, which allows it to copy data from air-gapped computers.

DNSChanger According to DCWG – DNS Changer Working Group, on November 8, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals in “Operation Ghost Click”. The criminals operated under the company name “Rove Digital”, and distributed DNS changing viruses. The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet.

Kelihos

Following the official information of Microsoft, Kelihos, also known as Win32/Kelihos is a malware that distributes spam email messages. The spam messages could contain hyperlinks to installers of Win32/Kelihos virus. It may communicate with remote servers to exchange information that is used to execute various tasks, including sending spam email, capturing sensitive information or downloading and executing arbitrary files. Kelihos is Microsoft’s name for what Kaspersky calls Hlux. Hlux is a peer-to-peer botnet with an architecture similar to the one used for the Waledac botnet. It consists of layers of different kinds of nodes: controllers, routers and workers.

The APT 28 case

According to the report published by U.S. security firm Fire Eye, a Russian hacking group has been taking advantage of the flaws found in Adobe Flash and the Microsoft Windows OS in order to gather information about governments. Other targets include military and security organizations and other groups with diplomatic ties, which are believed to be valuable to the Russian government. Following the report, the group known as APT (advanced persistence threat) 28 launched an attack on April 13 against an international government entity by utilizing the recently disclosed flaws in the Adobe and Microsoft software. The attackers sent out a link to unsuspecting victims which, when clicked, would direct them to a website making PC vulnerable to future attacks. Fire Eye said in a white paper they released in 2014 that APT 28 had launched attacks against military and political organizations beginning in 2007 and that Kremlin has special interest towards the NATO alliance offices and government officials in Georgia.

The Georbot Case

This case particularly refers to Georgia. According to ESET researchers, the so called Georbot is a Malicious software that gets updates from a domain belonging to the Eurasian state of Georgia. It was created particularly for capturing the information from Georgia. After further investigation, ESET researchers were able to gain access to the control panel of the botnet created with this malware, revealing the extent and the intent of this operation. Following the researches, amongst other activities, the malware will try to steal documents and certificates, can create audio and video recordings and browse the local network for information. One unusual aspect is that it will also look for “Remote Desktop Configuration Files” that enables the people receiving these files to connect to the remote machines without using any exploit. The bot also has a fall-back mechanism in case it can’t reach the C&C (Command and Control) server: in that case it will then connect to a special webpage that was placed on a system hosted by the Georgian government. This does not automatically mean that the Georgian government is involved. Quite often people are not aware their systems are compromised. It should be also noted that the Data Exchange Agency of the Ministry of Justice of Georgia and its national CERT were fully aware of the situation as early as 2011 and, parallel to their own – still ongoing – monitoring, have cooperated with ESET on this matter. ESET’s researchers were also able to get access to the bot’s control panel which displayed clear details about the number of affected machines, where they are, possible commands, and so on. The most interesting information found on the control panel was a list with all the keywords that were searched for in documents on infected systems (including a lot of three letter agencies like KGB, FSB and CIA). Countries where Georbot was mostly used:

Ukraine Power grid Hacking Case

This case refers to Ukraine. On December 23, 2015 the power suddenly went out for thousands of people in the capital of Ukraine, Kiev, and western parts of the country. Ukrainian security officials immediately made claims about the cause of the power failure and stated Hackers had taken down almost a quarter of the country’s power grid. Moreover, the Ukrainian officials blamed Russians for attacking the main power system and afterwards jamming the power companies’ phone lines to keep customers from alerting anyone. The Ukrainian hack knocked out at least 30 of the country’s 135 power substations for about six hours, said the Bloomberg Business - “Cyber security firms working to trace its origins say the attack occurred in two stages. First, hackers used malware to direct utilities’ industrial control computers to disconnect the substations. Then they inserted a wiper virus that made the computers inoperable”. Operation Pawn Storm Operation Pawn Storm is an active economic and political cyber-espionage operation that targets a wide range of high-profile entities, from government institutions to media personalities. Its activities were first seen as far back as 2004, but recent developments have revealed more concrete details about the operation itself, including its origins and targets. It is Utilizing spear-phishing email leading to SEDNIT/Sofacy, also reating fake Outlook Web Access (OWA) login pages for credential phishing mail payloads. Following the research paper named “Operation Pawn Storm: Using Decoys to Evade Detection”, this case is known to have targeted the following: NATO and the organization's member states Government, Military and Media entities in the US Government, Military and Media entities of US allies Russian dissidents/political opponents of the Kremlin Russian citizens across different civilian industries and sectors Ukrainian Activists Ukrainian Media Ukrainian Military and Government Governments in Europe, Asia and the Middle East Besides, according to the research there are several most notable activities that was conducted within the Operation Pawn Storm:

