Search This Blog

Thursday, June 12, 2014

Evil is Alive and Well

Here are a couple of quick items on cyber-security:

CryptoLocker:  First, here is a link to blog post about CryptoLocker, a malicious spam attack:  Appriver blog post.  The attack is fairly basic.  You get an email that wants you to click on delivered fax or file.  Once you do, the program spreads through your system and encrypts all of your files, locking you out.  To get them unlocked, you have to pay the bad guys, who like are halfway around the world and care very little about restoring your files once they have your money.

This is a big threat to businesses and professional offices, where the files are essential to carrying on business.

While spam filtering software tries to keep ahead of this kind of spam, the perpetrators generally can reconfigure quickly to keep ahead of the filters.  Thus, the best advice is common sense:  Do not open email or attachments that look suspicious, come from unknown sources, or are unexpected.  If you think it might be real, do not open it or respond to the sender; instead, check it out first by independent means: call the sender (particularly if the sender appears to be your bank or credit card company, etc.) or research the sender online and check any spam alert service you are using for warnings.  When in doubt, pass.

Online Privacy:  In the wake of Edward Snowden's disclosures about the National Security Agency, everyone should be worried about online privacy. There is a lot of discussion about the NSA's activities, their purpose and its use information gathered and the legality these efforts by the government to balance security concerns with privacy rights.

What is less well understood is just how easy it is to get information on someone from online sources.  Here an excellent report on National Public Radio,

 
wherein the reporter, John Henn, with assistance Sean Gallagher of Ars Technica and Dave Porcello of Pwnie Express, explored just how much information can be gathered on someone from there travels on the web.  The results are startling, particular when you look at the representations of many major online services as to encryption of your identity.  Go listen to the full reports and consider carefully what you do online.

No comments:

Post a Comment