Instantly download your FREE Guide to Success in 2011::
Quick Links
On Twitter
On YouTube
RSS Feed
On Facebook
Invisible Guardians
Sunday, 28th September 2008
’)
Hi Everyone, I’d like to begin this week’s post by highlighting a comment that I received about last week’s post on the importance of protecting your dreams. “If you want to realise your dreams - WAKE UP” this slogan was used in a rural school in Tasmania to educate students on the negative impact of drugs and alcohol. Thanks HEAPS Cindy for such a powerful quote!
Now, a couple of weeks ago I attended an ACS Education Across the Nation event on Security and it was one of the most interesting presentations that I’ve attended. The presenter was Robert Lowe (no relation to Rob Lowe from the West Wing!) and he works for AusCERT - the Australian Computer Emergency Response Team. Basically these are the guys who work behind the scenes to ensure that computers in Australia are safe and secure from major information technology threats such as viruses, hacking and even cyber terrorism!
Rob mainly spoke about AusCERT’s Home Users Computer Security Survey conducted earlier this year and alarmed all of us in the room with his statistics. Some of the more alarming stats were - 6% of survey respondents still used dialup modems (like riding a horse when everyone around you has cars and motorcycles); 5% use their neighbour’s unsecured wireless internet; 11% never updated their antivirus software; and 46% of respondents believed that if they visited a website and a little padlock appeared at the bottom of their browser all their transactional details could not be viewed by hackers. The full report can be seen here.
So what does all this mean exactly? Well Australia has definitely adopted and embraced computer and internet technology however there is a still a lot of misunderstanding surrounding the security of home and business computer systems. Most people hear buzz words like “anti virus” or “firewall” but don’t take the time to understand how this software protects their computer, and how to keep this software updated so that it continues to do their job. Computer equipment manufacturers make the task worse as they often include trial versions of protection software that mislead consumers to think they are fully protected when instead they should be educating users on how to protect their computer first, and then introducing them to the software that will protect them.
Other than provide information on home computer related security, AusCERT do a lot of other things. They research and monitor global computer network threats such as viruses and hacking exploits and also assist companies to formulate strategies for preventing and or managing such incidents should they occur. Think of them like an invisible team of computer experts who research threats and protect Australia’s information technology systems.
They sound like a huge secret organisation capable of world domination but in reality their team consists of less than 20 computer professionals who are passionate about information technology security. They are a not for profit organisation and funded by a combination of Federal Government funds, membership subscription fees and fee for service operations. You’d also be very surprised to know that they don’t have some secret lair in some government building underground, but instead are based at The University of Queensland.
So given that AusCERT do a lot of research on information security threats, I asked Rob if his job allowed him to view questionable sites that most of us normal people would not get access to in our day to day jobs. He said that sometimes it was necessary to visit such sites, but purely for research purposes. What a GREAT job he must have!!!
Rob then spoke about malicious computer software but not really viruses more like specialist hacking programs such as key loggers and other data collection methods. For those of you who aren’t too tech savy with hacking tools, this is a very basic outline of how a key logger program works:
1. Hacker places a malicious software program, say a key logger on a web server so that users can download the program.
2. Then they start placing bits of code in various websites around the world that automatically downloads the key logger program without the computer user knowing what their machine is downloading.
3. The program downloads to the computer user’s hard drive and installs itself on the machine without the user knowing it.
4. Once installed the program begins to log every single key stroke on the machine and transmits this data back to a central data storage point that the hacker has instructed the program to transmit to.
5. The user might surf the internet for awhile until its time to do their online banking so they go to their bank’s website and then enter in their username and password details and gain access to their account.
6. Since the key logging program is running on the user’s machine, it has captured and transferred the user’s online banking website address and the user’s username and password.
7. The hacker reviews all the keystrokes collected periodically and comes across this information and is now able to visit the user’s online banking site, log in as the user and transfer the user’s money to the hackers bank account.
So as you can see, this is how everything works in theory, and that’s why it is REALLY important to have up to date antivirus software, spyware removal tools and practice good computer security such as changing passwords, not installing software that you have not downloaded and also not opening emails from people whom you don’t know.
Rob also mentioned that there was a huge underground market for computer programmers who wrote malicious software. Most of these programmers came from the former soviet union and since the cold war finished these people were no longer needed. But they still had amazing computer skills so they began to advertise their services through underground channels. So now you can enter these channels and request for a specific piece of malicious software to be created, a hacker will provide you with a quote and you can engage them to write the program for you and do whatever it is that you want to do. It’s an amazing idea but quite scary when you think of the consequences!
On a similar note, I’m sure all of us would have seen those emails originating from Nigeria stating that so and so’s uncle has passed away and they are looking for new bank accounts to transfer money into etc etc. Well Rob said that the information that those scammers use to contact people are gained from the former Soviet Union hackers. What they do is collect all of the information that comes through the key loggers, and then sift through all of the important information and then sell off the other bits of information to other people for them to use in their scams. Its a well organised ecosystem of scamming!
Another popular scam these days coming to inboxes all around the globe are from fake travel companies. A lot of us book travel online these days and so it’s a brilliant scam to be running around the place. Usually you can tell a dodgy email by looking at the subject, or the sender or even the contents of the email. This one is particular good because everything looks legitimate. The only thing that looked a bit weird was the fact that the attachment was a zip file and most travel companies today have software that doesn’t zip up travel documents before emailing them. Instead they use PDF files as they are generally more secure. So be aware of these new scams!
Finally I asked Rob about the possibility of Cyber Terrorism and he gave a really interesting answer. He said that terrorism these days is mostly about physical damage that create big public messages and you can’t really do that on a computer so to this day there have been no real solid instances of cyber terrorism in the world. The closest incident occurred in Australia in 2000 when an engineer used remote access to gain control of a sewerage pumping station near Maroochydoore in QLD and dumped raw sewage into public waterways. The article is here and is a good read of the potential threat that malicious computer usage can cause to people’s everyday lives. Rob was also kind enough to send me a link to an AusCERT paper on Cyber Terrorism and the article is available here.
It’s great that we have people like Rob and an organisation such as AusCERT looking after us little people and protecting our networks but there is only so much they can do. So with that in mind this week I challenge you to review your computers at work and at home to ensure you have the latest antivirus software and that it is up to date. Also check on your firewall software and make sure that is up to date also. This article lists 10 basic steps to protecting your computer so visit the site and learn more about simple things that you can do to prevent un-authorised users from stealing your valuable information.
Dream, Build, Inspire, Lead! - and SECURE your PCs!
AJ~
Like This?
Subscribe to Dream,Build,Inspire,Lead! to receive "The Best of Dream,Build,Inspire,Lead!" - your FREE guide to Making 2011 your BEST YEAR EVER! AJ Kulatunga is Australia's #1 Youth Motivational Speaker and helps Cool Young People all over the world to turn their dreams into reality through his live events and training programs. Learn his top 15 Secrets to Success and get a copy now!
Category:
Build, AusCERT, Rob Lowe, Computer Security, Antivirus, Cyber Terrorism
(0) Comments •
Comments
Post a Comment
Page 1 of 1 pages