June 2014 – compromised Polish government websites September 2014 – targeted a large US nuclear fuel dealer by setting up fake Outlook Web Access login pages for its employees. Also launched fake OWA login page attacks against military and defense institutions in the US and Europe December 2014 – attacked the corporate accounts of 55 employees of a large US newspaper, using the compromised account of a US military correspondent they’d attacked earlier in the same month January 2015 – targeted three popular YouTube bloggers with a Gmail phishing attack. The attack happened four days after the bloggers interviewed US President Barack Obama at the White House February 2015 – discovered to be using malicious iOS apps for espionage. Also attacked NATO liaison in Ukraine with fake OWA page April 2015 – launched attacks against NATO members. Also attacked the French TV station TV5Monde by causing several global channels to go off-air July 2015 – discovered by Trend Micro to be using a new Java zero-day exploit July 2015 – redirected one of their C&C servers to a Trend Micro IP August 2015 –domestic spying campaign revealed, targeted Russian dissidents, media, artists, military, including the spouses of senior US officials September 2015 – set up fake server that mimicked the SFTP (Secure File Transfer Protocol) server of the Dutch Safety Board and created a fake Outlook Web Access (OWA) server to target a Dutch Safety Board partner in the MH17 investigation October 2015 – discovered by Trend Micro to be using Adobe Flash zero-day exploit code and targeted several ministries of foreign affairs via spear phishing emails

UN data cybercrime issues worldwide (2014)

According to the UN, the number of computer crimes committed for the purpose of economic gain (computer fraud) is the one third of the total number of cybercrime in almost all regions. According to many reports regarding the prevalence of such crimes, the most frequent ones are the "fraud in electronic commerce and payments in the field", "fraud on the Internet auctions - such as “ebay", "financial and personal information against cyber crime", "fraud scheme email and social websites through" . ჩარტი სლაიდზე (ზუსტად ასეთი ფორმით მინდოდა გაკეთება და ვერ გამომივიდა, იქნებ დამეხმაროთ ☺, თარგმანი იხ. ქვემოთ): Source: The Chief Prosecutor's Office in Georgia, Analytical Issues Division (2014)

Increased cases of Cyber Crime worldwide:

Racist and xenophobic acts committed by using a computer – 24 % Production, distribution or possession of child pornography – 16 % Illegal access to computer data, transfer or extraction – 13 % Computer-related acts causing personal harm – 9 % Illegal invasion of a computer system – 7 % Personal data theft – 5 % Supporting terrorism – 5 % Minor corruption – 3 % Privacy or data protection system disorders – 2 % Computer fraud – 2 % Sending SPAM/SPAM message control – 2 % Copyright infringement – 2 % According to the information provided by UN, the annual losses caused by cybercrime in Europe and the United States amounts to several tens of billions of dollars. All the data in the computer crimes is always higher than the official data recorded. It should be noted that under these circumstances are not detected. "FBI-'s" computer data, about 85 percent of the crimes were not revealed, but only one percent of the cases before the court goes. The virtual destruction of evidence easily and quickly, which sometimes makes it impossible to open up the offense. According to the statistics worldwide, China is at the first place regarding the cyber crime rate - 83 percent of web users are the victims of a cyber crime, followed by India and Brazil at 76 percent, then followed by the United States at 73 percent. Cybercrimes increased dramatically in Japan, especially child pornography, copyright violations, and database attacks. Cybercrime, especially copyright violations is frequent in Georgia.

