March 5, 2007
There don’t seem to be too many people left who actually believe that Julie Amero was deliberately attempting to expose children to pornographic images. (The notable exceptions to that appear to be the prosecutor in Connecticut). I wrote about this case in more detail here.
Last week the Judge Hillary Strickbein postponed sentencing until March 29th at the request of the defence team. Apparently the postponement had been requested in order to give a new attorney and consultant time to familiarize themselves with the case.
With most of the supposedly “expert” technical evidence apparently having been discredited, Assistant State’s Attorney David Smith claims that Ms Amero did not do enough to protect the children from exposure to pornography, (eg shutting down the computer). The substitute teacher had already informed colleagues that there was a problem with pop-ups on the PC, and had been told to ignore them. She was also under instruction NOT to turn off the PC.
I wonder if Mr Smith will use the same logic to pursue the individuals responsible for ensuring the school had proper technology in place to protect them from spyware. And whoever was responsible for ensuring teachers had full training on the PC’s. And whoever allowed the PC’s to be implemented without effective password controls. And whoever wrote and circulated the spyware that infected the PC in the first place.
Based on what I’ve read of the case to date, Julie Amero should be way down the list of people culpable for this. If Assistant State’s Attorney David Smith was hoping to make a name for himself out of this case, then he has certainly succeeded. Sadly though it looks as though justice, (and Julie Amero) were poorly served in the process.
February 27, 2007
Ever heard of phishing? It’s the process whereby someone tries to lure you into divulging personal details, (username, password, account details etc), usually by sending you a mail that appears to come from your bank explaining that their servers are to be upgraded, and asking you to follow the link and re-enter all your details.
Well, last week a major pharming attack hit users of 65 banks in the US, Europe and Australia. Pharming is kind of a step up from phishing, because you don’t need to click on a link in an email. Basically what it does is recognise when you wype in the url for your banks site, and redirect those requests a duplicate site. In last weeks case, all the information keyed in by users was subsequently forwarded to the banks in question, which of course makes the problem harder to detect. But by the time the banks received the information entered it had already been captured by the guys behind the scam.
According to Yahoo news, target institutions included Bank of Scotland, Barclays Bank, eBay, Paypal, Discover Card & American Express.
The whole thing seems to have been launched through a trojan known as Burglar.A, which in turn downloaded a number of other Trojans. Keylog.LN, which captures keystrokes and looks for user login details, Banker.CLJ which carries out the pharming scam, FileStealer, which installs a web-server on the PC giving the authors remote control of the server, and Sters.P, designed to prevent users and programs from contacting their websites for security updates.
So overall this was a really nasty little piece of code. The Internet is a fabulous place, but to quote Hill Street Blues….Let’s be careful out there!
February 26, 2007
Last week I was explaining to a client about how hackers operate, and they simply didn’t believe that anyone would want to hack into their systems. After all, they’re a micro-business operating in the south-east of Ireland. In global terms they are a complete non-entity.
One of the great things about the internet is that you don’t have to be a multi-national corporation to have a multi-national presence. A single PC in the kitchen can provide services to companies all over the world. And that’s what makes every PC a target for hackers. The Washinton Post reported on this last week:
“Last month, a number of anti-spam Web sites came under a sustained distributed denial of service (DDoS) attack, an electronic assault during which the attackers use thousands of compromised personal computers to overwhelm a target with so much bogus traffic that the PCs can’t accommodate legitimate visitors.
The attacks were made possible by tens of thousands – perhaps millions – of computers infected by the recent e-mail virus known as the Storm worm.”
This is just one example but it explains how important it is for every PC to be properly protected. The Storm worm is now particularly ingenious in the way it works. It hit the internet at a time when they’re were particularly bad storms raging across Europe, which helped it spread, but it can be blocked by most commercial security products.
The problem here is that people will go out and spend €1000 on a PC, and then be reluctant to spend €30 or €40 on a decent internet security product. Even the free products like avast and avg provide good levels of protection. I don’t believe that people are that stingy, so surely the problem is a lack of awareness.
