America is at war.
No, not just the war in Afghanistan.
There is a war underway that uses computers and software instead of guns and bullets, a "cyber war".
Last week the Washington Post (9/21/12) reported that Iran has been engaged in cyber-attacks against major US banks including JP Morgan Chase and Bank of America. The attacks include efforts to disrupt their networks and bring down their web sites through Denial of Service (DOS) attacks that flood their networks with messages.
Senator Joe Lieberman (I) is quoted as saying that he feels this was not independent hackers but a sophisticated effort by the Iranian military to disrupt key components of the American economy.
Iran has denied they caused the attack, but it is widely believed that the Iranians have stepped up the cyber capabilities since they were the victim of a computer virus that attacked their nuclear facilities, known as the Stutznet Virus. Just today, the head of the Iranian Revolutionary Guard asserted that they are prepared for a "Cyber War" that he believes could cause more destruction than a "physical confrontation". (Reuters 9/25/12)
This is not a new phenomenon and it is growing. Gen Keith B. Alexander, head of the US National Security Agency asserted that cyber-attacks against US Infrastructure increased by a multiple of 17 between 2009 and 2011 (NY Times 7/26/12). These attacks have targeted infrastructure such the electrical grid, water supply, computer and cell phone networks.
The Iranians are certainly not the only foreign attacker. The Chinese are believed to be heavily engaged in hacking into American corporate and governmental networks. Although they seem more intent on stealing technology and gaining intelligence for economic gain, there has also been an ominous focus on oil and energy related infrastructure (CBSNews.com 9/20/12).
Should this matter to the average computer user or web site operator to do?
Well, besides the fallout from disrupting infrastructure and the economy the average person can be directly affected.
First, viruses intended for one target may hit other targets. There are some nasty viruses floating around that appear to have been intended for Mideast targets that have made their way to Europe and the US. Anytime you visit a web site and download a file you could be at risk. How do you know who really operates that site with those Kate Middleton pics?
Second, a common technique of these attacks is to enlist unwitting computer users into participating. This is called creating a network of bots, aka "zombie" computers by infecting and controlling a user's computer for nefarious purposes. Such "bonnets" are the number one source for sending spam email and Denial of Service attacks. The use of these computers makes it difficult to trace the original source and the computer owners may not even be aware that they are being used.
Zombies may be popular today in film and fiction but you do not want your computer to become one. You may "only" experience performance issues, but you could also be open to further infection.
What can you do?
First, all computer users should make sure they have the best available Firewall and Antivirus protection. That's true whether you are a home user, operating a corporate network or a web host. Home users should never be without protection because there are some very good free firewall and scanner systems available.
In managing corporate networks, it is helpful if you use "end point security management" systems that help you ensure that every computer on your network has the latest antivirus and firewall software that your company is using. A computer network is only as strong as its weakest link and most malware are unknown at the time they are unleashed.
That is why I believe the best antivirus software and firewalls use a whitelist system and sandbox technology. The way this works is the scanner only permits software to operate within your system if it is on a list of valid programs. If it suspects that any software has a problem, it will allow the program to run in an isolated system area called a sandbox. Based on its behavior in the sandbox, the AV software will determine if it is OK or should be deleted.
If you are the operator of a web site that exchanges personal information, such as an e-Commerce site, you probably know to use the Secured Socket Layer (SSL) that creates a secured encrypted connection between the web server and the browser. This will prevent you from unwittingly supplying malware to your site users.
However, this requires that you obtain and SSL Certificate and not all Certificates are the same. Beware of free certificates that are "self-signed". That means there is no verification that the web site the user is attempting to connect to is in fact the one it is purported to be. That means your users could be supply information to a hacker who will use it for nefarious and even criminal uses.
In addition, there are various levels of verification with SSL Certificates. Basic certificates just verify that the correct ownership of the web site, not that they are reputable. More advanced, enhanced certificates provide a higher degree of verification and protection.
If you do not want to be a casualty of the cyber war you need to make sure that you have best firewall and antivirus protection. Web operators who want to stay out of the line of fire need to use Enhanced SSL Certificates as well.
There is a cyber war underway and every computer user needs to be involved in the fight. by using the best antivirus software. Every web operator must keep their sites clean of infections and, if they exchange information with their visitors, use Enhanced SSL Certificates.
Posts
0 comments:
Post a Comment