Tag Archives: Computer Security Institute

About 2149 days ago Data Security

Securing Your Business Laptops (And the Data Inside)

our beautiful site

Small and mid-sized businesses are increasingly mobile, with up to 38 percent of the company out of the office at any one time, according to The Yankee Group. With mobility comes the need for protecting company laptops from being lost or stolen when in airports, hotels, restaurants, and even when left in the back of a cab. And that’s not all. The unfortunate reality is losing the computer itself may be the least of your firm’s worries if there is valuable company data that resides on that portable computer. “Because your critical data is walking out the corporate door every day, employees need to know how to protect that data,” says Carmi Levy, senior vice president of strategic consulting at AR Communications, a Toronto-based consulting firm. “The difference between a laptop in the field and a desktop in the office is the latter has more security around it, such as locked doors, card access, and a receptionist who allows the right people in and [keeps] wrong people out,” adds Levy. “In the field, there’s no physical barrier around a laptop, so leaving it alone in an unprotected areas is an invitation to thieves.” It’s hard for authorities to get a handle on the magnitude of the problem with laptop theft in the business world, primarily because businesses sometimes don’t want to admit that it’s such a big problem. The 2005 Computer Security Institute/ FBI study of computer crime found that $4 million in laptops were stolen that year, but $31 in theft of proprietary information occurred at the same time. However, a private firm, Safeware Insurance, which sells insurance protection against computer theft and other damage, reports that more than 600,000 laptop thefts occurred in 2004, totaling an estimated $720 million in hardware losses and $5.4 billion in theft of proprietary information. Last year, a study by the Ponemon Institute, an IT think-tank, reported that 81 percent of companies reported a loss of at least one laptop during the previous year. The good news is there is no shortage of hardware and software solutions — and a bit of common sense — that can greatly reduce the chances of being separated from your laptop and the potentially sensitive corporate information embedded on it. The following are a few laptop theft prevention tools to consider: Lock it If you must be away from your laptop for a couple of minutes, such as going to the bathroom while in an airport lounge, physically secure your PC with a cable and lock solution. “Locks are the best insurance against notebook theft — they provide security against opportunistic theft, the most common threat,” says Roma Majumder, senior global product manager for security at Kensington, a manufacturer of notebook locks. Kensington’s products include the $40 MicroSaver Notebook Lock, which features a retractable aircraft-grade steel cable and keyless four-wheel combination lock. Levy cautions users, however, a hardware lock should only be considered a deterrent: “If thieves are determined enough they can get your laptop, but you want to make it as hard for them as possible.” Encrypt it While third-party options are available, many mobile executives are using Windows Vista’s built-in BitLocker encryption technology that can protect the data on the laptop, should it fall into the wrong hands. Available in Windows Vista Enterprise and Windows Vista Ultimate, this data-protection tool encrypts the entire Windows operating system volume on the hard disk (including user files and system files) so that the data is inaccessible unless the user provides the right password or biometrics ID. “Any mobile machine must have some sort of full-drive encryption,” says Levy. “A thief may walk away with a $2,000-machine, but nothing else.” Scan it Many laptops now offer a fingerprint reader, so you — and only you — can access your important files and folders. Usually this finger scanner is located near the keyboard or just underneath the laptop’s screen. Many PC manufacturers are offering laptops with biometric security, such as HP, Lenovo, and Sony. Some companies encourage employees to use both a password and biometrics solution. A few third-party fingerprint scanners exist, such a USB-based model from Microsoft, but the Redmond, Wash.-based company suggests this accessory be used for convenience, such as not having to remember many passwords on your favorite websites, rather than to secure your company’s data. Secure it “Another risk,” maintains Levy, “is when the data leaves the machine, such as when you’re using e-mail on your laptop.” Specifically, users should log into the company’s secured network to send messages or files rather than relying on free Web-based e-mail programs. Another issue is fake Wi-Fi networks, set up by thieves in an effort to steal personal, financial, or corporate data. “Most of us think nothing of finding a free service at an airport or hotel, but we may not realize these could be rogue connections set up by criminals to steal our data — it doesn’t take much,” Levy says. That’s why it’s important to use only trusted Wi-Fi networks, such as the hotel’s secured connection.

About 2330 days ago Data Security

Which Anti-Virus Software Should You Use?

