We are more than halfway through this year’s Cybersecurity Awareness Month, and so far I am not impressed with what I have seen of the federal government’s attempts to increase awareness.
We could spend time discussing who the government has working in their marketing department that came up with this year’s gem: “Stop. Think. Connect." Could they be any more ambiguous about a topic that desperately needs guidance? I really hope that this was done inside the Department of Homeland Security and that they did not use our tax dollars to have an outside agency come up with this.
We could also ask what our White House Cybersecurity Coordinator, Howard Schmidt, has done since posting a blog on October 1st. Other than this posting, I have not been able to find anything of relevance he has contributed to Cybersecurity Awareness Month.
I liken that to not seeing the Salvation Army on every corner in December.
The lack of any real progress by Schmidt or the Obama administration should not come as a surprise to anyone who follows this site, but it leads me to ask each of you: What have you done to be more secure this month? Have you bothered to change even one of your passwords? Have you updated your operating systems with all of the necessary patches? Have you at least spoken to your kids or loved ones about online safety?
In case you have been too busy, you still have time to do something that reduces your online risks. Following are a few suggestions.
Even though I migrated away from Microsoft Corp. (Nasdaq: MSFT) a few years back for security reasons, they still have the lion’s share of users. As a result, everyone who uses Microsoft should be using the automated update service that automatically pushes critical updates to your systems. I recommend that you only allow the service to download the updates instead of installing them automatically. You can effect this change by going to the Security Center within Control Panel. You should take the few minutes each month to install only those updates that apply to your system; and it is always good to know what changes are being made, so you can go back and un-install if it causes an adverse effect to one of your legacy applications.
Another must-have for Microsoft users should be Microsoft Security Essentials, which provides real-time protection for your PC that guards against viruses, spyware, and other malicious software. It is free and works seamlessly behind the scenes, unlike some of the other software you have to pay for. Essentials works so well that it is the only virus protection on my wife’s system, and she has not had any issues since installing it over 18 months ago.
Passwords are a complex issue, and everyone has opinions as to their value. Until we devise a better solution than passwords to access our systems and data, we have to make sure we update and manage this first line of defense regularly. I already provided some recommendations about managing and changing your passwords in a post last year, and I believe the recommendations are just as valid today as they were then.
However, many readers responded that they just have too many passwords to manage. I also fall into this category and have successfully used two password managers for a few years. I use 1Password for my Mac, and up until recently, I used RoboForm Pro when I was on a Windows machine. 1Password has just released a Windows version, and I am migrating everything to one provider for myself, but I am very happy with RoboForm as a product.
There are a number of other password management solutions available, and many offer the ability to cross platforms. DropBox, for instance, syncs wirelessly between devices so your passwords are always within reach.
I can’t predict the future, but I am confident that cyber-threats are going to increase over the next year, and every step you take to remain secure will reduce your online risk and keep you and your data secure.
— Tom Stamulis, Manager, Governance, Risk & Compliance Group, for a major service provider
Thanks Phavanhna. Well, I've have been blogging (and ranting), here anyway, in IntEvol for 2.8 yrs. As far as starting my own blog, I think the Internet has quite enough of those already. Besides, the majorty of ppl don't listen to good computer advice anyway (haha).
This is so critical. Can you remember all the websites that have purchased from and provided your creditcard details, your address or filled out a survey for?
Open WiFi, I see it all the time. I have a small customer with Open WiFi, they even had a bank account breach issue (which may have been related to this), I cannot get them to lock down their WiFi. Well, ok, stupidity IS an option, it's not MY network.
I know people who brag about jumping on their neighbor's open WiFi and I always wondered, what if their neighbor is doing that on purpose? Instead of thinking that way they are too busy cheering the fact that they are stealing and getting away with it. Nothing is free and if things start to happen to them I will gladly point out to them that open WiFis aren't safe at all. When I first got my WiFi I remembered taking the longest time in the world to make sure that it's locked. I still check to this day to make sure that it's still locked because one day I discovered it unlocked for whatever reason.
