Physical security, locks, etc
Yesterday’s article explained how DNS poisoning works. And there’s already quite a bit of it happening. In Mexico there’s an ISP that offers their customers ADSL modems with the brand 2Wire.
There’s an exploit for this particular model making it easy for their DNS settings to be changed, effectively attacking the internet of users. It’s as simple as opening an email with the malicious code.
If your modem is a 2Wire then change the password and filter your emails with a good anti-virus program.
A (new) flaw has been discovered in Windows that Microsoft regards as critical. And they’ve released a patch to fix it. If you’re computer(s) use the following then you need to install the patch now.
That should cover pretty much everyone using Windows at home and at work, and both servers and PCs.
To apply the patch use Windows Update in Internet Explorer (in the Tools menu), or if your computer is set to automatically download and apply patches then it’ll be applied automatically overnight.
This one’s pretty serious so don’t delay. More information on Microsoft’s web site.
The US Army has been upgrading their servers and workstations to Macs and are claiming they’re harder to hack (i.e. they’re more secure).
The primary reason they state is that fewer attacks are written for Macs than for Windows. This seems true for now.
One common weakness between all operating systems (Mac, Windows, Linux, etc) is the user. People can be tricked into clicking on things or carrying out other hazardous tasks no matter what computer they use (this is where security education comes in).
More details here.
Identity theft can happen in many ways. Before computers people just stole mail from letterboxes and documents from people’s wallets (watch the movie Catch Me If You Can for an example).
Then when the internet came along criminals starting tricking people into handing over personal details, or they employ hackers to write spyware that achieves the same result.
A new identity theft trend emerging in the world is coming from call centres. Staff working at call centres have access to the person details of a lot of customers, and since a lot of call centres have been outsourced to countries such as India, the Philippines, etc, companies are having a difficult time keeping things under control.
There’s an article here that mentions a few of the crimes happening in call centres. In summary:
Theft of personal information is serious. The information can be easily sold, especially if staff feel they’re underpaid (a likely situation for overseas call centres).
It’s good to remember that in this day and age your personal details can be known to many parties, there isn’t much that’s still personal or secret. Be selective in what information you give to companies. And as mentioned previously don’t give personal details to call centre staff when they call you (instead of you calling them).
Sophos (a large IT security company) recently conducted a survey of 560 people. 54% of them admitted to using someone else’s wireless network without permission. That’s more than half the respondents. Why should you care?
If you have a wireless network that isn’t well secured then:
The most important reason of these is how easy it makes it for someone to use your network to commit crimes. Imagine being involved in a child pornography investigation, or having your internet disconnected because your network was used to send millions of spam emails.
I’ve written before on how to secure a wireless network and if you haven’t done so it’s worth reading through here.
If you’re in the 54% of people who wouldn’t think twice of using someone else’s wireless network without permission then you should know that:
So the message here is to secure your wireless network, and don’t use other people’s wireless networks without permission.
An Australian man in Rockhampton has been arrested for trying to extort money from people. Here’s how he did it.
The police were able to find him and arrest him. It’s important to secure your wireless networks so that other people don’t use it to commit crimes.
Full article here.
It’s amazing how many new tactics these people come up with in order to steal your personal information. There’s a new “bot” that chats with users on Russian online chat rooms (a bot is a program that mimics a real person online). It’s called CyberLover and apparently it’s quite clever in impersonating a human and gets people talking to it.
During a test it was found that the CyberLover chat bot got 10 real people to have conversations with it, in only 30 minutes. During this conversation it tricked people into providing their real names, contact information and photos. This is all private data, provided to the chatbot.
The darker side of this clever piece of software is that the bot is run by hackers intent on committing identity theft. Personal information like this is regularly sold on an online black market, and then used to commit fraud, such as opening credit card accounts in your name. Serious crimes indeed.
CyberLover is an interesting piece because it has different levels of its personality, and they’re mostly of a sexual nature. This type of conversation seems to get people’s attention more easily making it easier to manipulate them into providing personal information (called Social Engineering).
At the moment this is all in Russian however it won’t be long until it appears in other languages including English.
Skype is a popular communication tool allowing people to have voice and video conversations over the internet. And one of its features is how it transports that communications data. Skype first encrypts your data then distributes it using a network of other skype users (using what’s called a peer to peer model).
The encryption is intended to stop random strangers eavesdropping on your conversations. And it seems to be fairly effective from what this article says – the German Federal Police Office have a problem wiretapping Skype calls.
Is this a good thing or a bad thing? Well, it’s a little of both. It gives Skype users a level of security that makes the general public comfortable enough to use it, and stops casual eavesdropping. That’s the good news.
The bad news is that VoIP traffic (phone calls over internet) can be intercepted in other ways. When it becomes too hard to break the encryption, as the German police found, an easier path is to install a trojan on the PC and intercept the voice data before it becomes encrypted. This stuff really happens.
The German federal police office is looking into developing trojans so they can install one on people’s computers they need to listen in on (article here). This is a legal form of spyware (at least in the country it’s used in). Other governments have been using this technique for years and legally it’s not much different to wiretapping a phone. What makes it scary is that antivirus companies have an understanding with law enforcement agencies and some government spyware may go undetected.
This isn’t a problem to most people. And at the end of the day it’s no different to using a house or mobile (cellular) phone.
The message in this article is that you should place the same level of trust in any VoIP phone (such as Skype) as you would with any other phone. It doesn’t offer any additional level of privacy. Law enforcement agencies have been finding ways to listen in, and fairly soon we’ll have spyware that can do the same thing only with less legal intentions.
A common scenario is when someone takes home a notebook from work. The intention is to do work from home for whatever reason.
This could be a serious security risk. Most companies have gone to a lot of trouble to secure their office networks (for example by installing and managing firewalls; though a firewall is not enough to secure a network). In fact some companies have an entire department dedicated to maintaining network security. However most homes don’t have managed firewalls or any of the other network security systems or resources that companies often use. This effectively makes a home network less secure.
The risk is having an outsider gain access to the contents of the notebook. This could be achieved in a number of ways including having a trojan on another PC in the house. The possible damage to businesses can be huge, depending on the importance of the data on the notebook, or the importance of the work being done from home.
Some misconceptions need to be explained:
It’s not all bad news though. There are things you can do to protect yourself and your employer.
A note about VPNs:
VPN stands for Virtual Private Network. It’s a piece of technology that can be used to join an office network to a home network. Servers and PCs on the networks would behave as if they were sitting in the same location, ignoring the fact there’s some distance inbetween, and ignoring the fact it’s really travelling across the Internet.
A VPN isn’t the be all and end all of security, it’s only a technical solution to a technical problem. You still need firewalls, virus scanners, and a little bit of tech support.
They can be setup to route all traffic to your office network and then you would trust your office network to filter the traffic for you. This is generally good. There are some caveats:
Above all find out what your company’s IT policies are and follow them as best you can. If they don’t have one then now’s a good time to suggest one. Working from home doesn’t have to be risky.