itu2012-internet security

7/29/2019 ITU2012-Internet Security

1/10

Security is Only as Secure as the User

Source - Angels & Demons,Columbia Pictures

1668, the church kidnapped four Illuminati scientists and branded each one of them on the

chest with the symbol of the cross to 'purge' them of their sins and they executed them, threw

their bodies in the street as a warning to others to stop questioning church ruling on scientific

matters. They radicalized them. Robert Langdon, Angels & Demons,Columbia

Pictures (2009)

At the end of last year, the World Conference on International Telecommunications met

behind closed doors in Dubai to discuss the future of the Internet. The secretive meeting of

290 plus countries produced scare headlines that countries were out to hijack the Net and

Web.

There were a ton of proposals some say could endanger privacy and the unfettered, free flow

of information as well as making it easier to track and trace users.

A few weeks later, coverage faded like last weeks news.

Nothing changed.

Its pretty tough to manage, control, dictate something that exists nowhere and everywhere

a network of networks.

Countries can still block and filter access, but theres always a way around the situation.

Theres always a group of really smart and devious folks who just love a challenge.

Thats probably why Sherman Hand recently wrote:

- More than 1 million computers are successfully exploited every single day -- one every

14 seconds

- 39 percent of the world's computers are infected by some type of malware of

- 90 percent of the world's companies suffered network breaches last year

Page 1 of 10Content Insider #263 Insecure Security - Google Drive

1/26/2013https://docs.google.com/document/d/1395FttYDts96YtvtBw7CtrM-PgkULrWAUiNtS-Ru...


2/10

- One out of every seven adults has his or heronline financial information, identity, or

passwords compromised every year -- 280 million breached records in the last eight years

- 82 percent of malicious websites are hosted on hacked legitimate websites

Source ABI Research

Yes, Probably, Maybe Most firms are certain they have lost valuable information/data; and

if its financial records, few readily admit the loss. The bar chart indicates how many incidents

the firms have had over the past 12 months.

- A single hacking event can easily cause more than $100 million in damages

- Hackivist groups such as Anonymous routinely break into the world's largest companies

and global investigation authorities

- Hacks routinely result in millions of leaked passwords

- Back in 2003, a worm - SQL Slammer - infected almost every possible unpatchedcomputer it targeted in 10 minutes




3/10

Source SmartBrief

Mobile Freeware With nearly one million iOS, Android and Windows apps available, and

with most of them free, they are like honey to a bear for most users just too hard to resist.While app store owners are working to protect you, it is still let the freeloader beware.

- Malware is popping up on every mobile platform.

- Spam is still above 65 percent 10 years after passing the CAN-SPAM Act.

- One out of every 14 Internet downloads is malicious.

- The annual cost of cyber crime is estimated at $114 billion.

- Successful prosecution for Internet cyber criminals is less than 0.01 percent.

- Hacking by nations is so pervasive that Google automatically alerts users of potential

state-driven threats.

- Complex malware proves again and again it can bypass any computer security defense.

No wonder the online/on device security business is so huge.




4/10

Source Infonetics Research

Big Biz & Growing Computer security has historically been a fairly steady business; but

with mobile computing, tablets and smartphones being used everywhere including the office

it has become increasingly important. The challenge is that security is always one or two

steps behind the bad folks.

So how do you protect company and personal content?

You encrypt it. You know, AES (Advanced Encryption Standard) that resisted decryption by

even the most powerful supercomputers available.

Bigger, Better

So how did folks get around it?

Countries built more powerful supercomputers.

Hacktivists and cybercrooks take a more economic route they tie hundreds of thousands of

hijacked PCs and tell em to work together and drill away.

They simply tell the systems what Robert Langdon said, I need access to the Vatican

Archives,and let them go to work.

All of that sounds both good and hopeless.

Good because countries and companies are working hard at it to protect themselves and their

special data.

Bad because that means the keyboard interface user goes along fat, dumb and happy

figuring Hey, its their job, their responsibility to cover my behind.

Weve all heard how even really smart folks have been hooked in to really dumb situations

when theyre on their computers and increasingly, on their tablets and smartphones.




