Posts

Cybersecurity Matters in The Election

The term “cyberattack” or cyberwarfare is defined as “politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.”

“Weapons of Mass Disruption” are a growing concern. The U.S. and many other countries are electrically and digitally dependent. Our critical infrastructures, including drinking water, sewer systems, phone lines, banks, air traffic, and government systems, all depend on the electric grid. After a major successful attack we’d be back to the dark ages instantly. No electricity, no computers, no gasoline, no refrigeration, no clean water. Think about when the power goes out in your house for a few hours. We’re stymied.

The New York Times reports “Defense Secretary Leon E. Panetta warned Thursday that the United States was facing the possibility of a “cyber-Pearl Harbor” and was increasingly vulnerable to foreign computer hackers who could dismantle the nation’s power grid, transportation system, financial networks and government.”

The threats of a cyberattack are real. Unfortunately tis is one of those “it’s not IF but WHEN” scenarios.

The AP reports “President Barack Obama wants owners and operators of essential U.S. infrastructure to meet minimum cybersecurity standards that the private sector and federal agencies would develop together.”And “Republican presidential candidate Mitt Romney says within his first 100 days in office he would order all federal agencies to develop a national strategy to deter and defend the country from cyberattacks.”

Whomever is elected president will face an unknown unseen digital enemy unlike any other president has seen in history.

Think before you click. Know who’s on the other side of that instant message. What you say or do in cyberspace stays in cyberspace — for many to see, steal and use against you or your government.

The Internet is incredibly powerful tool that must be used intelligently and cautiously. Do your part to protect your little network and we will all be that much safer.

Use antivirus software, spyware removal, parental controls and firewalls.

Back up your data locally and in the cloud.

Understand the risks associated with the wireless web especially when using unsecured public networks.

Protect your identity too. The most valuable resource you have is your good name. Allowing anyone to pose as you and let them damage your reputation is almost facilitating a crime. Nobody will protect you, except you.

Robert Siciliano, personal security expert contributor to Just Ask GemaltoDisclosures

Be Proactive During Cyber Security Awareness Month

We use the web to search, shop and to connect with friends and family. And in the process criminals are trying steal from us.

It used to be that a person only had to know not to open a file in an attachment from someone they didn’t know. Today there are more ways than ever that your PC can be hijacked.

Today you can simply visit a website thinking you are safe and the bad guy was there before you and injected code on the site and now it infects your out-dated browser. That’s a “drive by” and it’s very common today.

Protect yourself:

Update your browser. Internet Explorer and Firefox are the most exploited browsers. Whenever there is an update to these browsers take advantage of it.   Keep the default settings and don’t go to the bowels of the web where a virus is most likely to be. Consider the Google Chrome browser as it’s currently less of a target.. Systems using old or outdated browsers such as IE 5, 6, or older versions of Firefox offer the path of least resistance.

Update your operating system. Computers with old, outdated, or unsupported operating systems like Windows 95, 98, and 2000 are extremely vulnerable. No matter what brand of computer you are on you have to update the critical security patches for your Windows operating system. Microsoft will no longer support Windows XP after 2014, so start thinking about upgrading to Windows 7 or wait for windows 8 (which is pretty sweet). Go to Windows Update. Keep your critical security patches up-to-date by setting Windows Update to run automatically as well.

Update Adobe Reader and Flash. Adobe PDFs and Flash Player are ubiquitous on almost every PC. Which makes them a prime target for criminals. To update Reader go to Help then Check for Updates. To update Flash go here.

Don’t be suckered into scareware. A popup launches and it looks like a window on your PC. Next thing a scan begins. The scan tells you that a virus has infected your PC. And for $49.95 you can download software that magically appears just in time to save the day.

Beware of social media scams. Numerous Twitter (and Facebook) accounts including those of President Obama, Britney Spears, Fox News and others were taken over and used to make fun of, ridicule, harass or commit fraud. Often these hacks may occur via phish email

Surfing pornography websites increases your risk, as does frequenting gaming websites hosted in foreign countries. And don’t engage in risky online activities that invite attacks.

Downloading pirated content from P2P (peer-to-peer) websites is also risky. Remember, there is no honor among thieves.

Make sure to set your antivirus software to update automatically. Use a paid product that provides antivirus, antiphishing, antispyware and a firewall.

Robert Siciliano, personal security expert contributor to Just Ask GemaltoDisclosures

A look into the cyber security legislation: What does it mean for citizens?