Cybercrime in Georgia

Tbilisi City Court's public information in the form of statistical data: According to the Tbilisi City Court Criminal Law Panel, in 2006 there were - 2 criminal cases regarding the cyber crime, in 2010 – the number was increased at 5, in 2011 – 26 and in 2012 - 31 cyber criminal cases. 41 was the number of the cyber criminal cases recorded in 2013. The cases mostly implied to Infringement of privacy, illegal access to computer systems, data abuse, data or system damage.

In today’s digitalized world all the money transactions are conducted via Online. Today’s most money is not in the forms of bills or coins, but it is held in computers and banks.

Main rules for online banking security: Avoid the disclosure of a debit or credit card PIN (personal identification number) in email or on the phone. Make sure you know who wants the information and why whenever you're asked to provide your Social Security number or other confidential/private information. Don't use part of your Social Security number as a PIN.

Don't write down passwords, your Social Security information or other private information on your smartphone. Review bank statements for accuracy.

Be skeptic towards strangers who ask for personal information by email or via phone. Be attentive towards email attachments and "free" software.

Be attentive while downloading applications, do not click on links or reply to email that might be harmful, fake or malicious. Always try to keep the operating system and Internet browser of the laptop or mobile device's up to date.

Besides, there are several tips about how to reduce the risk while using online banking systems: 1. Use strong, unique, smart passwords - do not use personal information. 2. Avoid posting information to social media that could be used to guess your passwords or answers to your security questions. (Birthdates, anniversary dates, your mother's maiden name, your pets' names, the type of car you drive, favorite brand, clothing, shoes you wear, etc). 3. Use mobile phones – if the bank offers mobile application, which is far more secure than PC or Laptop. 4. Set up bank account notifications that can alert you to if any transaction was conducted regarding your bank account. 5. Don't sign into online banking on a public computer, internet-café, libraries, working place, etc. 6. Always sign out when you've finished your transactions, even in case are at home using your home computer or your own mobile phone or other gadget.

Online shopping

– easy, convenient way to shop without wasting extra time and energy and even money, but there are dark sides of online shopping which must be avoided in order to feel fully safe and comfortable in what we wear.

There are several advices to be secure while shopping online: Always try using a credit card with a low credit limit specifically for your online purchases.

Always try to use a credit card instead of a debit card, because credit cards can be safer while shopping online. For instance, if someone will try to obstruct your financial information online, they can do less damage and you have more recourse than if you’d used a debit card. For much deeper explanation, there are two main reasons why: Credit cards have spending limits, while debit cards don’t, because they are directly linked to your bank account. Money withdrawn directly from your checking account by a debit card is much more difficult to recover.

Try to print or save a copy of your orders and invoices, simply because it’s always a good idea to keep documentation of your online purchases and even copies of them. Most retailers will send you an email or direct you to a web-site with a confirmation of your purchase, which should include a purchase receipt and a confirmation number (invoice). Print or save the invoice and keep it well until you get the product. Before you buy anything online, make sure that the vendor has encrypted its payment form. Many sites use SSL (secure sockets layer) technology to encrypt information sent between your computer and the store’s server; this is typically indicated with an icon and a web site address that begins with “https:” instead of “http:”, here the letter “s” is for “secure”. Be careful about who you’re giving your payment details to. If you’re not entirely sure the retailer you’re visiting is reliable or not, do some research to verify its security. You can look for reviews of the store with key words such as [the shop’s name] reviews or [the shop’s name] fraud. If there are any fraudulent cases, there will by all means be victims who have shared their bad experience and complaints on the Internet. Also look to see if the shop has any contact phone numbers, e-mail or bank details accessible. You can also check with the help of those contact details. Two main ways for optimizing your PC security settings, which are important for safety, because many malicious programs are specially designed to take advantage of security vulnerabilities in operating systems and browsers.