Working on another sick PC. The culprit: Fake Antivirus 2010; a nasty little bugger, made worse by a partially sick HDD. This lovely little bug controls the exe’s on your system so that anti-malware cannot be setup & run on an infected system. It knocked out SpyBot Search & Destroy 1.6.2 and MalwareBytes in normal Windows Mode. Cool. Not. SO, just for fun, I threw some Anti's at this:
TrendMicro RootKit Buster missed this (SWIIIiing & a miss!).
McAfee RootKit Detective missed this (SWIIIiing & a misssss!).
Panda AntiRootKit missed this (SAH-WIIIiing and a misssssss!).
Prevx 3.0 found it, cleaning isn’t free however.
AVG AV Free 9.0 finds the infection, but doesn’t do anything with it. It reports that the ndiswan.sys file is compromised. To double check this, I uploaded the sickly file to jotti’s online file scanner…whoa boy! There are 19 scanners on Jotti’s site, & most of the scanners flagged this as a “backdoor” nasty bugger. AVG Free 9.0 was installed on the system, but obviously didn’t stop the infection.
MalwareBytes (safe mode) found something, I thought it was removed, but came back.
Radix AntiRootKit found it, but crashed the system, twice.
GMER AntiRootKit found something unusual, but couldn’t remove it (it’s a bit hard to use).
ComboFix found something, removed something, but didn’t get it all it appears…something else popped back in there.
Finally ran Dr. Web Cure IT! - found "backdoor.maxplus 10" & KNOCKED it out! For free too. The smart Russian good guys do it again - Spasibo!
I’m not sure how comprehensive or competent the so-called “brand name” AntiRootKit scanners really are, such as: Sophos ARK, Panda ARK, F-Secure BlackLight, TrendMicro RootKit Buster, McAfee ARK, but these haven’t impressed me, AT all!
...or, how about a wet 2x4 upside the head month Tom? A lot of the issues could be simply avoided, if ppl, businesses & duh Guba'mint simply, or not so in some cases, just did what they should do.
Had a user, cleaned her infected laptop; PW protected her Admin account (and told her to not use Admin level - in one ear & out the other) so the "Kids" Limited account couldn't get in as Admin. She removed the password. Laptop got all messed up again. I cleaned it again $$.00, and she asked me why this happened again? Well, doing what you're told to by a security conscious I.T. guy is a real good start.
Open WiFi, I see it all the time. I have a small customer with Open WiFi, they even had a bank account breach issue (which may have been related to this), I cannot get them to lock down their WiFi. Well, ok, stupidity IS an option, it's not MY network.
Former customer had a Windows server with no Anti-Virus...nnnnice.
3 most important things with computers: BACKUPS, BACKUPS, BACKUPS. Folks thinktheir HDDs in their Servers, PCs, Laptops will never fail, hence, use no backup routines. Read these & weep: 1, 2, 3.
AV, AV, AV, it expires or AV isn't installed, then WHAMO! Hello John & Jane Q Public, meet Russian/Korean/Chinese hackers; & here are there CC#'s, Passwords, SS#'s (IT CAN'T HAPPEN TO ME! Ah, sorry just did).
I tell 'em to use the latest Web browsers available: IE8, Chrome, FF (Chrome is decent now; secure & fast, except for a irritating Tab issue in v7.0.517.41); I STILL see IE6 out there.
Oh & they gotta have their Facebook..."tip toe, thru the minefield...in the morning..."
Passwords: %$#&*!! They whine & complain & complain; SHUT UP. Use a strong password & memorize it already! Engage the brain, t'aint THAT hard.
Your frustration with society is completely understandable. Also, I think you may have something with your rant. We should just have "common sense" where your ideas and some of the other recognition ideas that should be just 'common sense' are celebrated.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Everyone has heard at least one oxymoron like government efficiency, military intelligence, or ethical hacker. I am not afraid to admit the term cybersecurity joins the list.
Daylight savings, spring cleaning, getting your oil changed, and replacing smoke detector batteries -- all have something in common; they all are completed on a schedule. So it’s about time those of us brandishing iPhones, BlackBerrys, and other PDAs like they are body parts start to embrace some scheduling that can protect our identity and build a more secure Internet environment.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Ushering in a new era of cognitive computing systems, IBM announced today the IBM Watson Engagement Advisor, a technology breakthrough that allows brands to crunch big data in record time to transform the way they engage clients in key functions such as customer service, marketing, and sales.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Email This
