Sunday, January 27, 2013

Do You Know How To Avoid Catching A Bug?

As some of you who follow me on Facebook, Twitter or Google Plus know, I frequently share articles on cyber security and the potential threat of infection. Malware of all kinds are appearing and they run rampant on the internet. Authors predict cyber attacks will result in everything from identity theft to the annihilation of mankind.

On any given day you can read about new threats discovered, a variant of an older piece of code modified to be even more clever and evade detection. These programs hide in the background of computers, poking and prodding, collecting information and even delivering the electronic goods to the bad guys.

Companies and governments are very concerned that cyberspace is the new battleground and increasingly sophisticated malware is the new weaponry. Corporations are afraid of losing trade secrets and governments are afraid of losing control.

Programs like the now famous Stuxnet have been devised and successfully targeted to another country where it caused weapons related manufacturing equipment to self-destruct.

Companies spend millions of dollars to erect solid defenses including firewalls and various intrusion detection systems. Every computer is outfitted with malware detection updated regularly to ward off the most recent threats. Government networks are even more secure with no physical connections to the outside.

But the chain is only as strong as its weakest link, and the weak link will always be the people using the computers.

I am continually amazed at the level of investment in hardware, software and the cost of remediation, as compared to the paltry amount of education delivered to employees and the public. We're frequently warned about diet and exercise, smoking, drinking and drugs. Yet, have you ever seen a public service announcement about the latest zero day exploit? A breakout of the flu or a bad batch of canned peaches will be plastered all over television news.

Perhaps we need an "amber" alert for computing systems. How about a couple of corny slogans such as "if you see something behaving oddly on your computer, say something," or perhaps "always make sure your memory stick is virus free before inserting it in another person's computer."

If there are as many serious threats out there as one would be lead to believe, it is going to be incumbent on each and every computer user to be fully versed in how to avoid threats, how to spot potential problems and what to do to quickly alert others when they are discovered.

Computer security should be addressed in the same way as public health.  Teach everyone how to engage in safe computing, how to obtain safe and effective remedies, and how to avoid spreading the disease once they have it.

Captain Joe

 Follow me on Twitter @JPuglisiLLC