Keep your browser and operating system up-to-date. Run System Mechanic’s Security Optimizer, which automatically finds and repairs vulnerabilities. Use a good anti-virus program. Be sure the automatic updating feature is enabled within the software. Moreover, many viruses can easily mutate and alter, use a program designed to detect newly created or mutated viruses. Also, do not forget to use strong passwords.

Wi-Fi network

– an inseparable part of today’s internet life, many hackers try to attack those networks and misuse them, so there goes the question, how to secure our Wi-Fi network? First of all, Knowledge of Wi-Fi working system is important, going wireless means connecting an internet "access point", like a cable or DSL modem to a wireless router, a signal is through the air, which can be sent as far as several thousands of feet. Any device within range of those signals is capable of pulling the signal from the air and gaining the access to the internet. Therefore, anyone nearby can use your network, any of your neighbors or a hacker, at least unless you secure your network. Next tip is to always Keep Your Router Secure, because the attacks over the internet become frequent day after day and it is important to protect your network by keeping your router secure. The router sends traffic between your local network and the internet. Therefore, if the router is not secure, strangers can easily gain access to important personal and private information. Hackers can also take control of your router and automatically send you to false and even dangerous web-sites. It is also good to Encrypt the information you send over your wireless network, so that nearby attackers and hackers can’t jump into the process of those communications. Encryption veils the information you send into a code so that it’s not accessible to others.

There are two main types of encryption for Wi-Fi: WPA - Wi-Fi Protected Access WEP - Wired Equivalent Privacy WPA protects you against most attackers; it is a newer and stronger one. Some older routers use WEP encryption, which likely won’t protect you from some common hacking programs. Whenever you use them, don’t forget that your computer, router, and other equipment must use the same encryption. Wireless routers often come with the encryption feature turned off. In this case, you have to turn it on. You can either read the instructions whenever you buy the Wi-Fi router or ask the company staff. How often do you come across with the very familiar names like Tenda, Silknet, Dato, Nato, Gigi and others while trying to connect with Wi-Fi network in Georgia? - Very often. The first two examples are the names of the manufacturer companies, in other words, Wi-Fi networks without names, while the last three ones are the names of the people who own Wi-Fi network. It is recommended to Change the Name of the Wi-Fi router rather than remaining the default one. The name of your router is likely to be a standard, default ID assigned by the manufacturer. Also try to avoid naming the network after your own name. Change the name to something unique that only you know and it does not identifies directly with you. Very often in Georgia, people also name their Wi-Fi networks after their phone, cell numbers, which is also strictly not recommended – it means, one of the most important private information is already easily accessible for anyone! If the name can be a default one, this means that the password also is a default one, therefore you have to by all means Change your router's pre-set password(s). The manufacturer of your wireless router probably assigned it a standard default password (12345678 – almost in every case) that allows you to set up and operate the router, as its “administrator.” Hackers know these default passwords, so change it to something only you know. The same goes for any default “user” passwords. You can check our previous section about Password systems. Besides, always Turn off any “Remote Management” features. Some routers offer an option to allow remote access to your router’s controls, such as to enable the company co-workers to provide technical support. Never leave this feature enabled. Hackers and attackers can use them easily. Also, Log out as Administrator, to lessen the risk that someone can jump on your session to gain control of your device. Finally, after securing your Wi-Fi network, secure your computer too! Use protections like antivirus and keep these protections up-to-date.

