I have put together five steps that you can take under consideration when evaluating your home or business computer systems. These steps will be presented in five parts.
The University of Georgia network security system fight off 80,000 to 90,000 potential attacks daily. At the Bank of New York, sensors catch millions of security "events" in a month and "we don't even treat the scripts that run out there or worms flowing across the Internet at any point in time as an incident because they are not entering the network," notes Eric Guerrino, the bank's head of information security.With all the threats floating around in the cyberjungle, how do you sniff out a serious Information Technology security breach? The best defense requires a mix of technology muscle and human interpretive skills. Detection systems are essential tools, but it's up to professionals to make some informed distinctions.
I have put together five steps that you can take under consideration when evaluating your home or business computer systems. These steps will be presented in five parts. Now, let's begin:
Step No. 1: Let the Bells and Whistles Alert You about the Initial Attack
The Bank of New York's incident-response team sizes up threats based on some critical calculations: the probability of imminent attack, the probability that an attack will succeed once attempted and the potential damage of the attack if it proves successful; the location of the potential targets, the host operating systems and their associated vulnerability to the attack; and the sensitivity of the data residing on affected devices.What gives an organization the best chance to safeguard itself? The critical elements include multiple levels of traditional and emerging security monitoring tools; an analysis system capable of crunching copious amounts of event data; and the ability to process observations from employees and customers. Firewalls and intrusion-detection systems are the old reliables of detection technology. Standing at the intersection of internal networks and the public Internet, firewalls are the established first barrier to external attacks. Intrusion-detection systems, which joined the security force in the late 1990s, monitor networks for suspicious activity. Intrusion-prevention systems go a step further, monitoring traffic and then initiating an automated response, such as dropping a particular packet of data. Old-school intrusion-detection systems identify threats based on the signatures of known attacks. But some new threats are too nimble for that: So-called "zero-day" attacks occur at the same time a vulnerability is discovered, leaving no time for the creation and distribution of signatures. To address this, security teams have supplemented signature-based systems with behavior-based detection technologies, which establish a baseline of normal network traffic. The systems then search for anomalous patterns, for example, traffic coming from a network at a time when no one should be using it, helpful in flagging previously unknown types of attacks.
In responding to zero-day exploits, their biggest concern, Bank of New York deploys hundreds of intrusion-detection and intrusion-prevention sensors that record events on a daily basis. Its intrusion-detection/prevention systems shield the bank from the vast majority of exploits, and only a fraction of the events warrant a security-breach investigation.
The University of Georgia also uses an intrusion-detection/prevention combination. The university operates a Security Operations Center that monitors its intrusion systems around the clock and also minds firewalls, virtual private networks and other security products.
Because cyberpredators and other cybercriminals are becoming smarter and more sophisticated in their operations, they are real threats to your personal security and privacy. Your money, your computer, your family, and your business are all at risk.
These cybercriminals leave you with three choices:
Remember: When you say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!
© MMVII, Etienne A. Gibbs, MSW, The Internet Safety Advocate and Educator
Living in the Age of the Internet Gangster, Part Three of Three: Sleeping with the Phishes . . .
One of the newest phishing trends to emerge has almost everybody in the security industry concerned: Trojan phishing. So-called Trojan programs, named after the horse of mythology that put the Greeks inside Troy's city walls, disguise themselves as beneficial files, but actually enable hackers to gain access to computers from remote locations to steal account information directly from a computer.Living in the Age of the Internet Gangster, Part Two of Three: An Evolution of Professional-class ..
Members of the hacker community throughout that region now are adapting to take advantage of the latest phishing scams. As a natural transition is taking place, "phishing" is the term applied to online schemes that attempt to lure people into giving up sensitive information, such as passwords or credit card numbers, by masquerading as trustworthy sources.Your Child's First Year at College: Prime Target for Identity Theft?
If your son or daughter is a recent high school graduate and college freshman, he or she is the ideal target cybercriminals are looking. "Why?" you might ask. For cybercriminals the answer is easy and highly profitable.