Out of all the security programs installed on the company network or end user’s desktop, it’s probably the anti-virus software that’s doing the most to earn its keep. The joint Computer Security Institute/FBI’s 2006 Computer Crime and Security Survey found that overwhelmingly viral attacks remain the greatest source of financial losses and damages to businesses than any other breach in computer security. Losses from all computer security incidents among the survey’s 313 respondents totaled more than $52 million for 2006, down by more than 50 percent compared to 2005, according to the survey. Ninety-seven percent of the companies that responded reported using anti-virus software. Don’t log on without it Some companies tend to get lax about anti-virus software once they’ve installed a good firewall at the network gateway. “No firewall out there is a silver bullet,” says Joern Wettern, co-author of Firewalls for Dummies. “Make sure you have anti-virus software installed on all PCs and check them regularly for updates.” For that reason, easy-to-schedule scans and automatic updating is probably the first feature a business owner would want to look for in an anti-virus program. When it comes to other features, Arabella Hallawell, vice president at Forrester Research, of Cambridge, Mass., who specializes in the security software market, advises clients to be choosier. “The rule of thumb is you should only pay for what you’re going to need within the next 12 months,” she says. “And don’t forget to do a competitive negotiation, regardless of how small your organization is.” Round-up of anti-virus software With that in mind, here is a round-up of just some of the offerings in anti-virus software, ranging from market leaders, Symantec and McAfee, to some of the smaller, more entrepreneurial companies, such as Alwil and Kaspersky. Norton’s AntiVirus Cost: $40 to buy. $30 annual fee. Features: Produced by Internet security giant Symantec, a better question might be: What doesn’t it feature? Norton’s standard version includes a firewall, scheduled scans, scans for instant messaging, as well as bundled spyware, adware and rootkit detection. All those bells and whistles may take a toll on speed however. It’s the one area that got a low rating from Consumer. The professionals don’t seem to disagree. John DeLozier, a network security expert and founding partner of Nply Security, a network security consulting group in Dallas, concedes it’s often the preferred choice of his clients. “But, I find (Norton) too big, too bloated and too intrusive with all the chatty pop-up windows,” says DeLozier. McAfee’s ViruScan Cost: $40 to buy. $40 annual fee. Features: McAfee’s anti-virus software is bundled in with anti-spyware software and a firewall. It features automatic updates and instant message scanning. Other versions include protection for laptops, e-mail servers and file servers. Ben Rothke, director of security technology implementation at AXA Financial and a frequent speaker at industry conferences on network security, says, “I like McAfee. It’s mature. It’s automatic… with any brand, by the time it gets to version 3.0, the differences are going to be minimal at that point.” BitDefender Standard Cost: $30 to download. $20 annual fee. Features: BitDefender is worthy of mention, if for no other reason the critics seem to love it the most. It was recently ranked number one in its class by both PC World and Consumer Reports, who gave BitDefender especially high marks in detection and ease of use. The standard edition features both scheduled scans and scanning for instant messages. It does not include a firewall. Kapersky Labs AntiVirus Cost: $50 to buy. $35 annual fee. Kaspersky, a Russian software company best known in the small business and consumer market, is a little pricier. Wettern says it’s well worth it. “I find it updates very frequently, has great detection rates and is the fastest to react to new threats,” says Wettern. Kaspersky offers standard features like scheduled scans and spyware/adware protection. Additional features, not as easy to find, include laptop power saving, suspended scans during heavy usage and proactive rootkit removal for malware. Alwil’s Avast! Cost: Non-commercial use, free to download. Professional Edition is $40 a year. Features: You can’t beat the starting price. Avast also comes with a high rating from Consumer Reports and features IM scanning and a firewall. One of the unique features includes what Alwil calls a “virus chest.” It’s a folder on the disk drive that is impenetrable to any kind of virus attack, a sort of virtual lock box where sensitive files can be stored and isolated away from the rest of the operating system. Avast may also be a good solution for a small organization that does business worldwide. The software is offered in no less than 20 languages, including Japanese and Russian.

About 2330 days ago Antivirus Software

Which Anti-Virus Software Should You Use?

