- A TechNote on Information Security
- Dirk Racey, Private Security Investigator/Observer
You're probably asking yourself, "Who the heck is this Dirk Racey guy?"
Let me introduce myself. First, if you're of a certain age, you might remember my great-granddad, a fellow by the name of Dick Tracy. Dick was a police detective from the 1930s through the 1970s. He was one of the earliest users of interactive radio communications technology, the 2-Way Wrist Radio, which he ingeniously applied to catching criminals. I followed in Dick's footsteps and began investigating crimes of a different sort - computer security attacks - back in the early '80s.
This was after the late (and not much lamented) CP/M operating system had given way to the new and seemingly miraculous Windows PC. Back then, the Internet didn't yet exist for most of us, viruses weren't a serious problem, and private networks and email were only just appearing.
Over the decades since, the front in the computer-security war has expanded. For many years, our advance units for battling info infections and violations were governmental and corporate IT departments. Their biggest concerns were keeping the contents of their intranets private; walking the fine line between securing data as it moved through distributed organizational networks, while at the same time keeping outsiders where they belonged. And many companies, to their growing risk, still operate in this mode.
Our Newest Adversaries
But our adversaries - the slimy eThugs who create new viruses and worms, remotely scan and penetrate our PCs, capture our keyboard activity and try to bring Web sites, e-commerce, and even entire governments to their knees - have expanded this war into your offices, homes, schools and classrooms.
During my most recent investigation, I realized how helpless most users feel about electronic security and how truly helpless they AREN'T! True, the dangers out there are mounting. But so are the weapons that you can wield to protect your systems and even to take the battle back to the hackers' own front doors. And one of my many goals for these monthly columns will be to help individuals, IT departments and Webmasters start to make hackers' lives as miserable as the hackers have been making ours.
Defending our Homes and Offices
If this sounds like war, it is! Today's infosecurity battleground now includes your homes and offices. And you are its new foot soldiers. According to the international Anti-Phishing Working Group and law-enforcement association (APWG), nearly half (48%) of 22 million computers that were scanned in 2009 were infected with malware that (among other nasty things) steals user IDs, passwords and other private account information. And their 2011 study found that just this one kind of direct PC invasion had "reached an all-time high."
On the virus front, the European Union statistics office reported last year that nearly a third of EU PCs had been infected during 2010, even though a majority of these machines also ran antivirus software. But of course, all such statistics are understatements, since many computer users don't know that their PCs are compromised and therefore can't report it.
Government agencies, ISPs and corporate IT departments can do only so much to protect your PCs, servers and Web sites. Cyber criminals have brought the battle right to you, and they have made it personal.
So to help you fight back, every month I'll offer some ammunition or actionable intel that will help you shore up your own computer defenses and repel invaders. Some of my short dispatches from the front will update the basics (like managing passwords, antivirus programs and firewalls). Other tips will be a little more advanced (such as how to close security holes in your Internet routers). Still others will hopefully alert you to dangers you might not have heard about (like the risks of e-readers).
But I'll also try to sound alarm bells when new viruses and other attacks occur and even tell you how to karate-kick hackers where it'll hurt them most: right in their anonymity, their own servers and their precious databases.
So please check back at TechNotes often. You can defend your electronic turf and (for a change) push the battle back to the eThugs. This is hand-to-hand combat, folks. So don your helmets. We're all together here in the trenches.
NOTE: For security reasons, I don't give out my email address. However, if you would like to send email to my trusted alter-ego, Dave Powell, he will deliver the messages to me in a plain brown envelope.
Let me introduce myself. First, if you're of a certain age, you might remember my great-granddad, a fellow by the name of Dick Tracy. Dick was a police detective from the 1930s through the 1970s. He was one of the earliest users of interactive radio communications technology, the 2-Way Wrist Radio, which he ingeniously applied to catching criminals. I followed in Dick's footsteps and began investigating crimes of a different sort - computer security attacks - back in the early '80s.
This was after the late (and not much lamented) CP/M operating system had given way to the new and seemingly miraculous Windows PC. Back then, the Internet didn't yet exist for most of us, viruses weren't a serious problem, and private networks and email were only just appearing.
Over the decades since, the front in the computer-security war has expanded. For many years, our advance units for battling info infections and violations were governmental and corporate IT departments. Their biggest concerns were keeping the contents of their intranets private; walking the fine line between securing data as it moved through distributed organizational networks, while at the same time keeping outsiders where they belonged. And many companies, to their growing risk, still operate in this mode.
Our Newest Adversaries
But our adversaries - the slimy eThugs who create new viruses and worms, remotely scan and penetrate our PCs, capture our keyboard activity and try to bring Web sites, e-commerce, and even entire governments to their knees - have expanded this war into your offices, homes, schools and classrooms.
During my most recent investigation, I realized how helpless most users feel about electronic security and how truly helpless they AREN'T! True, the dangers out there are mounting. But so are the weapons that you can wield to protect your systems and even to take the battle back to the hackers' own front doors. And one of my many goals for these monthly columns will be to help individuals, IT departments and Webmasters start to make hackers' lives as miserable as the hackers have been making ours.
Defending our Homes and Offices
If this sounds like war, it is! Today's infosecurity battleground now includes your homes and offices. And you are its new foot soldiers. According to the international Anti-Phishing Working Group and law-enforcement association (APWG), nearly half (48%) of 22 million computers that were scanned in 2009 were infected with malware that (among other nasty things) steals user IDs, passwords and other private account information. And their 2011 study found that just this one kind of direct PC invasion had "reached an all-time high." On the virus front, the European Union statistics office reported last year that nearly a third of EU PCs had been infected during 2010, even though a majority of these machines also ran antivirus software. But of course, all such statistics are understatements, since many computer users don't know that their PCs are compromised and therefore can't report it.
Government agencies, ISPs and corporate IT departments can do only so much to protect your PCs, servers and Web sites. Cyber criminals have brought the battle right to you, and they have made it personal.
So to help you fight back, every month I'll offer some ammunition or actionable intel that will help you shore up your own computer defenses and repel invaders. Some of my short dispatches from the front will update the basics (like managing passwords, antivirus programs and firewalls). Other tips will be a little more advanced (such as how to close security holes in your Internet routers). Still others will hopefully alert you to dangers you might not have heard about (like the risks of e-readers).
But I'll also try to sound alarm bells when new viruses and other attacks occur and even tell you how to karate-kick hackers where it'll hurt them most: right in their anonymity, their own servers and their precious databases.
So please check back at TechNotes often. You can defend your electronic turf and (for a change) push the battle back to the eThugs. This is hand-to-hand combat, folks. So don your helmets. We're all together here in the trenches.
NOTE: For security reasons, I don't give out my email address. However, if you would like to send email to my trusted alter-ego, Dave Powell, he will deliver the messages to me in a plain brown envelope.