5/10

Source Xcentric

One Born Every Minute Its surprising some of the dumb offers people send out to entice

users. While organizations install and maintain extensive (and expensive) security solutions, it

is just real hard to keep the keyboard interface from being dumb, dumber.

Som ething for Nothing

Human vulnerabilities--ignorance, inattention, greed, gullibilityare a whole lot easier to

exploit than really beefed-up systems. And theyre probably a lot more fun for the hactivist and

cybercriminal.

There are actually two types of people these bad guys/gals like to find in the organization

the overly brilliant rogue and the clueless computerist.

The ubergeek ignores or subverts security controls inconveniencing the work of others at the

very least and at his/her worst, leaving back/side doors open to the system.

The naive, amateur is just as bad because he/she can get a message that he/she has

overused storage or exceeded email quota and needs to go here to let managers correct the

situation. Or they get an official looking email from their bank, government agency and need to

clarify a situation here.

And if you think its only or mainly a computer issue, youre wrong!

Bad guys/gals follow the money and we all know the real action is with mobile devices today

we (especially our kids) use them for just everything including purchases.




6/10

Source New York Times

Born Online Gen Cers (generated connected) dont realize there was a time when people

werent constantly online, constantly available, constantly sharing. When they first go onlinewith a computer, tablet or smartphone, parents should help, guide, advise, observe their

activities and help them learn to be cautious.

In fact, a security specialist noted that it took mobile malware writers only two years to achieve

and surpass everything that had been developed and refined for the PC in 10 years.

Camerlengo Patrick McKenna looked the situation over and said, We are under attack from

an old enemy.

False Safety

iPhone users like to take comfort (unwarranted) that all the bad folks are focusing on Android

phones with their mobile malware writing but that aint exactly true.




7/10

Always On We were more than a little surprised to see how much time the average mobile

Internet user actually spends on his/her online activities. Unfortunately, texting wasnt included

in the study because we know the kids would have burned up hours instead of minutes; but

then, texting is data minutes, not wireless activities.

With the average smartphone, users can expect to encounter malware attacks 10 percent of

the time; and with smartphone web browsing becoming the preferred access tool especially

for millenials and GenCers experts estimate that theyll encounter malicious links as much

as 40 percent of the time.

Thats probably why mobile device security is a big business and getting bigger by the minute.




8/10

Growing Up While mobile security sales are only just beginning, many organizations are

going to place more faith in hardware security solutions, especially when the devices are used

as mobile wallets and within corporations. The best security though is sound hardware and

software plus cautious users.

Experts agree that mobile hacking is still in its infancy; but with hundreds of thousands of iOS

and Android (O.K. Windows too) apps out there, its not too soon to begin offering protection.

Or, as Camerlengo Patrick McKenna said, Open the doors, and tell the world the truth.

Thats especially true if mobile shopping and wallets are ever going to amount to a hill of

beans.

Money On-the-Go

Mobile shopping, mobile wallets and mobile banking all look real appetizing to bad folks; and

after the past successful mobile shopping holiday, theyre salivating.

Security experts agree that smartphone users are more likely than computer folks to click on

dangerous links or download over-aggressive apps, especially with so many free or nearly

free apps to choose from.

Ten years ago hactivists and cybercriminals were just a minor nuisance. Today, theyre

bringing down companies and countries. Smartphones, tablets and, in fact, the whole BYOD

(bring your own device) movement have created tremendous areas of concern.




9/10

Road Hazards Perhaps it would be easier for hardware, software and security managers if

there were only a few challenges that they faced daily. The problems are there are

opportunities for disaster everywhere and they are all relatively new and unproven territories.

Add to that cloud computing/storage chea p flas h drives and emE oldene d ha ctivist groups

have made the online world one everyone really nee ds to understand a nd ac t cautiously

T ues tion everything when they venture out.

According to Symantec cyE ercrime is a 3 8 8 B worldwide E usiness E igger more profita E le

and les s dangerous than drugs.

Source - Angels & Demons,ColumE ia Pictures

ittoria etra e [ plained why the Net/We E st ill stands The antimatter is suspended in an

airtight nano-composite shell with electromagnets on each end. But if it were to fall out of

suspension, and come into contact with matter, say with the bottom of the canister, the two




10/10

opposing forces would annihilate one another. Violently.


itu2012-internet security

Documents