Out of all the security programs installed on the company network or end user’s desktop, it’s probably the anti-virus software that’s doing the most to earn its keep. The joint Computer Security Institute/FBI’s 2006 Computer Crime and Security Survey found that overwhelmingly viral attacks remain the greatest source of financial losses and damages to businesses than any other breach in computer security. Losses from all computer security incidents among the survey’s 313 respondents totaled more than $52 million for 2006, down by more than 50 percent compared to 2005, according to the survey. Ninety-seven percent of the companies that responded reported using anti-virus software. Don’t log on without it Some companies tend to get lax about anti-virus software once they’ve installed a good firewall at the network gateway. “No firewall out there is a silver bullet,” says Joern Wettern, co-author of Firewalls for Dummies. “Make sure you have anti-virus software installed on all PCs and check them regularly for updates.” For that reason, easy-to-schedule scans and automatic updating is probably the first feature a business owner would want to look for in an anti-virus program. When it comes to other features, Arabella Hallawell, vice president at Forrester Research, of Cambridge, Mass., who specializes in the security software market, advises clients to be choosier. “The rule of thumb is you should only pay for what you’re going to need within the next 12 months,” she says. “And don’t forget to do a competitive negotiation, regardless of how small your organization is.” Round-up of anti-virus software With that in mind, here is a round-up of just some of the offerings in anti-virus software, ranging from market leaders, Symantec and McAfee, to some of the smaller, more entrepreneurial companies, such as Alwil and Kaspersky. Norton’s AntiVirus Cost: $40 to buy. $30 annual fee. Features: Produced by Internet security giant Symantec, a better question might be: What doesn’t it feature? Norton’s standard version includes a firewall, scheduled scans, scans for instant messaging, as well as bundled spyware, adware and rootkit detection. All those bells and whistles may take a toll on speed however. It’s the one area that got a low rating from Consumer. The professionals don’t seem to disagree. John DeLozier, a network security expert and founding partner of Nply Security, a network security consulting group in Dallas, concedes it’s often the preferred choice of his clients. “But, I find (Norton) too big, too bloated and too intrusive with all the chatty pop-up windows,” says DeLozier. McAfee’s ViruScan Cost: $40 to buy. $40 annual fee. Features: McAfee’s anti-virus software is bundled in with anti-spyware software and a firewall. It features automatic updates and instant message scanning. Other versions include protection for laptops, e-mail servers and file servers. Ben Rothke, director of security technology implementation at AXA Financial and a frequent speaker at industry conferences on network security, says, “I like McAfee. It’s mature. It’s automatic… with any brand, by the time it gets to version 3.0, the differences are going to be minimal at that point.” BitDefender Standard Cost: $30 to download. $20 annual fee. Features: BitDefender is worthy of mention, if for no other reason the critics seem to love it the most. It was recently ranked number one in its class by both PC World and Consumer Reports, who gave BitDefender especially high marks in detection and ease of use. The standard edition features both scheduled scans and scanning for instant messages. It does not include a firewall. Kapersky Labs AntiVirus Cost: $50 to buy. $35 annual fee. Kaspersky, a Russian software company best known in the small business and consumer market, is a little pricier. Wettern says it’s well worth it. “I find it updates very frequently, has great detection rates and is the fastest to react to new threats,” says Wettern. Kaspersky offers standard features like scheduled scans and spyware/adware protection. Additional features, not as easy to find, include laptop power saving, suspended scans during heavy usage and proactive rootkit removal for malware. Alwil’s Avast! Cost: Non-commercial use, free to download. Professional Edition is $40 a year. Features: You can’t beat the starting price. Avast also comes with a high rating from Consumer Reports and features IM scanning and a firewall. One of the unique features includes what Alwil calls a “virus chest.” It’s a folder on the disk drive that is impenetrable to any kind of virus attack, a sort of virtual lock box where sensitive files can be stored and isolated away from the rest of the operating system. Avast may also be a good solution for a small organization that does business worldwide. The software is offered in no less than 20 languages, including Japanese and Russian.

About 2391 days ago Computer Security

When a Virus Strikes

A recent survey by the Computer Security Institute and the San Francisco FBI’s Computer Intrusion Squad revealed two very interesting trends when put side by side. Number one, virus attacks are the leading cause of financial losses among cyber crimes committed against U.S. companies. Number two, 98 percent of the companies and organizations polled for the survey say they use firewalls. Ninety-seven percent use antivirus software. Virus attacks happen There’s plenty of preventative advice available to protect business owners from a virus attack and even more security products to purchase. But small businesses, in particular, would be wise to also have a crisis plan in place for what some would argue is inevitable. “Small businesses are more vulnerable to attack,” says Ben Rothke, director of security technology implementation at AXA Financial, a New York-based financial services firm, and the author of Computer Security — 20 Things Every Employee Should Know. Small and mid-size businesses “typically don’t have an IT department monitoring their network 24/7.” Signs of a possible virus attack So what can a company without an IT department do to prepare for the worst? For starters, know enough about viruses to know when the system’s been hit. Computers start crashing all around the office at the same time. One or more computers get flooded with pop-up ads. One or more computers get multiple warning screens from your security software. One or more computers get flooded with strange e-mails that seem to be replicating faster than they can be deleted. The company network slows down to near-standstill. Users are denied access when trying to log in. Respond immediately Once it’s been determined the network’s been attacked, you need to react. “Simply put, responding to a virus is like fighting a fire,” says Devin Jopp, chief technology officer for SCORE, a counseling service for small business owners. Here are some tips for hot to respond to a virus attack. Isolate Shut down all the infected computers and programs that appear to be infected to staunch the spread elsewhere within the network. As an added precaution, Joern Wettern, co-author of Firewalls for Dummies, says “disconnect any part of the system that is critical to your business… it helps to have those areas flagged in advance.” Treat Run your antivirus software. Jopp points out that 90 percent of all viruses can be identified and cleaned up by most antivirus programs. Diagnose In addition to identifying the virus, assess what parts of the network have been hit, the damage inflicted and what it will take to fix it. For more complicated attacks, have a local IT consultant with expertise in cleaning up viruses that can be called in on short notice. “A virus attack on a small business is too critical to let the fix-it guy in the office handle on his own” says Rothke. Learn See this as an opportunity to improve security for the next time. Chances are there’s room for improvement by way of updating software more frequently or training employees to avoid high risk web sites or dubious e-mail, for example. Don’t forget the customers Michael Shaw, California’s assistant state director for the National Federation of Independent Business (NFIB) advocates full disclosure to customers in the event of a virus attack. Employers need to have a plan in place to notify customers in case there is an attack that compromises customer information,” he says. In a growing number of states, companies are required by law to report data breaches to customers. Either way, a business owner may be wise to remember that a lost reputation is much harder to replace than lost data.

