Malware Can Take Down Your Personal PC, But What Could Happen to Work Computers?
Recently I have had a lot of emails, tweets, phone calls and texts from friends who remember me as part of the McAfee Fake Anti-Virus Scareware Initiative.
What's the impact of this Fake Anti-Virus or Scareware?
- "Scareware," or fake anti-virus software, could cause the most monetary damages to consumers and their computers in 2010.
- "One company, known as 'Integrated Marketing' made $180 million through these scams, and more than two million consumers contacted the company regarding its software."
- According to McAfee, there has been a 400% increase in reported incidents in the last 12 months. It's been the number one call-driver to McAfee's Virus Removal Service team for the past six months, with more than 19,000 calls logged in January 2010 alone.
Fake anti-virus threats are rampant and growing. There's been a 400% increase in reported incidents in the last 12 months alone, and it's the number one call driver to McAfee's Virus Removal Service team for the past six months running. There were more than 19,000 calls to McAfee's Virus Removal Service team in January 2010.
There are more than 3,000 known fake AV products, with more being developed every day by cybercriminals around the world. (McAfee Labs)One in five online consumers was a victim of cybercrime in the past two years. (Consumer Reports, 2009)
Almost a half-million households had to replace PCs due to malware in the past six months (source: Consumer Reports, June 2009.)
When this initiative launched on March 9, 2010, I would never have guessed the kind of reception it would get. It ran in tech sites and journals. I was interviewed for Readers Digest (August 2010) and also for KCBS-LA TV who had a segment up there for several months till reporter Dave Malkoff (the author of the piece) moved from KCBS to KTLA 5 in LA. Poof! The piece vanished from the KCBS archives despite it being a great public service piece and that his presentation provided a clearer explanation than what goes on with the video above. The numbers listed above have skyrocketed and these malware attacks come in a variety of presentations and are equal-opportunity when it comes to platform. In other words, MACS are not immune. I already know a few people personally who have had to deal with this problem.
What's even weirder is the proliferation of credit card thefts through this malware and given that a credit card was fraudulently obtained in that little episode, one has to watch one's back in terms of those details. Just as you should and would scan credit card bills for unusual purchases, you need to be aware of what's going on when these sorts of events happen-- because how you react (or don't react) will determine the outcome that costs you thousands of dollars and lots of valuable time of yours. That's on the your end-- of credit cards being used.
While I have told friends, acquaintances, relatives and random people who have contacted me how to get their computers functioning and providing a bit of tech education on what's out there in the "big bad tech world" for them to be concerned about, I myself became concerned when I saw security breaches within large corporations that should have had their security nailed down. It was enough for me to seek to close accounts or obtain more information from the business in question (financial, education, health-care institutions) to allay my fears or make sure I tightened up my personal security blanket.
Let's take this a step further because as consumers we need to be better educated about what could happen in the world. As employees, business owners or even senior officers in larger businesses, we all need to be aware that our livelihoods, i.e., the companies for which we work, are also at risk. Those security breaches at places like Chase weren't random or careless. They might actually be careless but never random. The careless part isn't necessarily due to the lack of diligence on the part of in-house IT staff or external IT consultants. Just as the personal computers malware attacks are well-coordinated, deeply researched and highly planned events, so are the breaches of business security at any level (corporate, medium or small-- no one is immune)
What really got me thinking was a recent episode of the USA Network series Covert Affairs (odd how that plays into this) about how the internet computer grid was taken down for a short period of time and what would happen to a business, neighborhood, city, state or even nation if our computer or utlities grid was taken off-line. What would you do if you worked in a hospital, a bank or a school where computers were essential? What about street-lights, traffic signals, and the basics of daily living on which we rely? That might seem far-fetched to you, but I can tell you that the US government does not think it's a fairytale but google United States Cyber Command and see what that brings up.
Breaches happen often because someone is exploiting a vulnerability within programs used for work within the company computers on a daily basis. How is this possible? I happened to run across this site in my search for more documention on the McAfee Iniitiative and ran across something on a Rapid7 Security Blog
Don't let the beginning of this blog get you bogged down in details you don't understand. Here's the short -- or rather shorter --version of what the Rapid7 blog is stating.
In the course of the discussion about the vulnerabilities (read patches and fixes by Microsoft) in August, HD Moore, an employee for Rapid7 blogged about the other Microsoft flaws/patches/"exploits" that had been found, there was further discussion of other programs that were affected by certain "vulnerabilities" (bear with me, I had to talk to a couple tech people to get this clear in my head). While updates come from your software providers, it's important to keep the software up-to-date.