A Password

– it is the last barrier of being secure, which separates your electronic private life and those who try to hack into it. Therefore there are several tips for creating unique, strong passwords, remembering them easily and of course keeping them safe. How to Create Unique and Strong Passwords Strong password is significant, but before you begin creating strong passwords, you need to consider the use of those passwords, otherwise even very strong passwords may not protect your private life and information online. The intent is to create strong passwords unique to each account, but easy enough to memorize. To do this, first begin by splitting the sites you frequently log in to into categories. For example, your category list may look like this:

Forums Social networking accounts E-mail accounts Banking sites Auction sites Mobile networking sites Online shopping sites

Under each appropriate category, list the names of the sites: For example, if you have a Facebook, Google +, Youtube, Instagram, Pinterest and other social media networking accounts, list these under the category “Social Networking Accounts”. After you've completed the list, you're ready to begin creating the strong, unique, and easy-to-remember passwords for each of them. Creating strong passwords A strong password should be consisted from minimum 14 characters. Try to never use personal and private information. One of the commonly recommended means of creating a password is to first create a so called passphrase, modify it to the character limit and only after that begin swapping characters for symbols.

Instruction:

Come up with an 8 letter passphrase that is easy to remember. Take the first letter of each word to form the password. Substitute some of the letters in the word with keyboard symbols and caps (symbols are better than caps). Tack on a three letter abbreviation for the category, also replacing one of the letters with a symbol. Tack on a site specific three letter abbreviation, again replacing a single letter with a symbol.

Example:

In step 1 we might use the pass phrase: Gustav Klimt is one of my favorite artists Using the first letters of each word, we end up with: gkioomfa Then we swap some of those characters with symbols and caps: GK100fa Then we tack on the category, (i.e. soc for social networking) Finally, we add the site abbreviation (i.e. fb for Facebook) and swap out characters: fb

We now have a password for our Facebook account of GK100fasocfb Repeat for each email site, so perhaps you end up with: Youtube: GK100fasocyt Instargram: GK100fasocin Pinterest: GK100fasocpi

For being more secure, it is recommended to change passwords as frequently as possible (at least every Month)

How to Remember Passwords The first thing that may pop up as an idea in your brain while thinking about remembering passwords is simply to write down, but remember the worst thing that you can do regarding this issue is to write down your passwords, because if the password is written somewhere it is already vulnerable to someone reading and misusing it. However, it does not mean that you cannot write it down in your own computer and if someone does have physical access to your computer, it doesn't really matter whether you've written down your passwords or not - you've already lost the security battle. You can keep the password reminder list in a locked file cabinet, safe box, or similar secure container. You can even maintain the list on the computer itself, provided the file containing the passwords is encrypted with a strong password itself. Plain old memorizing is a good approach too. The mental exercise may just give your brain the workout it needs to stay younger longer. Several tips for keeping passwords safe: Don't leave your passwords lying around Don't reveal your passwords to others Never give your password out in an email Change reset passwords Gamers: don't give your password out in game. Never, ever respond to an email asking for your password Don't use computers at Internet cafes or in hotel business centers

Today’s children live in a totally digitalized world, full of gadgets, devices, internet, social network and other easily accessible ways of communication at any place of the world. Therefore, there is a high risk that children may not be fully or well-protected from the harassing content conveyed through internet. There are several rules and advices how to protect your kid from the exposure of malicious content and its impact. Try to keep an eye on the PC monitor almost all the time when your child is using the computer, laptop or other devices. Teach them to never reveal personal or private information.

Use browser's parental controls. Almost every internet browser, Mozilla Firefox, Google Chrome, Safari and Internet Explorer have an Internet options folder where you can easily set up security safeguards and content filters for language, nudity, sex, and violence. Talk to your child about sexual victimization and potential on-line danger. Spend time with your children on-line. Let them share their emotions with you about what they like or dislike on internet. Keep the computer in a common room in the house, not in your child’s bedroom.

The child must have parental permission to open a social networking account. The parent must know all the username and passwords to all social networking accounts. Be friends with your child on social networking web-sites, always add your children as friends and control their newsfeeds and timeline. Do not allow your child to add anyone in friends until she/he has your permission. The child must not be allowed to indicate their sex, age, address, location, telephone number or school in their public profile. The child must not be allowed to share with personal information about family issues or other problems that may arise. The child must not be allowed not meet face-to-face with someone unless a parent is present.