About 2391 days ago Antivirus Software

When a Virus Strikes

A recent survey by the Computer Security Institute and the San Francisco FBI’s Computer Intrusion Squad revealed two very interesting trends when put side by side. Number one, virus attacks are the leading cause of financial losses among cyber crimes committed against U.S. companies. Number two, 98 percent of the companies and organizations polled for the survey say they use firewalls. Ninety-seven percent use antivirus software. Virus attacks happen There’s plenty of preventative advice available to protect business owners from a virus attack and even more security products to purchase. But small businesses, in particular, would be wise to also have a crisis plan in place for what some would argue is inevitable. “Small businesses are more vulnerable to attack,” says Ben Rothke, director of security technology implementation at AXA Financial, a New York-based financial services firm, and the author of Computer Security — 20 Things Every Employee Should Know. Small and mid-size businesses “typically don’t have an IT department monitoring their network 24/7.” Signs of a possible virus attack So what can a company without an IT department do to prepare for the worst? For starters, know enough about viruses to know when the system’s been hit. Computers start crashing all around the office at the same time. One or more computers get flooded with pop-up ads. One or more computers get multiple warning screens from your security software. One or more computers get flooded with strange e-mails that seem to be replicating faster than they can be deleted. The company network slows down to near-standstill. Users are denied access when trying to log in. Respond immediately Once it’s been determined the network’s been attacked, you need to react. “Simply put, responding to a virus is like fighting a fire,” says Devin Jopp, chief technology officer for SCORE, a counseling service for small business owners. Here are some tips for hot to respond to a virus attack. Isolate Shut down all the infected computers and programs that appear to be infected to staunch the spread elsewhere within the network. As an added precaution, Joern Wettern, co-author of Firewalls for Dummies, says “disconnect any part of the system that is critical to your business… it helps to have those areas flagged in advance.” Treat Run your antivirus software. Jopp points out that 90 percent of all viruses can be identified and cleaned up by most antivirus programs. Diagnose In addition to identifying the virus, assess what parts of the network have been hit, the damage inflicted and what it will take to fix it. For more complicated attacks, have a local IT consultant with expertise in cleaning up viruses that can be called in on short notice. “A virus attack on a small business is too critical to let the fix-it guy in the office handle on his own” says Rothke. Learn See this as an opportunity to improve security for the next time. Chances are there’s room for improvement by way of updating software more frequently or training employees to avoid high risk web sites or dubious e-mail, for example. Don’t forget the customers Michael Shaw, California’s assistant state director for the National Federation of Independent Business (NFIB) advocates full disclosure to customers in the event of a virus attack. Employers need to have a plan in place to notify customers in case there is an attack that compromises customer information,” he says. In a growing number of states, companies are required by law to report data breaches to customers. Either way, a business owner may be wise to remember that a lost reputation is much harder to replace than lost data.

