 |
 |
| Because Safety & Security are What the Holidays Are All About |
Winter 05/06 Issue #5 Vol.2 |
INTRODUCTION: Do you + common sense = security in 2006?
HEADLINES:
1. Could keyloggers be the biggest threat of 2006?
2. Rogers accused of cover-up and profiting from criminal activity
3. Pedophile gets fooled by spam and surrenders to police
4. Nazi worm promises January attack
5. What type of employee are you?
6. What better time to defraud good samaritans than the holidays!
7. Santa Claus worm infects computers through instant messaging
8. Article: How do you react to pop-up messages and warnings?
INTRODUCTION:
Security in 2006: who
would have thought that vigilance and common sense would come in so
handy?
It looks like we've polished off another year. As predicted, it was a busy one for spammers, malicious hackers and other criminals bent on using technology for illicit profits. Indeed, by all accounts, there has been strong growth in the number of successful security breaches and new malware out to get any user of devices powered by electricity.
2005 saw the introduction of some 16,000 new viruses and 6000 new keystroke monitors (see below). As more mediocre hackers have realized the financial upside of computer crime, we have seen more low-tech attacks with the ultimate goal of stealing money. Such attacks include phishing, social engineering, domain hijacking, repackaging of existing viruses and credit card theft.
Numerous security breaches continue to fall through the cracks. These mostly involve spyware, cell phone and voice mail hijacking, backup data theft, data corruption and eavesdropping of all kinds. In fact, I would be willing to bet a year's worth of PULSE subscription that every single person has been affected by malware or some kind of security breach in the past 12 months. I know what you're thinking but believe it or not, it's statistically easier to demonstrate than it is to type.
But never mind about statistics and infections! 2006 is now upon us and looking straight into its eyes, we can see that these issues will continue to cause problems even as they evolve to evade new protection measures. If you're like most 'disconnected' executives, you'll find your least favorite 'IT guy' or 'MIS group' and press the 'Delegate' button. Unfortunately, if you're an individual, a responsible manager or just anyone with a shred of common sense, you instinctively know that relying entirely on others is not a good idea.
Here then, are my 3 simple tips for staying secure in the new year:
1. Don't get fooled
As the esteemed president of a certain superpower famously put it, "fool me once, shame on me...". Well, anyway. It was something like that. Just remember that not all incoming emails are inoffensive and that not all Web sites are legitimate. While you're at it, don't hesitate to verify the identities of telephone callers and unknown people around the office, they might just be heading for your workstation (and you know they still have 9 minutes before your password-protected screen-saver kicks in).2. Just because they exist doesn't mean you should buy them
Gadgets are amazing things. They are tangible products that cause you to argue with yourself. You know you have survived without them so far, but being the only person in your cubicle with the ability to take your work files with you in MP3-playing wireless-Internet enabled sunglasses does carry some prestige. Get in the habit of thinking about the repercussions of losing control of the data you're responsible for (ask questions if you must), whether it's by having it intercepted in transit or simply by your stepping on that fancy new Blackberry.3. Don't give up on technology
You can only fight technical security threats using technology. Use a 'layered approach' to securing your computers and your work environment. Stick to trusted anti-virus, anti-spyware, personal firewall, reference Web sites and other resources and learn to use them. Understand what their error messages mean and don't just dismiss them when they ask for your input. If a fancy new 'security tool' presents itself, don't just adopt it. Look for reviews and get an expert's opinion before trusting it with your valuables. That goes as much for your ACME XP+ PRO anti-malware product as it does for your Brinkomax home alarm system. Do your due diligence before adopting new technology, but once you trust it, don't squelch it.
Happy Holidays and see you in 2006!
(but do read on)Claudiu Popa,
Editor
PRE-PROCESSED HEADLINES
Could keyloggers turn out to be the biggest IT security threat of 2006?
Security firm iDefense reported that 5 years ago, there were only about 300 keyloggers in existence. This year, 6000 new ones have been released almost doubling 2004's total. Criminals use the clandestine software to steal user details and impersonate them. This type of identity theft costs victims an average of $4000 and 81 hours to rectify the situation. Software keyloggers get installed through email or during Web surfing and imperceptibly send all keystrokes (and sometimes screenshots) to the criminals who created them. 2006 is poised to be a bad year as many keyloggers and rootkits continue to be undetectable and most criminals are adopting the practice by creating their own individual versions.
Rogers Communications accused of cover-up and profiting from criminal activity
Affiliates of terrorist organization Hezbollah cloned the mobiles of senior executives of Rogers Communications, including chief exec Ted Rogers. Even though the firm had technology in place to trigger alerts over suspicious departures in call activity, Rogers staffers were too frightened of inconveniencing bosses to do anything about the fraud according to the Globe and Mail
A law professor and a technology journalist investigated the story after one of them was billed $12,000 for calls she didn't make. Although the cell phone had been cloned, Rogers Communications refused to cancel the charges until the story was exposed by the Globe.
