Download - ITU2012-Internet Security
-
7/29/2019 ITU2012-Internet Security
1/10
Security is Only as Secure as the User
Source - Angels & Demons,Columbia Pictures
1668, the church kidnapped four Illuminati scientists and branded each one of them on the
chest with the symbol of the cross to 'purge' them of their sins and they executed them, threw
their bodies in the street as a warning to others to stop questioning church ruling on scientific
matters. They radicalized them. Robert Langdon, Angels & Demons,Columbia
Pictures (2009)
At the end of last year, the World Conference on International Telecommunications met
behind closed doors in Dubai to discuss the future of the Internet. The secretive meeting of
290 plus countries produced scare headlines that countries were out to hijack the Net and
Web.
There were a ton of proposals some say could endanger privacy and the unfettered, free flow
of information as well as making it easier to track and trace users.
A few weeks later, coverage faded like last weeks news.
Nothing changed.
Its pretty tough to manage, control, dictate something that exists nowhere and everywhere
a network of networks.
Countries can still block and filter access, but theres always a way around the situation.
Theres always a group of really smart and devious folks who just love a challenge.
Thats probably why Sherman Hand recently wrote:
- More than 1 million computers are successfully exploited every single day -- one every
14 seconds
- 39 percent of the world's computers are infected by some type of malware of
- 90 percent of the world's companies suffered network breaches last year
Page 1 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
2/10
- One out of every seven adults has his or heronline financial information, identity, or
passwords compromised every year -- 280 million breached records in the last eight years
- 82 percent of malicious websites are hosted on hacked legitimate websites
Source ABI Research
Yes, Probably, Maybe Most firms are certain they have lost valuable information/data; and
if its financial records, few readily admit the loss. The bar chart indicates how many incidents
the firms have had over the past 12 months.
- A single hacking event can easily cause more than $100 million in damages
- Hackivist groups such as Anonymous routinely break into the world's largest companies
and global investigation authorities
- Hacks routinely result in millions of leaked passwords
- Back in 2003, a worm - SQL Slammer - infected almost every possible unpatchedcomputer it targeted in 10 minutes
Page 2 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
3/10
Source SmartBrief
Mobile Freeware With nearly one million iOS, Android and Windows apps available, and
with most of them free, they are like honey to a bear for most users just too hard to resist.While app store owners are working to protect you, it is still let the freeloader beware.
- Malware is popping up on every mobile platform.
- Spam is still above 65 percent 10 years after passing the CAN-SPAM Act.
- One out of every 14 Internet downloads is malicious.
- The annual cost of cyber crime is estimated at $114 billion.
- Successful prosecution for Internet cyber criminals is less than 0.01 percent.
- Hacking by nations is so pervasive that Google automatically alerts users of potential
state-driven threats.
- Complex malware proves again and again it can bypass any computer security defense.
No wonder the online/on device security business is so huge.
Page 3 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
4/10
Source Infonetics Research
Big Biz & Growing Computer security has historically been a fairly steady business; but
with mobile computing, tablets and smartphones being used everywhere including the office
it has become increasingly important. The challenge is that security is always one or two
steps behind the bad folks.
So how do you protect company and personal content?
You encrypt it. You know, AES (Advanced Encryption Standard) that resisted decryption by
even the most powerful supercomputers available.
Bigger, Better
So how did folks get around it?
Countries built more powerful supercomputers.
Hacktivists and cybercrooks take a more economic route they tie hundreds of thousands of
hijacked PCs and tell em to work together and drill away.
They simply tell the systems what Robert Langdon said, I need access to the Vatican
Archives,and let them go to work.
All of that sounds both good and hopeless.
Good because countries and companies are working hard at it to protect themselves and their
special data.
Bad because that means the keyboard interface user goes along fat, dumb and happy
figuring Hey, its their job, their responsibility to cover my behind.
Weve all heard how even really smart folks have been hooked in to really dumb situations
when theyre on their computers and increasingly, on their tablets and smartphones.
Page 4 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
5/10
Source Xcentric
One Born Every Minute Its surprising some of the dumb offers people send out to entice
users. While organizations install and maintain extensive (and expensive) security solutions, it
is just real hard to keep the keyboard interface from being dumb, dumber.