About 2452 days ago Computer Security

The Malware Mess

Computer viruses have been around nearly as long as personal computers themselves. The first ones to show up “in the wild”–that is, beyond wherever they were created–debuted in the early 1980s, spreading from one Apple II machine to another via shared floppy disks. (A Ph.D candidate coined the term “computer virus” in 1983). In 1988, a Cornell graduate student released the first major Internet virus, a self-replicating program that flooded what was then an academic-research network, disabling several thousand computers. (The student, who insisted the damage was unintentional, received a sentence of probation, community service and a fine.) Over the next decade, as the number of homes and businesses connected to the Internet grew rapidly, so did reports of problems from viruses and other “malware” – malicious software such as worms and Trojan horses. (For a selected sampling of top threats, see Most Memorable Malware.) By July 2006, experts had identified nearly 185,000 different viruses and other threats, according to malware expert Graham Cluely, senior technology consultant for Sophos plc, a U.K.-based British antivirus firm. That’s up from an estimated 80,000 in early 2003. Threats proliferate quickly because as antivirus companies figure out how to eliminate one, several others–often closely related spin-offs–start popping up. What do viruses and other malware programs do? Some replicate themselves, flooding e-mail accounts with so much junk mail that systems slow or shut down. Some modify, delete or move files. Some find and forward important data (such as passwords). Some deposit spyware, adware or other unwanted programs on computer hard drives. More sophisticated ones open “back doors” that allow their creators to take remote control of computers to, for instance, coordinate a widespread attack on a particular website. Some are smart enough to disable antivirus programs. A newer threat, called a rootkit, conceals itself so that it can be run undetected by a computer’s operating system or security software. What’s out there right now? Here are three of the threats most frequently reported to antivirus-software companies, as of July 2006: Sober, debuted in October 2003 (several variants still circulating). Delivered via e-mail attachment. Sends e-mails with forged return addresses; disables anti-virus software. Netsky, debuted in February 2004 (many variants still circulating). Delivered via e-mail attachment. Sends e-mails enabling different functions; some variants cause users’ computers to beep at particular times. Mytob, debuted in February 2005 (many variants still circulating). Delivered via e-mail attachment and network shared spaces; sends e-mails with forged return addresses; turns off antivirus applications, may permit remote access. How much do malware attacks cost businesses? It’s tough to find reliable numbers because there are no universal metrics for calculating damages. But when you figure in reduced productivity, missed business, the cost of software upgrades and the labor expenses associated with cleaning up and protecting systems, you can safely put the overall losses for each major outbreak in the millions. (In a few major cases, analysts set the global economic impact at $1 billion and up.) In 2005 alone, U.S. companies lost $15.7 million to virus outbreaks, according to the 2006 CSI/FBI Computer Crime and Security Survey conducted by the FBI and the San Francisco-based Computer Security Institute. In fact, such attacks accounted for 74 percent of all security-related financial losses–more than system break-ins, stolen hardware or data theft, according to the 11th annual survey (Free download available; registration required). While many of the participants–executives from more than 600 U.S. companies–weren’t willing to estimate how much security problems cost them, those who did reported losses averaging nearly $168,000. Even for smaller organizations, malware can take a toll in terms of productivity: Another research organization, Mechanicsburg, Pa.-based ISCA Labs, says businesses typically lose about nine “person-days” to recovering from every malware incident. How can companies protect themselves against such attacks? Experts recommend that you: Take a big-picture approach. Look at security as a business imperative, not just a “tech problem.” Given ongoing concerns about cyberterrorism, it’s worth encouraging all executives and managers to stay informed about the latest threats. Keep corporate firewalls updated. Make sure that your IT team monitors event logs for early evidence of attacks or intrusions. Invest in maximum-strength antivirus software for every computer, including those used by remote, mobile and contract workers. Insist that employees regularly update the software–or make it happen automatically, if possible. Monitor incoming e-mail with virus-scanning software that deletes infected messages and quarantines spam (which can carry viruses and worms). Make sure both your overall systems and employees’ individual machines get backed up regularly to ensure that critical data is preserved even if original files are attacked. Establish procedures for safe network file-sharing; otherwise, when workers move files between computers, they may inadvertently pass along viruses or worms as well. Instruct employees to remain vigilant about incoming e-mail. The old warning about not opening messages and attachments from strangers still stands. But users should be equally cautious with e-mails that may initially seem to come from acquaintances because malware often spreads by co-opting real e-mail addresses. A weird subject line–one containing misspellings or a reply to a message that the recipient didn’t send—often signals the presence of a virus or a worm. Bottom line: When in doubt, delete.

About 2452 days ago Spyware and Malware

The Malware Mess

Computer viruses have been around nearly as long as personal computers themselves. The first ones to show up “in the wild”–that is, beyond wherever they were created–debuted in the early 1980s, spreading from one Apple II machine to another via shared floppy disks. (A Ph.D candidate coined the term “computer virus” in 1983). In 1988, a Cornell graduate student released the first major Internet virus, a self-replicating program that flooded what was then an academic-research network, disabling several thousand computers. (The student, who insisted the damage was unintentional, received a sentence of probation, community service and a fine.) Over the next decade, as the number of homes and businesses connected to the Internet grew rapidly, so did reports of problems from viruses and other “malware” – malicious software such as worms and Trojan horses. (For a selected sampling of top threats, see Most Memorable Malware.) By July 2006, experts had identified nearly 185,000 different viruses and other threats, according to malware expert Graham Cluely, senior technology consultant for Sophos plc, a U.K.-based British antivirus firm. That’s up from an estimated 80,000 in early 2003. Threats proliferate quickly because as antivirus companies figure out how to eliminate one, several others–often closely related spin-offs–start popping up. What do viruses and other malware programs do? Some replicate themselves, flooding e-mail accounts with so much junk mail that systems slow or shut down. Some modify, delete or move files. Some find and forward important data (such as passwords). Some deposit spyware, adware or other unwanted programs on computer hard drives. More sophisticated ones open “back doors” that allow their creators to take remote control of computers to, for instance, coordinate a widespread attack on a particular website. Some are smart enough to disable antivirus programs. A newer threat, called a rootkit, conceals itself so that it can be run undetected by a computer’s operating system or security software. What’s out there right now? Here are three of the threats most frequently reported to antivirus-software companies, as of July 2006: Sober, debuted in October 2003 (several variants still circulating). Delivered via e-mail attachment. Sends e-mails with forged return addresses; disables anti-virus software. Netsky, debuted in February 2004 (many variants still circulating). Delivered via e-mail attachment. Sends e-mails enabling different functions; some variants cause users’ computers to beep at particular times. Mytob, debuted in February 2005 (many variants still circulating). Delivered via e-mail attachment and network shared spaces; sends e-mails with forged return addresses; turns off antivirus applications, may permit remote access. How much do malware attacks cost businesses? It’s tough to find reliable numbers because there are no universal metrics for calculating damages. But when you figure in reduced productivity, missed business, the cost of software upgrades and the labor expenses associated with cleaning up and protecting systems, you can safely put the overall losses for each major outbreak in the millions. (In a few major cases, analysts set the global economic impact at $1 billion and up.) In 2005 alone, U.S. companies lost $15.7 million to virus outbreaks, according to the 2006 CSI/FBI Computer Crime and Security Survey conducted by the FBI and the San Francisco-based Computer Security Institute. In fact, such attacks accounted for 74 percent of all security-related financial losses–more than system break-ins, stolen hardware or data theft, according to the 11th annual survey (Free download available; registration required). While many of the participants–executives from more than 600 U.S. companies–weren’t willing to estimate how much security problems cost them, those who did reported losses averaging nearly $168,000. Even for smaller organizations, malware can take a toll in terms of productivity: Another research organization, Mechanicsburg, Pa.-based ISCA Labs, says businesses typically lose about nine “person-days” to recovering from every malware incident. How can companies protect themselves against such attacks? Experts recommend that you: Take a big-picture approach. Look at security as a business imperative, not just a “tech problem.” Given ongoing concerns about cyberterrorism, it’s worth encouraging all executives and managers to stay informed about the latest threats. Keep corporate firewalls updated. Make sure that your IT team monitors event logs for early evidence of attacks or intrusions. Invest in maximum-strength antivirus software for every computer, including those used by remote, mobile and contract workers. Insist that employees regularly update the software–or make it happen automatically, if possible. Monitor incoming e-mail with virus-scanning software that deletes infected messages and quarantines spam (which can carry viruses and worms). Make sure both your overall systems and employees’ individual machines get backed up regularly to ensure that critical data is preserved even if original files are attacked. Establish procedures for safe network file-sharing; otherwise, when workers move files between computers, they may inadvertently pass along viruses or worms as well. Instruct employees to remain vigilant about incoming e-mail. The old warning about not opening messages and attachments from strangers still stands. But users should be equally cautious with e-mails that may initially seem to come from acquaintances because malware often spreads by co-opting real e-mail addresses. A weird subject line–one containing misspellings or a reply to a message that the recipient didn’t send—often signals the presence of a virus or a worm. Bottom line: When in doubt, delete.