February 15, 2007
I’m still fairly new to the whole blogging thing, and one of the things I’ve read since I started this was that the blog title should be simple and relevant to the content.
This blog is all about making computer security simple and accessible to non-technical computer users. But it just occurred to me that it may seem like I’m saying that computer security is a simple area. That’s not the case at all. In fact there are layers and layers of complexity and specific areas of expertise within the overall “computer security” field.
The idea that you will make your computer or your network completely secure is nothing more than a pipedream. Sadly, there’s no such thing as Total Computer Security. What you can do though is implement security measures that provide an optimal level of protection. This idea of “Optimal Security” is discussed in more detail on my secureyourbusinessnow.com site, (see the blogroll), but basically it means looking at what you are trying to protect, the threats you are trying to protect from, and then deciding on the best security solutions for your needs.
So the optimal security level will vary from one company or even 1 PC to the next. If you have a PC used for your accounts, payroll, client details, etc, it is more critical than a PC used for web-browsing. That doesn’t mean you don’t implement security in some cases. There is a base level of security that should always be in place on any PC, (and unfortunately often isn’t!!!).
What it means though is that you don’t need to be a technical guru to protect your computers to a level where they are relatively safe from attack. In economic terms, you reach the point of diminishing marginal returns, where spending more money, time or effort will not give you sufficient return to make it worthwhile. It’s up to you to decide where that point is, and you do that by understanding your needs, the threats, and the solutions.
All of which doesn’t have to be that difficult, once you remove the hype and jargon, and focus more on SECURITY and less on COMPUTER.
Clear as mud??? Let me know
February 8, 2007
Maybe I’m biased here because I just got a panic call from someone who’s lost a whole load of critical information, but…surely the most important security tool is not anti-virus software, or firewalls, or anti-spyware. It’s got to be backups.
There are any number of threats out there, and any number of technologies available to protect you from them, but at the end of the day, the warm cozy feeling of knowing that no matter what happens, all your critical data is nicely secured offsite is priceless.
That’s not to say you don’t need all the other stuff. Anyone who doesn’t have proper virus protection and a decent firewall in place nowadays is just crazy. But even with all these measures in place, bad stuff can still happen. Properly implemented and properly executed backups are the magic wand that will save the day and leave you looking like a hero. (The downside is that poorly implemented backups, that have missed out on some key information, or that haven’t been checked, could cost you your job, so make sure you get it right.)
February 5, 2007
I wrote recently about the storm worm that was doing the rounds. According to recent reports it has now infected 1.6 million PC’s, making it one of the most widespread infections experienced to date.
The main victims so far have been home users, and that trend is likely to continue as corporate spam-filters, virus protection and firewall solutions continue to ensure most businesses are safe.
In truth there’s no excuse for people getting infected with this as the technology is well able to deal with it. The real danger is those pople who haven’t implemented or maintained the proper security solutions and practices. Sadly, there are plenty of those type of potential victims out there, so we probably haven’t seen the last of this storm.
January 28, 2007
There’s a big debate going on in the computer security world at the moment about whether you are better off running different software vendor’s products for different security functions.
For example, should I use F-Secure anti-virus and Zone-Alarm firewall, or should I select a single product from F-Secure or Zone-Alarm that will do the whole lot.
The advantage of a single-vendor is that you can be sure that different products will not conflict with each other. For example, either of the two companies I referred to above operate Internet Security products that include virus protection, spyware protection, firewalls, etc. You would have no guarantees that one companies AV product will run smoothly alongside another’s Anti-Spyware program.
On the other hand, if you put all your eggs in one basket, you are at risk too, particularly as malware writers have been known to target specific security vendors.
I don’t think there is an easy answer to this. I use a mix of products I know well and trust, but many people don’t have the space and time to spend looking at different options. On that basis, I would recommend going for the Internet Security package, rather than a combination. Both F-Secure and Zone-Alarm are excellent products, though there are other good ones out there.
For info on the best security products check out the link below. Some of these are free and some are not but they are all good products that should do a decent job for you. https://simplecomputersecurity.wordpress.com/2007/01/22/best-free-stuff/