Everything I'm reading these days indicates that hacking and malware infections are going to increase in 2012. I don't need to provide references here because everything you're reading does too. Yet all the software you need to secure computers, both corporate and personal, is available for free. There's everything from scanning and blocking to diagnosing and disinfecting the computing devices you depend on. So how come we're poised for continued growth in data theft and general cyber-mischief?In short, you're the weakest link. If it weren't for you, your computer would have a much higher chance of leading an infection-free existence, gracefully growing old and slowly descending into obsolescence. Instead, you may hear yourself thinking out loud: "it was fast at the beginning, but now it's so slow I'm thinking of getting a new one". This platform-independent mantra is no doubt very depressing for laptops and smartphones to overhear and even the shiny new tablets, smug in their reliance on a firmware-based operating system, aren't too far behind.
What are your options? Panic? Trade in your new tablet for a stone tablet? Pester the one social recluse in your family with open-ended questions?
The latter is always a good idea (although you can't go wrong with the first two either). Make sure you corner him (it's always a 'he') at the family party this holiday season and don't let him take another sip of the eggnog until he makes an effort to put his answers into plain English. Pull up a chair, make him feel special, for once!
In the failing case, here are three (because no one can really retain more than that anyway) tips for you to better understand computing security in general, and in particular over the next few months, as the reliance on technical attacks on all platforms (not just on mobile devices, PCs, or 'in the cloud') gives way to plain old abuses of trust). At the very least, you'll sound smarter about this stuff, so here's some sage advice:
1. Sometimes things that increase convenience may increase your security risk
Just one example: URL shorteners. These handy little tools (aside from the fact that they build clickthrough statistics) may send you to malicious destinations and may contribute to the security problems that plague social networking sites. So click wisely.
2. Sometimes it's better to focus on the things that go out of your computer
We're on the Internet for a reason: to explore and access information. Each click is a request, an a consensual invitation, an implied permission and an open door to receiving information. So when that response happens to be malicious, it's difficult to see exactly what it's doing inside your computer, but it's relatively easy to block unauthorized software from 'calling home' and initiating outbound connections of its own. So look for personal firewalls with egress filtering and be cautious about approving connection requests.
3. Sometimes things that protect your privacy may decrease your security
You know that little 'lock' icon everyone tells you to look for when completing online purchases? And the 'secure tunnel' your IT guy tells you about when installing your remote access VPN into the office (so you can be 'productive' from home, naturally)? Those are great things. They protect the confidentiality of the data that you exchange with the big bad Internet, and also serve to protect your privacy. But they also make it next to impossible for security tools to inspect data traffic, see malicious code and the details of hacking attacks as they come and go. So use with caution, and appreciate that once encrypted, both good and bad data is protected from prying eyes (and be sure to have a memory resident scanner to detect the latter just before or immediately after scrambling).
Enjoy 2012 and if you know someone who could use the information, don't hesitate to suggest this blog.
Security assessments are always interesting. I know, I do them all the time. You can never guess what you'll find when you're investigating a breach a...
More shocking than the fact that yet another teenager has opted to take her own life as a direct result of (cyber)bullying is the public response to t...
I’m always impressed at the low-tech nature of today’s most brazen hacking attacks and abuses of identity. It’s inevitable that so...
The Canadian Border Services Agency (CBSA) has installed equipment designed to record video and audio in Canadian airports (and possibly other ports o...
LinkedIn is "unable to confirm <this week's> breach" involving millions of user passwords but agrees that passwords belonging to "some" of their...
What? You didn't know? Well now you do. Alan Turing had/was/exhibited one of the greatest minds in computer science. To him we owe not just artificial...