Tek Toyz Insider: Security is Only as Secure as the User

At the end of last year, the World Conference on International Telecommunications met behind closed doors in Dubai to discuss the future of the Internet. The secretive meeting of 290 plus countries produced scare headlines that countries were out to hijack the Net and Web.

There were a ton of proposals some say could endanger privacy and the unfettered, free flow of information as well as making it easier to track and trace users.

A few weeks later, coverage faded like last week’s news.

Nothing changed.

It’s pretty tough to manage, control, dictate something that exists nowhere and everywhere … a network of networks.

Countries can still block and filter access, but there’s always a way around the situation. There’s always a group of really smart and devious folks who just love a challenge. That’s probably why Sherman Hand recently wrote: – More than 1 million computers are successfully exploited every single day — one every 14 seconds

– 39 percent of the world’s computers are infected by some type of malware of

– 90 percent of the world’s companies suffered network breaches last year

– One out of every seven adults has his or her online financial information, identity, or passwords compromised every year — 280 million breached records in the last eight years

– 82 percent of malicious websites are hosted on hacked legitimate websites

Yes, Probably, Maybe –– Most firms are certain they have lost valuable information/data; and if it’s financial records, few readily admit the loss. The bar chart indicates how many incidents the firms have had over the past 12 months.

– A single hacking event can easily cause more than $100 million in damages

– Hackivist groups such as Anonymous routinely break into the world’s largest companies and global investigation authorities

– Hacks routinely result in millions of leaked passwords

– Back in 2003, a worm – SQL Slammer – infected almost every possible unpatched computer it targeted in 10 minutes

Mobile Freeware –– With nearly one million iOS, Android and Windows apps available, and with most of them free, they are like honey to a bear for most users … just too hard to resist. While app store owners are working to protect you, it is still “let the freeloader beware.”

– Malware is popping up on every mobile platform.

– Spam is still above 65 percent 10 years after passing the CAN-SPAM Act.

– One out of every 14 Internet downloads is malicious.

– The annual cost of cyber crime is estimated at $114 billion. So it is no wonder businesses are doing all they can to stay one step ahead of hackers. You can too, just by doing a quick google search into Zonealarm mobile Security and seeing what steps you can take to keep everything on your mobile safe, especially when you use public wifi.

Penetration testing is one way of doing this.

– Successful prosecution for Internet cyber criminals is less than 0.01 percent.

– Hacking by nations is so pervasive that Google automatically alerts users of potential state-driven threats.

– Complex malware proves again and again it can bypass any computer security defense.

No wonder the online/on device security business is so huge.

So how do you protect company and personal content?

You encrypt it. You know, AES (Advanced Encryption Standard) that resisted decryption by even the most powerful supercomputers available.

Bigger, Better— So how did folks get around it?

Countries built more powerful supercomputers.

Hacktivists and cybercrooks take a more economic route … they tie hundreds of thousands of hijacked PCs and tell ‘em to work together and drill away.

They simply tell the systems what Robert Langdon said, “I need access to the Vatican Archives,” and let them go to work.

All of that sounds both good and hopeless.

Good because countries and companies are working hard at it to protect themselves and their “special data.”

Bad because that means the keyboard interface – user – goes along fat, dumb and happy figuring “Hey, it’s their job, their responsibility to cover my behind.”

We’ve all heard how even really smart folks have been hooked in to really dumb situations when they’re on their computers and increasingly, on their tablets and smartphones.

Something for Nothing Human— vulnerabilities–ignorance, inattention, greed, gullibility-are a whole lot easier to exploit than really beefed-up systems. And they’re probably a lot more fun for the hactivist and cybercriminal.

There are actually two types of people these bad guys/gals like to find in the organization – the overly brilliant rogue and the clueless computerist.

The ubergeek ignores or subverts security controls inconveniencing the work of others at the very least and at his/her worst, leaving back/side doors open to the system.

The naive, amateur is just as bad because he/she can get a message that he/she has overused storage or exceeded email quota and needs to go “here” to let managers correct the situation. Or they get an official looking email from their bank, government agency and need to clarify a situation “here.”

And if you think it’s only or mainly a computer issue, you’re … wrong!

Bad guys/gals follow the money and we all know the real action is with mobile devices today … we (especially our kids) use them for just everything … including purchases.

False Safety— iPhone users like to take comfort (unwarranted) that all the bad folks are focusing on Android phones with their mobile malware writing but that ain’t exactly true.

With the average smartphone, users can expect to encounter malware attacks 10 percent of the time; and with smartphone web browsing becoming the preferred access tool – especially for millenials and GenCers – experts estimate that they’ll encounter malicious links as much as 40 percent of the time.

That’s probably why mobile device security is a big business and getting bigger by the minute. Good news for companies such as FraudWatch International.

Experts agree that mobile hacking is still in its infancy; but with hundreds of thousands of iOS and Android (O.K. Windows too) apps out there, it’s not too soon to begin offering mobile threat protection.

Or, as Camerlengo Patrick McKenna said, “Open the doors, and tell the world the truth.”

That’s especially true if mobile shopping and wallets are ever going to amount to a hill of beans.

Money On-the-Go— Mobile shopping, mobile wallets and mobile banking all look real appetizing to bad folks; and after the past successful mobile shopping holiday, they’re salivating.

Security experts agree that smartphone users are more likely than computer folks to click on dangerous links or download over-aggressive apps, especially with so many free or nearly free apps to choose from.

Ten years ago hactivists and cybercriminals were just a minor nuisance. Today, they’re bringing down companies and countries. Smartphones, tablets and, in fact, the whole BYOD (bring your own device) movement have created tremendous areas of concern.

Add to that cloud computing/storage, cheap flash drives and emboldened hactivist groups have made the online world one everyone really needs to understand and act cautiously – question everything – when they venture out.

Source: Content Insider | Andy Marken

Have a question for the 3DGuy?
Please leave a comment and we will reply to you.
Copyright ©2013 Al Caudullo All rights reserved. The content and photos within may not be distributed electronically or copied mechanically without specific written permission. The content within is based upon information provided to the editor, which is believed to be reliable. Data within is subject to change. Al Caudullo is not responsible for errors or omissions.

Leave a Reply

Your email address will not be published. Required fields are marked *