Security is only as secure as the user
At
the end of last year, the World Conference on International
Telecommunications met behind closed doors in Dubai to discuss the
future of the Internet. The secretive meeting of 290 plus countries
produced scare headlines that countries were out to hijack the Net and
Web.
There
were a ton of proposals some say could endanger privacy and the
unfettered, free flow of information as well as making it easier to
track and trace users.
A few weeks later, coverage faded like last week’s news.
ADVERTISEMENT
Nothing changed.
It’s pretty tough to manage, control, dictate something that exists nowhere and everywhere … a network of networks.
Countries
can still block and filter access, but there’s always a way around the
situation. There’s always a group of really smart and devious folks who
just love a challenge.
That’s probably why Sherman Hand recently wrote:
– More than 1 million computers are successfully exploited every single day — one every 14 seconds
– 39 percent of the world’s computers are infected by some type of malware of
– 90 percent of the world’s companies suffered network breaches last year
– One out of every seven adults has his or her online financial information, identity, or passwords compromised every year — 280 million breached records in the last eight years
– 82 percent of malicious websites are hosted on hacked legitimate websites
Source – ABI Research
Yes, Probably, Maybe – Most
firms are certain they have lost valuable information/data; and if it’s
financial records, few readily admit the loss. The bar chart indicates
how many incidents the firms have had over the past 12 months.
– A single hacking event can easily cause more than $100 million in damages
– Hackivist groups such as Anonymous routinely break into the world’s largest companies and global investigation authorities
– Hacks routinely result in millions of leaked passwords
– Back in 2003, a worm – SQL Slammer – infected almost every possible unpatched computer it targeted in 10 minutes
Source – SmartBrief
Mobile Freeware – With
nearly one million iOS, Android and Windows apps available, and with
most of them free, they are like honey to a bear for most users … just
too hard to resist. While app store owners are working to protect you,
it is still “let the freeloader beware.”
– Malware is popping up on every mobile platform.
– Spam is still above 65 percent 10 years after passing the CAN-SPAM Act.
– One out of every 14 Internet downloads is malicious.
– The annual cost of cyber crime is estimated at $114 billion.
– Successful prosecution for Internet cyber criminals is less than 0.01 percent.
– Hacking by nations is so pervasive that Google automatically alerts users of potential state-driven threats.
– Complex malware proves again and again it can bypass any computer security defense.
No wonder the online/on device security business is so huge.
Source – Infonetics Research
Big Biz & Growing – Computer
security has historically been a fairly steady business; but with
mobile computing, tablets and smartphones being used everywhere –
including the office – it has become increasingly important. The
challenge is that security is always one or two steps behind the bad
folks.
So how do you protect company and personal content?
You
encrypt it. You know, AES (Advanced Encryption Standard) that resisted
decryption by even the most powerful supercomputers available.
Bigger, Better
So how did folks get around it?
Countries built more powerful supercomputers.
Hacktivists
and cybercrooks take a more economic route … they tie hundreds of
thousands of hijacked PCs and tell ‘em to work together and drill away.
They simply tell the systems what Robert Langdon said, “I need access to the Vatican Archives,” and let them go to work.
All of that sounds both good and hopeless.
Good because countries and companies are working hard at it to protect themselves and their “special data.”
Bad because that means the keyboard interface – user – goes along fat, dumb and happy figuring “Hey, it’s their job, their responsibility to cover my behind.”
We’ve
all heard how even really smart folks have been hooked in to really
dumb situations when they’re on their computers and increasingly, on
their tablets and smartphones.
Source – Xcentric
One Born Every Minute – It’s
surprising some of the dumb offers people send out to entice users.
While organizations install and maintain extensive (and expensive)
security solutions, it is just real hard to keep the keyboard interface
from being dumb, dumber.
Something for Nothing
Human
vulnerabilities–ignorance, inattention, greed, gullibility—are a whole
lot easier to exploit than really beefed-up systems. And they’re
probably a lot more fun for the hactivist and cybercriminal.