The White House issued a statement in regards to our critical infrastructure – such as the electricity grid, financial sector, and transportation networks that sustain our way of life – have suffered repeated cyber intrusions, and cyber crime has increased dramatically over the last decade. The President has thus made cyber security an Administration priority.

From The Desk of President Obama: “We count on computer networks to deliver our oil and gas, our power and our water. We rely on them for public transportation and air traffic control… But just as we failed in the past to invest in our physical infrastructure – our roads, our bridges and rails – we’ve failed to invest in the security of our digital infrastructure… This status quo is no longer acceptable – not when there’s so much at stake. We can and we must do better.”

Members of both parties in Congress have also recognized this need and introduced approximately 50 cyber-related bills in the last session of Congress. The proposed legislation is focused on improving cyber security for the American people, our Nation’s critical infrastructure, and the Federal Government’s own networks and computers.

#1 National Data Breach Reporting. State laws have helped consumers protect themselves against identity theft while also incentivizing businesses to have better cyber security, thus helping to stem the tide of identity theft.

#2 Penalties for Computer Criminals. The laws regarding penalties for computer crime are not fully synchronized with those for other types of crime.

#3 Protecting our Nation’s Critical Infrastructure. Our safety and way of life depend upon our critical infrastructure as well as the strength of our economy. The Administration is already working to protect critical infrastructure from cyber threats.

#4 Protecting Federal Government Computers and Networks.  Over the past five years, the Federal Government has greatly increased the effort and resources we devote to securing our computer systems.

#5 New Framework to Protect Individuals’ Privacy and Civil Liberties. The Administration’s proposal ensures the protection of individuals’ privacy and civil liberties through a framework designed expressly to address the challenges of cyber security.

Our Nation is at risk. The cyber security vulnerabilities in our government and critical infrastructure are a risk to national security, public safety, and economic prosperity.

Think before you click. Know who’s on the other side of that instant message. What you say or do in cyberspace stays in cyberspace — for many to see, steal and use against you or your government.

The Internet is incredibly powerful tool that must be used intelligently and cautiously. Do your part to protect your little network and we will all be that much safer.

Use antivirus software, spyware removal, parental controls and firewalls.

Back up your data locally and in the cloud.

Understand the risks associated with the wireless web especially when using unsecured public networks.

Protect your identity too. The most valuable resource you have is your good name. Allowing anyone to pose as you and let them damage your reputation is almost facilitating a crime. Nobody will protect you, except you.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

Shoring Up National Cyber Security Infrastructure

The wild, wild web is the most exciting, alluring, and all-around awesome thing available to us today. It’s also something we have come to rely on to a fault. And that’s a little scary. The Internet is a decentralized wilderness, used by billions of devices worldwide.

Joe Lieberman, chairman of the Homeland Security and Governmental Affairs Committee, introduced a controversial bill designed to empower the United States to shut down the Internet, explaining, “For all of its user-friendly allure, the Internet can also be a dangerous place with electronic pipelines that run directly into everything from personal bank accounts to key infrastructure to government and industrial secrets, our economic security, national security and public safety are now all at risk from new kinds of enemies — cyber-warriors, cyber-spies, cyber-terrorists and cyber-criminals.”

Regardless of the politics behind the issue, shutting down the Internet would have dire consequence on everything from electricity, water delivery, transportation, and food production. We simply aren’t prepared for that kind of shift.

But the question remains, how do we shore up our nation’s critical infrastructure against online attacks?

States, governments, and corporations are investing billions in online infrastructure. Thousands of cyber security professionals are being trained to keep us safe. I can only hope that many are decentralizing their systems in order to become self-reliant if necessary.

While technologists and government leaders are sorting this out, the weakest link in the chain is still…drum roll, please…you.

Corporations and government agencies are legally required to secure their systems, at least minimally. But no such standards exist for the consumer. No laws require you to take a single step for the sake of your own security. Software vendors should certainly be held accountable if their products aren’t secure, but this alone is inadequate.

If you buy a bike for your child, for example, it’s up to you to teach him to ride safely, and to require him to wear a helmet. In many places, children are legally required to wear bike helmets. Similarly, you can’t drive a car without a license, and you can’t get that license without proper training.