About 2452 days ago Antivirus Software

The Malware Mess

Computer viruses have been around nearly as long as personal computers themselves. The first ones to show up “in the wild”–that is, beyond wherever they were created–debuted in the early 1980s, spreading from one Apple II machine to another via shared floppy disks. (A Ph.D candidate coined the term “computer virus” in 1983). In 1988, a Cornell graduate student released the first major Internet virus, a self-replicating program that flooded what was then an academic-research network, disabling several thousand computers. (The student, who insisted the damage was unintentional, received a sentence of probation, community service and a fine.) Over the next decade, as the number of homes and businesses connected to the Internet grew rapidly, so did reports of problems from viruses and other “malware” – malicious software such as worms and Trojan horses. (For a selected sampling of top threats, see Most Memorable Malware.) By July 2006, experts had identified nearly 185,000 different viruses and other threats, according to malware expert Graham Cluely, senior technology consultant for Sophos plc, a U.K.-based British antivirus firm. That’s up from an estimated 80,000 in early 2003. Threats proliferate quickly because as antivirus companies figure out how to eliminate one, several others–often closely related spin-offs–start popping up. What do viruses and other malware programs do? Some replicate themselves, flooding e-mail accounts with so much junk mail that systems slow or shut down. Some modify, delete or move files. Some find and forward important data (such as passwords). Some deposit spyware, adware or other unwanted programs on computer hard drives. More sophisticated ones open “back doors” that allow their creators to take remote control of computers to, for instance, coordinate a widespread attack on a particular website. Some are smart enough to disable antivirus programs. A newer threat, called a rootkit, conceals itself so that it can be run undetected by a computer’s operating system or security software. What’s out there right now? Here are three of the threats most frequently reported to antivirus-software companies, as of July 2006: Sober, debuted in October 2003 (several variants still circulating). Delivered via e-mail attachment. Sends e-mails with forged return addresses; disables anti-virus software. Netsky, debuted in February 2004 (many variants still circulating). Delivered via e-mail attachment. Sends e-mails enabling different functions; some variants cause users’ computers to beep at particular times. Mytob, debuted in February 2005 (many variants still circulating). Delivered via e-mail attachment and network shared spaces; sends e-mails with forged return addresses; turns off antivirus applications, may permit remote access. How much do malware attacks cost businesses? It’s tough to find reliable numbers because there are no universal metrics for calculating damages. But when you figure in reduced productivity, missed business, the cost of software upgrades and the labor expenses associated with cleaning up and protecting systems, you can safely put the overall losses for each major outbreak in the millions. (In a few major cases, analysts set the global economic impact at $1 billion and up.) In 2005 alone, U.S. companies lost $15.7 million to virus outbreaks, according to the 2006 CSI/FBI Computer Crime and Security Survey conducted by the FBI and the San Francisco-based Computer Security Institute. In fact, such attacks accounted for 74 percent of all security-related financial losses–more than system break-ins, stolen hardware or data theft, according to the 11th annual survey (Free download available; registration required). While many of the participants–executives from more than 600 U.S. companies–weren’t willing to estimate how much security problems cost them, those who did reported losses averaging nearly $168,000. Even for smaller organizations, malware can take a toll in terms of productivity: Another research organization, Mechanicsburg, Pa.-based ISCA Labs, says businesses typically lose about nine “person-days” to recovering from every malware incident. How can companies protect themselves against such attacks? Experts recommend that you: Take a big-picture approach. Look at security as a business imperative, not just a “tech problem.” Given ongoing concerns about cyberterrorism, it’s worth encouraging all executives and managers to stay informed about the latest threats. Keep corporate firewalls updated. Make sure that your IT team monitors event logs for early evidence of attacks or intrusions. Invest in maximum-strength antivirus software for every computer, including those used by remote, mobile and contract workers. Insist that employees regularly update the software–or make it happen automatically, if possible. Monitor incoming e-mail with virus-scanning software that deletes infected messages and quarantines spam (which can carry viruses and worms). Make sure both your overall systems and employees’ individual machines get backed up regularly to ensure that critical data is preserved even if original files are attacked. Establish procedures for safe network file-sharing; otherwise, when workers move files between computers, they may inadvertently pass along viruses or worms as well. Instruct employees to remain vigilant about incoming e-mail. The old warning about not opening messages and attachments from strangers still stands. But users should be equally cautious with e-mails that may initially seem to come from acquaintances because malware often spreads by co-opting real e-mail addresses. A weird subject line–one containing misspellings or a reply to a message that the recipient didn’t send—often signals the presence of a virus or a worm. Bottom line: When in doubt, delete.