Som ething for Nothing
Human vulnerabilities--ignorance, inattention, greed, gullibilityare a whole lot easier to
exploit than really beefed-up systems. And theyre probably a lot more fun for the hactivist and
cybercriminal.
There are actually two types of people these bad guys/gals like to find in the organization
the overly brilliant rogue and the clueless computerist.
The ubergeek ignores or subverts security controls inconveniencing the work of others at the
very least and at his/her worst, leaving back/side doors open to the system.
The naive, amateur is just as bad because he/she can get a message that he/she has
overused storage or exceeded email quota and needs to go here to let managers correct the
situation. Or they get an official looking email from their bank, government agency and need to
clarify a situation here.
And if you think its only or mainly a computer issue, youre wrong!
Bad guys/gals follow the money and we all know the real action is with mobile devices today
we (especially our kids) use them for just everything including purchases.
Page 5 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
6/10
Source New York Times
Born Online Gen Cers (generated connected) dont realize there was a time when people
werent constantly online, constantly available, constantly sharing. When they first go onlinewith a computer, tablet or smartphone, parents should help, guide, advise, observe their
activities and help them learn to be cautious.
In fact, a security specialist noted that it took mobile malware writers only two years to achieve
and surpass everything that had been developed and refined for the PC in 10 years.
Camerlengo Patrick McKenna looked the situation over and said, We are under attack from
an old enemy.
False Safety
iPhone users like to take comfort (unwarranted) that all the bad folks are focusing on Android
phones with their mobile malware writing but that aint exactly true.
Page 6 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
7/10
Always On We were more than a little surprised to see how much time the average mobile
Internet user actually spends on his/her online activities. Unfortunately, texting wasnt included
in the study because we know the kids would have burned up hours instead of minutes; but
then, texting is data minutes, not wireless activities.
With the average smartphone, users can expect to encounter malware attacks 10 percent of
the time; and with smartphone web browsing becoming the preferred access tool especially
for millenials and GenCers experts estimate that theyll encounter malicious links as much
as 40 percent of the time.
Thats probably why mobile device security is a big business and getting bigger by the minute.
Page 7 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
8/10
Growing Up While mobile security sales are only just beginning, many organizations are
going to place more faith in hardware security solutions, especially when the devices are used
as mobile wallets and within corporations. The best security though is sound hardware and
software plus cautious users.
Experts agree that mobile hacking is still in its infancy; but with hundreds of thousands of iOS
and Android (O.K. Windows too) apps out there, its not too soon to begin offering protection.
Or, as Camerlengo Patrick McKenna said, Open the doors, and tell the world the truth.
Thats especially true if mobile shopping and wallets are ever going to amount to a hill of
beans.
Money On-the-Go
Mobile shopping, mobile wallets and mobile banking all look real appetizing to bad folks; and
after the past successful mobile shopping holiday, theyre salivating.
Security experts agree that smartphone users are more likely than computer folks to click on
dangerous links or download over-aggressive apps, especially with so many free or nearly
free apps to choose from.
Ten years ago hactivists and cybercriminals were just a minor nuisance. Today, theyre
bringing down companies and countries. Smartphones, tablets and, in fact, the whole BYOD
(bring your own device) movement have created tremendous areas of concern.
Page 8 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
9/10
Road Hazards Perhaps it would be easier for hardware, software and security managers if
there were only a few challenges that they faced daily. The problems are there are
opportunities for disaster everywhere and they are all relatively new and unproven territories.
Add to that cloud computing/storage chea p flas h drives and emE oldene d ha ctivist groups
have made the online world one everyone really nee ds to understand a nd ac t cautiously
T ues tion everything when they venture out.
According to Symantec cyE ercrime is a 3 8 8 B worldwide E usiness E igger more profita E le
and les s dangerous than drugs.
Source - Angels & Demons,ColumE ia Pictures
ittoria etra e [ plained why the Net/We E st ill stands The antimatter is suspended in an
airtight nano-composite shell with electromagnets on each end. But if it were to fall out of
suspension, and come into contact with matter, say with the bottom of the canister, the two
Page 9 of 10Content Insider #263 Insecure Security - Google Drive
1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...
-
7/29/2019 ITU2012-Internet Security
10/10
opposing forces would annihilate one another. Violently.
Page 10 of 10Content Insider #263 Insecure Security - Google Drive