The point that I am making is that the necessity of having an IT professional-- whether on staff daily or consulting on a monthly, bi-weekly or weekly basis-- is also a necessity particularly when setting up your network. In the business arena (as well as at home), a network router provides another firewall between you and the "wild wild west " of the internet. Given the proliferation of scareware, malware, viruses, you need to have not only anti-virus protection but a very real firewall between you and the web to prevent your computers and their valuable data being breached. While the likelihood of that is small, there is no guarantee unless you have your computers locked down tight and updated with the latest patches from various software brands. Your IT pro would make sure your computers and their valuable data are protected because that data could be client lists, financials on your company and other companies, contact lists, and more depending on your industry.
On the other end is PCI compliance: if you are in the business of taking credit cards for payment of goods or services you have to have a PCI compliant firewall or subject your business to PCI inspections which can take a lot of time. Whether it's your firewall, your host or you are self-hosting your site, you need to be PCI compliant to protect the credit card information of all those clients. Don't give any potential hacker or across the world cyber-criminal a reason to make a pit-stop at your company website. Again, it's a matter of having a knowledgeable computer tech who can provide you with the latest updates, the most efficient and cost-effective equipment and software to protect your company. Can you afford not to be protective of other people's personal and professional financial status?
For the big corporation, they have IT staff on the floor on a daily basis to take care of internal network issues and for those familiar with the term, inside the corporate firewall through which all computer traffic goes (not the Windows, Macintosh or computer firewall). For those with meduim to small business, IT guys might not be on the list of everyday employees. The crucial point I am making is that hardware can be replaced, software can be reinstalled, but the data or work you have produced that generates the money that runs your business can't be replaced. It's the heart and soul of your business. That's the crucial element in all this.
You need to back up your data based on what you cannot afford to lose-- meaning that if something crashed and you lost all the data since the last backup ( a week, a day, 2 hours...) would you be "SOL" if you lost that data? If that's the case, you need to have a IT consultant give you advice on security backups and protection. Do not forget about off-site master copies in case a local gas main should explode; a plane fall out of the sky; or a flood or tornado might happen. The point being that it should be significantlly off-site to not be damaged (the trunk of your car might not be sufficient). Just as you should and would scan credit card bills for unusual purchases, you need to be aware of what's going on when these sorts of events happen-- because how you react (or don't react) will determine the outcome that costs you thousands of dollars and lots of valuable time of yours in repairing damage and that time is lost from making the money that keeps your business running.
Whatever you can think of in terms of disasters -- both physical and virtual-- you need a back-up plan, hence the suggestion of an IT consultant and one with the knowledge of software to secure your data-- much like what Rapid7's products are (Nexpose and Metasploit are their claims to fame -- and they seem to be doing a bang-up job of it) and their equally skilled competitors' products. Rapid7 is not the only player in the marketplace. However I have gone through their site and learned something about their products. The referenced Rapid7 Security blog was highly instructional-- while it did require some "education" from my tech friends, it totally brought me up to speed on why I need to back up again (and probably weekly and then provide another layer of back-up in terms of external hard drives.
While this security is slightly applicable to the consumer, the level of products from Rapid7 and that class of IT security is not for the consumer. It's primarily being driven by for small, medium and large business clients . Given today's world, it's nice to know that there are products readily available for a small or medium size business because in this kind of economy, even failure of one computer can cost you a week's work of pay and you can't survive that way. No one can.
While I have mentioned Rapid7, I have not been paid by them; I do not work for them or any other person for placement in this post. They had other blogs where I understood about 1-2 out of every 8 words-- and while I am not an IT engineer-- I am not entirely clueless either. The blogs were something that I happened to hunt down i search of information on internet security and business. Try googling that sometime and see what you come up with.
It is late and I just spent about 3+ hours writing this blog and another hour listening to what I misunderstood and having it explained to me. Hope that helps you out on both the consumer and business levels.
Stevie Wilson, LA-Story.com
Free Kat Von D eye primer sample with any purchase at Sephora.com. Enter code KVDEYE at checkout.
Boscia Luminizing Black Mask 2.8 oz
A groundbreaking, mineral-rich "peel-off" mask that delivers powerful detoxifying, purifying, and brightening effects.
$34.00
Subscribe to RSS headline updates from:
Powered by FeedBurner
If you want to feature content from LA-Story.com, please remember to linkback to the specific page & please email the link to [email protected]
LA-Story.com, LA-Story Recessionista, Celebrity Stylescope, Celebrity Style Slam Trademark/Copyright: KBP Inc. 2007-10
Subscribe to RSS headline updates
Powered by FeedBurner
Leave a comment