Tell your children:

to never arrange a meeting in person with someone they met on internet to never download pictures from an unknown source, as there is a good chance there could be sexually explicit images or malicious viruses to never upload (post) pictures of themselves onto the Internet or on-line service or send them to other people to never respond to messages that are suggestive, obscene, or harassing that everything they hear, read, see on internet may not be true

Everybody knows what Fishing is. It is a popular activity of catching fish. Everybody knows or at least have seen or read how to fish. You have to throw your hook as far as you can in the sea with the help of your fishing pole and wait until fish will be attracted by a hook pretending to be a worm or food which actually attracts fish. The same is for Phishing; Imagine the internet is the sea, you are a fish and a hacker tries to attract you with a worm, which in real is a dangerous hook. The process of Phishing means fraudulent behavior during which attacker/hacker tries to learn information such as log in credentials or account information by introducing herself/himself as a reputable entity or person in email, IM or other communication channels. Phishing is popular with cybercriminals, because it is much easier to make someone click on a fraudulent link rather than breaking through someone’s computer. Although some phishing e-mails are written in a poor manner and are easy to recognize, still there are sophisticated cybercriminals, who own the techniques and skills of professional marketers and PR-specialists to make fake messages look like the most effective types of messages. To make phishing messages look like they are real and originally from a well-known company, they include logos and other identifying information taken directly from that company’s website. Some phishing scams use JavaScript to place a picture and an icon of a legitimate URL over a browser’s address bar. Phishing "hooks" are those messages and links that their creators know have the highest "open" or click rates and the Facebook posts that generate the most likes. Phishing campaigns are often built around the year's major events, holidays and anniversaries, or take advantage of breaking news stories, both true and false. Examples of Phishing Messages “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.” "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity." "During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."

How to Avoid Phishing Scams

Firstly, the key thing in exposing attackers is that in their malicious messages they by all means include sentences which ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Remember, that legitimate companies never ask for private information via email or text. Secondly, hackers try to send you messages which attracts you, therefore they are similar or even perfectly suitable to your sphere of interest. Therefore, the messages may appear to be from organizations and companies you mostly visit, like, you do business with – banks, for example. Also, they include an information containing threat in order to force you to respond them, for example, they will close your account or take other action if you don’t respond and others. But, you have to always remember NOT to reply or click on links or call phone numbers provided in the message. These messages direct you to malicious sites that look real but whose purpose is to steal your information and or/afterwards commit crimes in your name. Whenever you see a message like that and don’t know if it is true or false, try to reach an organization you do business with and from “whom” you received the message, call the number and ask them about the case. Tips for avoiding Phishing: Don't email personal or financial information to anyone, anywhere. Email is not a secure method of transmitting personal information. Only provide personal or financial information through an organization's website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https - the "s" stands for secure. But, some sophisticated and experienced phishers even have forged security icons.

Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances. Be attentive about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses or other malicious stuff that can weaken your computer's security. Use trusted security software and set it to update automatically. Report Phishing E-mails: Forward phishing emails and report them to reportphishing@antiphishing.org – The worldwide Anti-Phishing Working Group.

Which state structure to refer?

cert.gov.ge – National Computer Emergency Response Team in Georgia The group's primary goal is to assist the law defined the critical information assets of organizations, also the members of the group ensure high-level involvement in settlement of the hacker attack incidents. The group serves the governmental and non-governmental organizations and private persons. csbd.gov.ge – Cyber Security Bureau in Georgia Defense Ministry’s Computer Emergency Response Team, which exclusively serves the Defense Ministry's computer infrastructure, streamlining incident response, monitoring, etc. Cybercrime Division - the Ministry of Internal Affairs - police.ge - which is responsible for computer crimes investigation. personaldata.ge - Personal Data Protection Inspector A separate Office in charge of supervising the implementation of citizens' personal data protection laws, raise awareness of personal data and personal cyber space.

112 2 41 12 96, 2 41 17 67 cybercrime@mia.gov.ge