About 3518 days ago Computer Security

TechnoFile: Identity Crisis

By now, you’ve heard that identity theft is among America’s fastest-growing crimes, with nearly 10 million cases last year alone, and you’re probably already taking measures to prevent yourself from becoming a victim. For instance, you use a paper shredder to convert old bills, receipts, and bank documents into confetti. You review your credit-card statements monthly, looking for mystery charges; you obtain your overall reports from the three major credit-reporting agencies annually, looking for accounts you never authorized. You don’t leave personal mail — incoming or outgoing, opened or sealed — sitting in the open where someone could walk off with it. Your best friend couldn’t guess your PIN. You guard your Social Security number like a jealous lover. Congratulations. You’ve taken some big steps toward shielding your own identity. Now how about doing the same for everyone whose personal information is sitting in your company’s computers? After all, an ID hijacker needs only a Social Security number, a birth date, and a few other details to open bank and credit-card accounts in somebody else’s name. Chances are you’ve collected all kinds of confidential data about your employees, contractors, and customers. If you’ve stored it on your systems, it’s vulnerable to theft. Obviously, standard security measures, such as firewalls, provide some protection against cyberthieves. So do commonsense practices. “You can do a lot by just not storing that information” in the first place, says Phebe Waterfield, security analyst for the Yankee Group, a Boston-based technology research and consulting firm. She recommends using something other than Social Security numbers for identifying employee records or customer accounts. And, of course, you should never store confidential data on laptop computers, floppy disks, or CD-ROMs — all easily lost or stolen. But given how quickly ID theft is growing (80% in one year, according to a Gartner Inc. survey, those precautions aren’t enough to safeguard sensitive information. Besides, you may not want to wall off your systems; you probably need to share some information with employees, contractors, clients, partners, and others. Instead, consider developing a comprehensive identity- and access-management campaign. Translated, that means that you provide information access on a “need-to-know” basis. You monitor who’s looking at what. And you verify that all users are who they say they are. Among the technologies used in identity and access management are: Authentication. These tools verify that the user logged on as Webster J. Parker is, in fact, Webster J. Parker. The most common version, the lowly personal password used again and again, won’t deter serious thieves, who can quickly crack the code. More sophisticated options include handheld “keys,” such as smart cards, and “two-factor” solutions, which require both a password and a physical device, such as a token, for access. Single sign-on (SSO). Generally, these solutions let companies provide each authorized user with one secure identity — often a user name paired with a smart card or token — for accessing all company systems. That prevents the out-of-control proliferation of log-in names and passwords that can compromise security. Biometrics. These devices identify users based on unique physical characteristics, such as handprints, retinas, facial features, or voices. Fingerprint and thumbprint readers that can be attached to individual computers are already on the market for less than $100 apiece. However, keep in mind that even legitimate users may object to providing prints or consider a retina scan invasive. And voice and facial-recognition technology are far from foolproof; currently, variables such as laryngitis or eyeglasses can distort the results. Account administration. This practice, often called “provisioning,” refers to managing users’ system-access accounts. That’s far more important than it sounds. Dormant accounts — for instance, those previously assigned to former contractors or ex-employees — can provide loopholes for thieves seeking access to private information. While small businesses can manually add and delete accounts, fast-growing companies may need technology that automates the process. Digital signatures. These e-signatures verify who’s sent a message or signed a document. Because they’re encrypted and include a time stamp, they’re difficult to fake. At this point, it’s impossible to guarantee that any technology can shield people’s identities. Recently, consumer activists and reporters demonstrated just how easily anyone in the know can buy supposedly private information — they effortlessly purchased public officials’ Social Security numbers and personal credit reports from online vendors. Even so, businesses are increasingly being expected to safeguard their customers’ private information — and being held accountable if they don’t. California recently passed a tough new law that, among other things, requires companies to seek customer permission before sharing their financial information and to print only the final few digits of credit-card numbers on purchase receipts. Congress is considering related requirements in its proposed amendments to the 33-year-old Fair Credit Reporting Act. Ultimately, then, taking action to protect your customers may be the best way to protect yourself. America’s Fastest-Growing Crime In September 2003, the Federal Trade Commission released a survey showing that 27.3 million Americans have been victims of identity theft in the last five years, including 9.9 million in the previous year alone. ID theft cost financial institutions, businesses, and consumers nearly $53 billion last year alone, according to the survey. Average loss to businesses was $4,800; the average loss to consumers, $500 — and untold hours trying to recoup their reputations. The Three Major Credit Reporting Agencies Following are the three major U.S. credit-reporting agencies. All sell consumers copies of their personal credit reports. You may be entitled to receive reports at no charge if you’ve been denied credit, if you suspect fraud, or if you live in states that require the agencies to provide you one free copy annually. All three agencies’ Web sites contain extensive information on preventing and responding to personal ID theft. Equifax Inc. Experian Trans Union LLC Gartner Inc. Survey A July 2003 survey by Gartner Inc., the Stamford, Conn.-based research and consulting firm, found that identity theft rose nearly 80 percent between June 2002 and June 2003. RESOURCES Discussion Join the Fresh Inc. discussion on identity theft. Information on preventing, detecting, and responding to personal identity theft: Articles, Publications “What’s Next: They’ve Got Your Number,” column by Robert X. Cringley (Inc., August 2003). CSO magazine: Executive-level articles, white papers, research summaries, and other information. Information Security magazine: Articles, buyers’ guides, e-mail newsletters. Agencies Federal Trade Commission: National Resource for Identity Theft site. Also see the FTC’s ID Theft Data Clearinghouse. Internet Fraud Complaint Center: FBI and White Collar Crime Center’s site providing information for spotting scams and filing compliants. National Infrastructure Protection Center: Computer-related wing of the U.S. Department of Homeland Security. U.S. Department of Justice: Identity Theft and Fraud site: Offers advice on preventing and responding to ID theft. Organizations 101-identitytheft.com: Resources, advice, and links for more information and assistance. American Privacy Consultants PrivacyToday.com offers headlines and information. Computer Security Institute: Conferences, courses, materials, and information on corporate ID theft and other information-security topics. Electronic Privacy Information Center: News, information, and links on privacy-related issues. Fightidentitytheft.com: Resources, advice, and links. Human Firewall Council: Security and ID-management related resources for managers. Identity Theft Resource Center: Resources, comprehensive information, and links, including advice on recognizing scams. Identity Theft University-Business Partnership: Michigan State University School of Criminal Justice project to help businesses secure competitive and personal information. Internet ScamBusters: Tracks and reports on online crime and fraud, include ID-theft schemes. Privacy Rights Clearinghouse Vendors of identity access and management solutions include: ActivCard Corp. BMC Software Inc. Courion Corp. IBM Corp. Microsoft Corp. Netegrity Inc. RSA Security Inc. SystemTools Software Inc. (Hyena Total System Administration) Vasco Data Security International Inc.

