The admittance by an executive from within the industry was sure to happen and doing so may have given more importance on how you implement online security at home and in the office for knowing you are never always protected is the norm of the internet. There is no one software or provider that can promise total protection whatever the case and you are always infected with one form or the other how ever expensive the anti-virus software you have installed on your computer system. The industry is also in a dilemma of how best to present information on the ones that got away and caused mayhem before they caught it and issued a cure. You only hear of the ones they get and not the other way round, why, it’s bad for business. Getting your clients to know that they are not the total solution might get them thinking that if that’s the case, why spend hundreds if not thousands of dollars a year for something that may be effective? There are even instances that these programs that are designed to protect us from viruses and malware being infected and doing the dirty work themselves.
All the hype about technology and new software development tools also mean nothing for the very people who does the programming for these anti-virus programs also have the ability to use it for no good. The reality of using the net is to accept the fact that every click may be your last and that is the gauntlet you walk each and every day as you surf, download and do whatever you wish over the internet. True that it has allowed us more freedom and information but it also opened up the world to these scoundrels who are up to no good.
The Cat’s out of the Bag (Part 1)
The Anti-Virus industry has been rendered ineffective for quite sometime and this came into attention only with one industry expert speaking out of the crowd to say so “AS IS”. We have all been under the impression that the security of our PC’s, Laptops and other computers has been quite effective and robust with online active updates that allows them to deal with evolving threats. The problem is as the discussion states, how do you deal with today’s millions upon millions of viruses and other forms of threats without super-computing status? You can’t, that is the reality we have to face that there is no one solution to the problem and that it is going to stay that way.
Anti-virus software engineers do their jobs round the clock to prevent these malware form doing the most harm on the millions if not billions of computers around the world that connects to the internet daily. As one sector of the globe goes to sleep, another wakes up to a new day of infections and threats that is exaggerated more by the constant online status of some pc’s meaning they are always connected whatever time of day it is. Imagine scanning through a database that can give you the ability to determine a virus among the millions of known types, variants and mutations (even with a super-computer it takes time) every time you download a file or click on an internet link, that would be unfathomable. The best these guys can do and hope for is that they (the many anti-virus vendors) get to the problem early on when the virus or malware is still propagating when they can still reverse engineer it, then issue the proper identifiers along with the removal instructions that they send out to their respective clients hoping they are still not infected and spreading the virus themselves.
If they already are infected, it takes more time to formulate an approach on how to remove the problem form the computer system leaving it untouched and without the threat. This is almost next to impossible for any seasoned PC user knows that anything that is installed stays installed (even fragments of files and other programs) long after the known un-install procedure has been done. The only sure way to clear an infected system would be to re-format the hard drive and then re-install the whole myriad of software and drivers that came out with the PC (most of them are lost during the years necessitating an online search from manufacturer sites and other help sites which may also be infected), losing them is suicide for a PC without proper drivers is like a car without brakes that constantly breaks down and has to try to get itself to run to a level of its former self.
Even with Gates Leaving, Microsoft is still the prime target
He has ruled the computer industry for a long time with the introduction of Windows through Microsoft and has left his mark on the lives of most if not all those who have used their software, Bill Gates has finally stepped out (for real this time) of the Microsoft management for good. Even as the news was still warm and getting out into the wild, another attack on the software giant has been detected and reported by the security provider WebSense about a fake OS patch that is aimed to address some vulnerabilities in Microsoft software. The supposed patch redirects users to a malicious web page that installs malware on the unsuspecting user.
βIt’s a deception attack, where it is made to look like a Microsoft update and the user has to take action, rather than an exploit where the user gets infected without saying yes to the download,β Hubbard said. (Hubbard is a Chief Technology Officer at Websense)
Most seasoned users of Microsoft products, know that the company does not send notification of software patches through email (which is done by their AutoUpdate system that automatically does all the work for you…. well, even without you for some updates are unstoppable if you have your system on automatic mode). Any unsuspecting user that clicks on the “Yes” button to get the said update gets a backdoor program installed instead without any warnings. The wide open door can then be used by hackers to obtain information about the user or even take over the victim computer as another minion in the never ending battle between malware and security experts. The hackers managed to go around spam filtering systems by using a redirection path that aims the browser to the web site of the US Secret Service which is a sure sign of more devious acts to come.