It should be the same with technology. Before you come to rely on a smartphone or PC, you ought to receive training on how to use it securely. I have enough faith in people to believe that if we truly understand the consequences of inaction, we’ll come together and act to resolve whatever problems we face. We need to get together on this issue and do something about it…like, yesterday.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses the possibility of an Internet crash on Fox Boston. (Disclosures)

11 Tips to Secure Online Shopping

Here are 11 tips to have a safe online shopping experience during the holiday season:

  1. Avoid spoofed websites. Common sense says any time you receive an offer via an e-mail automatically be suspicious. The same goes with offers via tweets and messages received in any social media site.
  2. Don’t click the links in e-mails. Especially if it’s a too good to be true offer.
  3. Beware of cybersquatting and typosquatting which may look like the domain of the legitimate eTailer.
  4. Look for https:// in the address bar signifying it’s a secure page. Generally, scammers won’t take the time to set up secure sites. Note the closed padlock in your browser to back up the HttpS.
  5. Beware of e-mails coming for eBay scammers. If you are seeking deals on eBay, go right to the site and don’t bother responding to e-mails. Search deals on an e-mail directly on eBay.
  6. Look at the eBayers history. eBay is set up on the honor system. If the eBayer is an established seller with great feedback, they should be legit.
  7. Pay close attention to your statements. Check them every two weeks online and refute unauthorized charges within 2 billing cycles.
  8. Don’t use a debit-card online. If your debit card is compromised, that’s money out of your bank account. Credit cards have more protection and less liability.
  9. Avoid paying by check online/mail-order. Once the money is taken from your account and you don’t receive the goods, you are going to have a difficult, if not impossible, task of getting it back.
  10. Do business with those you know, like and trust. It’s best to buy high ticket items from eTailers that also have brick and mortar locations.
  11. Secure your PC. Update your critical security patches and anti-virus and only shop from a secured internet connection.

Robert Siciliano personal security expert to Home Security Source discussing
credit and debit card fraud on CNBC.

Google Ordered to Name Cyberstalker

Stalking is about domination. It is one or more persons continually making efforts to control another person’s life and thoughts by paying unwanted attention. Stalking is when someone contacts you when you repeatedly request that they do not. They watch, follow, call, email, text, fax or continually send mail to you after you request they do not. Stalking is psychological terror. Celebrities and everyday people are potential victims of the stalker.

Stalkers become obsessive investigators, interrogators, intimidators and terrorists. Some stalking statistics report almost a million and a half people are being stalked by an ex-boyfriend, ex-girlfriend, ex-husband, ex-wife, estranged husband, estranged wife, secret admirer, or an infatuated mentally unstable individual.

Stalkers make you a prisoner in your own life. They make it known that they know where you have been, whom you have spoken to, what you have done and where you are going next. They insist that they cannot live without you and you cannot live without them.

With today’s technology, stalking has never been easier to stalk and it’s never been easier for stalkers to hide.

Until now.

Information week reports “A New York judge has ordered Google to reveal the identity of a cyberstalker who has anonymously posted video and messages on the Internet. The videos included sexual slurs and damaging information that could affect the woman’s reputation and career.

She was quoted saying “I don’t care about being called names. It was a safety issue. The Internet cannot become a safe haven for harassers and stalkers.”

And how right she is.

Cyberstalking is going away, but finally government and corporations are now thinking progressively and considering victims of these crimes and acting on their behalf accordingly.

Tips:

Set up Google alerts to keep you in tune to any postings of your name.

If something comes up that is in any way threatening report it to the police and develop a paper trail.

Every internet site has some form of “contact us” page that you can submit your concerns too.

If you do not get any response have a lawyer send a letter.

Dogs: this is also a good time to get a vicious dog. With little research a fully-grown Doberman, Pit-bull, German shepherd, Rottweiler or any other dog trained to kill can be a lifesaver. There are many outfits that will rent you a guard dog while you are in jeopardy.

Make sure you notify friends, family, neighbors, co-workers and local businesses who you are a customer of and acquainted with what your situation is and show photos of the stalker. Your circle of relationships might be a significant factor in staying safe.

Self Defense: knowing how to disable an attacker armed or unarmed should be a staple of everyday living. When you are being stalked you are essentially at war and need to understand the fundamentals of armed and unarmed combat. Once you have the tools to debilitate another human being, that’s when you decide if carrying a weapon is appropriate.

Home Security: if there was ever a time to install an alarm, it is when you are being stalked. Make sure it is monitored by local law enforcement and keep it on while you are home during the day and when you sleep at night. Wireless alarms can be installed quickly and there are no phone lines to cut.

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures.