Thursday, July 30, 2009

Cyber security explained

As identity fraud, viruses and spyware become more and more common, what you know about home security can make the difference between a healthy and an infected PC.


Like any other criminal pastime, cyber attackers have become would-be entrepreneurs, hacking their way straight to the bank.
While that may ring true in a figurative sense, the truth is every bit as literal. Lucrative financial targets like Canada's major banks have felt the sting from cyber attackers who look for stealthy ways to pry into their networks. And the pawns they use to get in are the average everyday PC user.
Attackers don't really do it for bragging rights or to pass time. There's too much money on the line for them to take it lightly, say industry insiders and analysts.
"The great thing about spam and phishing for cyber attackers is that they only need to be one per cent successful in order to make money," says Dave Marcus, security research and communications manager with McAfee Avert Labs. "When people are on their computers, they've been trained to click when windows pop up on a screen, and these attackers are good at exploiting that kind of psychology."


The home user targeted
As the constant chess match between hackers and antivirus developers continues, with both sides becoming increasingly more sophisticated, more and more home users are getting caught in the middle.
Symantec reported that up to 86 percent of cyber attacks are aimed at home users, a number that has increased steadily over the last five years. Phishing continues to be the most popular method, where users are duped into logging onto an impostor website posing as, say, eBay or Paypal, thereby exposing account information to attackers.
Botnets, another common form of malware, are also on the rise, with an estimated 11 per cent of worldwide home computers already having been infected, according to an article in the New York Times. To be infected as a "Bot" means that your computer has become a zombie of sorts and is used to generate traffic for specific websites.
Using this method with tens of thousands of computers at one time can cripple a target website, like a financial institution or corporation. This sort of attack is what briefly brought the likes of eBay and Amazon to their knees in 2005.
"Anyone can be for sale on the Internet," says Rowan Trollope, vice-president of consumer products for Symantec. "You can get an eBay Powerseller's credentials for $20, or credit card numbers for $10 apiece. At least four of five cyber threats are meant to steal information from local computers, and it's easy to see why."
Trollope adds that Symantec uncovered software developers in Russia that offer annual software licenses for spyware, which can then be used to keep tabs on unsuspecting PCs.

A 360 view
This month, Symantec will be releasing what Trollope considers "the biggest product launch in Symantec's history" in Norton 360, a software package that includes the whole Norton line. The wide array of protection is meant to spot any known type of attack, and includes the Symantec Online Network for Advanced Response (SONAR), which can keep tabs on a user's tendencies and identify new malware threats based on application behaviour.
Part of the package also includes backing up important files via online storage. Symantec offers 2GB of storage with additional memory available at an annual cost of $30 (all prices U.S.) for 5GB, 10GB for $50 and 25GB for $70. Trollope adds that Norton 360 can automatically detect newly saved files regardless of whether the computer is turned on or in sleep mode.
"Once you install the software, you won't need to do anything else," Trollope says. "The idea is to provide a ring of protection because the level of sophistication in cyber attacks demands it. If you're a home user and you have no protection, Symantec or otherwise, it's only a matter of time before you become compromised."

The Vista factor
With the launch of Windows Vista from Microsoft, cyber attackers now have a fresh target they can go after in the software giant's new operating system. But, with a slow adoption rate, Windows XP continues to be the key target.To combat some of these issues, Microsoft launched Windows Live OneCare as a complement to Windows operating systems in all matters of security. While not specifically an antivirus solution, OneCare is meant to act as an umbrella of sorts, so that users don't concern themselves with different anti-malware applications and the licensing required to use them.
But, as with many antivirus software solutions available on the market, consumers have complained that increased security comes at the expense of a PC's processing power. Trollope says that Norton 360 would only require 7MB of a PC's RAM in order to run continuously, compared to the 80MB required for OneCare.
"Considering the range of services contained in OneCare, an 80MB footprint isn't that large on today's PCs," says Jacky Mok, Project Manager for Mail, OneCare and Platform at MSN Canada. "Rather than juggling renewal dates to manage several different products, OneCare does it all, so there's really no need to run several solutions at once."
This is what Symantec and McAfee have set out to do as well, but the jury is still out on whether these "all-in-one solutions" can really provide a blanket of security over one's PC.
One thing that all sides seem to agree on is that cyber security will remain an issue much like crime is to a society at large. But the problem is manageable, Marcus says, and the key is in keeping users informed on how they can keep their data safe.
"The problem is the ubiquitous nature of the internet and the fact that it's a global thing with no corresponding global checks, balances and laws," says Marcus. "People need to see the bigger picture in that identity theft is a real possibility if they're blindly entering personal information without exercising good web browsing habits."

No comments:

Post a Comment