There
are actually two types of people these bad guys/gals like to find in
the organization – the overly brilliant rogue and the clueless
computerist.
The
ubergeek ignores or subverts security controls inconveniencing the work
of others at the very least and at his/her worst, leaving back/side
doors open to the system.
The
naive, amateur is just as bad because he/she can get a message that
he/she has overused storage or exceeded email quota and needs to go
“here” to let managers correct the situation. Or they get an official
looking email from their bank, government agency and need to clarify a
situation “here.”
And if you think it’s only or mainly a computer issue, you’re … wrong!
Bad
guys/gals follow the money and we all know the real action is with
mobile devices today … we (especially our kids) use them for just
everything … including purchases.
Source – New York Times
Born Online – Gen
Cers (generated connected) don’t realize there was a time when people
weren’t constantly online, constantly available, constantly sharing.
When they first go online with a computer, tablet or smartphone, parents
should help, guide, advise, observe their activities and help them
learn to be cautious.
In
fact, a security specialist noted that it took mobile malware writers
only two years to achieve – and surpass – everything that had been
developed and refined for the PC in 10 years.
Camerlengo Patrick McKenna looked the situation over and said, “We are under attack from an old enemy.”
False Safety
iPhone
users like to take comfort (unwarranted) that all the bad folks are
focusing on Android phones with their mobile malware writing but that
ain’t exactly true.
Always On – We
were more than a little surprised to see how much time the average
mobile Internet user actually spends on his/her online activities.
Unfortunately, texting wasn’t included in the study because we know the
kids would have burned up hours instead of minutes; but then, texting is
data minutes, not wireless activities.
With
the average smartphone, users can expect to encounter malware attacks
10 percent of the time; and with smartphone web browsing becoming the
preferred access tool – especially for millenials and GenCers – experts
estimate that they’ll encounter malicious links as much as 40 percent of
the time.
That’s probably why mobile device security is a big business and getting bigger by the minute.
Growing Up – While
mobile security sales are only just beginning, many organizations are
going to place more faith in hardware security solutions, especially
when the devices are used as mobile wallets and within corporations. The
best security though is sound hardware and software plus cautious
users.
Experts
agree that mobile hacking is still in its infancy; but with hundreds of
thousands of iOS and Android (O.K. Windows too) apps out there, it’s
not too soon to begin offering protection.
Or, as Camerlengo Patrick McKenna said, “Open the doors, and tell the world the truth.”
That’s especially true if mobile shopping and wallets are ever going to amount to a hill of beans.
Money On-the-Go
Mobile
shopping, mobile wallets and mobile banking all look real appetizing to
bad folks; and after the past successful mobile shopping holiday,
they’re salivating.
Security
experts agree that smartphone users are more likely than computer folks
to click on dangerous links or download over-aggressive apps,
especially with so many free or nearly free apps to choose from.
Ten
years ago hactivists and cybercriminals were just a minor nuisance.
Today, they’re bringing down companies and countries. Smartphones,
tablets and, in fact, the whole BYOD (bring your own device) movement
have created tremendous areas of concern.
Road Hazards – Perhaps it
would be easier for hardware, software and security managers if there
were only a few challenges that they faced daily. The problems are there
are opportunities for disaster everywhere and they are all relatively
new and unproven territories.
Add
to that cloud computing/storage, cheap flash drives and emboldened
hactivist groups have made the online world one everyone really needs to
understand and act cautiously – question everything – when they venture
out.
According to Symantec, cybercrime is a $388B worldwide business – bigger, more profitable and less dangerous than drugs.
Source – “Angels & Demons,” Columbia Pictures
Vittoria Vetra explained why the Net/Web still stands, “The
antimatter is suspended in an airtight nano-composite shell with
electromagnets on each end. But if it were to fall out of suspension,
and come into contact with matter, say with the bottom of the canister,
the two opposing forces would annihilate one another. Violently.”
-
ADVERTISEMENT
-
ADVERTISEMENT
-
ADVERTISEMENT
-
ADVERTISEMENT