The complexity and knowledge of hackers on how to circumvent security is very much a threat to all internet users and still remains a real threat for all of us who use the internet each day.
Source : SC Magazine
CitiBank ATM-Pin Breach
Citibank an arm of Citi Corp, has suffered a data breach in the form of 7-11 Store installed ATM machines which were broken into by hackers who got away with millions according to the report on Yahoo News. The three hackers have been found, arrested and are currently under custody as the case is further studied and discussed in the courtroom.
The problem happened when these hackers got through third-party computers who handled debit card account transactions taking all the information they needed that was enough for them to engage in online transactions without the need for physical contact with any ATM machine.
The problem is another case of lax data security which in terms of ATM pins are said to be the most secure of all bank information systems for the potential is horrendous in terms of loss.
“PINs were supposed be sacrosanct β what this shows is that PINs aren’t always encrypted like they’re supposed to be,” said Avivah Litan, a security analyst with the Gartner research firm. “The banks need much better fraud detection systems and much better authentication.”
This shows that even with the repetitive problems and incidents of identity theft not everybody is listening and taking action to protect their information, as in the case of Citi Corp., their third party providers should have had ample measures such as encryption, and redundant security measures to prevent such incidents from even happening. Citi Corp., being one of the biggest multi-national banks with accounts all over the world should have check and balance systems that ensures customer information is safeguarded from such intrusions which in this case is going to cost them millions of dollars. The company has relied so heavily on systems based on Microsoft Software technology which has received continuous attacks and this is just another addition to the types of attacks they suffer from hackers.
Government Laptops and Computers get encrypted
Due to the recent problems associated with the loss of government laptops and security breaches such as the incident where the laptop of a Federal Trade Official was reported to have been compromised by reportedly Chinese operatives while on a trip overseas, the US Federal government has begun to encrypt their laptops in hopes of bolstering their security to prevent such security risks in the future. Let us just hope that they do it fast enough for no one wants to get their personal and financial information released online or obtained by enemies of the state (terrorists in layman’s terms). Of the estimated 2 million laptops the US government and the many agencies have, only 800,000 have had the encryption system developed by the Department of Defense and the General Services Administration.
Encryption is one of the most secure way pf keeping data safe from unauthorized access which renders them useless without the proper software or security keys. Comparable to the dial combination on a bank vault, the encryption process turns files onto a useless bundle of information that cannot be read or used for other purposes.
All this effort to boost security of information that is gathered and collated by the various agencies and even private businesses that have ties with the government though contracts have had their computers encrypted to ensure the information they handle and use stays secure and out of the hands of criminals who aim to use them against the government.
Half a Million IIS Servers Infected with Malware
Panda software, a developer of security systems and anti-virus software has raised the alarm regarding a massive cyber attack on vulnerable IIS Server based web pages. The malware once it gets in re-directs users to malicious sites from totally legitimate web sites. The infection grew from less than half a million infected servers to almost double that which is quite fast for a specific type of malware. Most developers who employ “code scrubbing”, which is removing information as it is saved into an SQL database are easy prey and are the intended target of the massive attack that is still taking place. An I frame is inserted to redirect users to malicious sites that can lead to identity thefts even with the users not knowing about it.
The attack is centered on Microsoft’s IIS web Server in particular ASP pages that have very strong ties to SQL databases. Panda and Fsecure have both identified the hidden code (“) that can be deep in their web pages and advises them to look for the string that re-directs people to other sites. Users and Site Administrators are advised to get all updates from Microsoft to remedy the problem and to halt the spread of this attack once and for all.
All this to bug people who use the web all over the world, in the never ending battle between hackers and those who are up to take them head on.