Pedophile surrenders after falling for bogus virus message
The Sober-Z virus has infected thousands of innocent computer users this winter, but one of them was actually guilty. A German man turned himself in after receiving a message indicating that his activities were being monitored by the police.
The unnamed 20-year-old German man mistook a message produced by the mass-mailing Sober-Z worm for an email from Germany's Bundeskriminalamt (Federal Crime Office) supposedly telling him his visits to illegal websites had been logged. He went to police in the city of Paderborn who charged the man after reportedly recovering images of child abuse from his computer.
Nazi worm promises January attack
Security outfit iDefense reported that the next Sober worm attack will take place on January 5th: the 87th anniversary of the founding of the Nazi party. According to the company one of the many variants of the popular Sober worm (see previous story) is designed to download an unknown package of code on January 5, 2006.
Infected computers will simultaneously download and execute this new set of instructions on that date. Additional information is not available, but industry watchers said that the threat of hacktivism is underestimated. The Sober worm scans hard drives for email addresses to send itself to.
What type of employee are you?
A study conducted by McAfee and ICM Research in Europe 'discovered' that the actions of employees - either through carelessness, ignorance or malice - continue to place companies at risk. If you're a regular PULSE reader, you know that I'm a strong advocate of security awareness training as opposed to blaming employees for being stupid. Be that as it may, McAfee has come up with a handy dandy guide for compartmentalizing such employees:
The Security Softie - This group comprises the vast majority of employees. They have a very limited knowledge of security and put their business at risk through using their work computer at home or letting family members surf the internet on their work PC. The Gadget Geek - Those that come to work armed with a variety of devices/gadgets, all of which get plugged into their PC. The Squatter - Those who use the company IT resources in ways they shouldn?t (i.e. by storing content or playing games). The Saboteur - A very small minority of employees. This group will maliciously hack into areas of the IT system to which they shouldn?t have access or infect the network purposely from within.
What better time to defraud good samaritans than the holidays!
2005 was a big year for natural disasters but it was also an opportunity for fraudsters to take advantage of the good will of charitable donors. Following in the footsteps of the criminals who set up fake charity donation sites for Tsunami victims, fraudsters recently hacked a UK-based Christian charity and stole the financial and transactional details of some 2000 donors. They have already tried to impersonate charities while contacting some of the charity-friendly victims.
Most security breaches are never detected, but this one was. "We are all in a state of shock,? said Neville Kyrke-Smith, National Director at Aid to the Church in Need UK. ?Apart from the obvious distress to benefactors, we're concerned that our charity identity has been stolen. However it's the beneficiaries, those who need the money the most, who will ultimately suffer. I urge all charities to regularly review their website security and make sure all software is up-to-date."
As the number of non-profit organizations and charities grows and takes greater advantage of the Internet, we will be seeing more security incidents due to small or non-existent budgets for security and the rush to simplify the donation process. For more information, refer to my 2003 paper: Secure Philanthropy, from the White Papers link below.
Santa Claus Worm is infecting computers through instant messaging
The Santa Claus worm presents itself as a harmless image of Santa Claus and appears to be sent from someone known to the recipient. If victims click the file a worm is loaded on to their computer. The worm then sends the same message to everybody on that person's address list. The new worm joins 70 others already making the rounds through popular instant messaging applications from AOL, Microsoft and Yahoo.
Although this virus is more festive than malicious, others are not so jolly. With an instant messaging bot or worm, hackers can infiltrate, steal information and carry out denial-of-service attacks on corporate networks. more info on IM viruses.
Worth reading: How do you react to pop-up messages and security warnings?
As we all know, no security at all is better than a false sense of security. This has little to do with the following article, but it was my last opportunity to mention it this year. This article deals with cryptic messages that users are bombarded with on a daily basis. Do you know what to do when a program asks you to Allow or Deny access? Store passwords in memory or not? Remember this setting next time? Well, users all over the world are baffled, and the resulting confusion may lead to problems that will eventually culminate in that false sense of security. The article is well worth reading.
Main Site | White Papers | Free Software | News & Articles | Forward to a Friend
Claudiu
Popa is a certified security
professional (CISSP, PMP, CISA) and president of Informatica Corporation,
a Toronto-based consulting company with a strong focus
on education. Over
the past decade, Claudiu has focused on helping companies
improve their information
security. Today, he brings effective security to corporate
boardrooms, helping organizations manage security, awareness and
compliance programs. Claudiu can be contacted by simply replying
to this message (and he promises not to respond in the third
person). He welcomes your suggestions and
comments regarding this publication.
About
your humble scribe:
About the Company:
At a governance level, Informatica Corporation is a Canadian security firm with unmatched expertise in regulatory compliance, information risk management and corporate education. At a lower, more technical level, a diverse, high profile clientele trusts Informatica to secure Web sites, applications and workplaces. At every layer, Informatica protects information security and data confidentiality. Visit us at http://www.informationsecuritycanada.com/
use this
link to subscribe.