About 3732 days ago Computer Security

There’s a Virus Going Around

Note: This is the first in a series of technology updates by former Inc. senior writer Anne Stuart. Future columns will explore topics such as “spam,” videoconferencing, cell phone messaging, and smart business use of online auctions. Slammer. Klez. Bugbear. Bubbleboy. Lirva. Those sound like names for characters in kids’ cartoons, but they’re neither funny nor harmless. They’re computer viruses. And they’re increasingly common. Over the past decade, virus-writers worldwide have created and released about 80,000 viruses, worms, Trojan horses and other “malware” programs, according to Graham Cluley, senior technology consultant for antivirus software vendor Sophos Inc. (www.sophos.com) And about 600 to 800 new variations crop up every month, although, typically, only a few cause widespread or serious headaches. What exactly is a virus? It’s tiny, malicious software program designed purely to disrupt or damage computers. What exactly do viruses do? Some simply display odd messages or images. Many — including the famous Melissa virus — perpetuate themselves by sending infected messages to everyone in a user’s e-mail address book. Others gobble memory or storage space, making systems sluggish. Some corrupt files — for instance, changing spreadsheets or chewing up text documents — or erase them entirely. Some alter Web pages. Some reformat hard drives, block user access, or cause systems to freeze. A few disable security measures or open secret “holes” into computer networks, providing hackers with easy access. Like their biological counterparts, computer viruses can spread fast, attack systems silently, and cause a great deal of pain. In January 2003, the SQL Slammer worm circled the globe in less than an hour, infecting 75,000 computers in 10 minutes. Slammer, which paralyzed computers running Microsoft SQL Server 2000, temporarily shut down South Korea’s telephone system, knocked out thousands of Bank of America automatic-teller machines, and slowed credit-card transactions worldwide. How much financial damage can viruses cause? It’s tough to find reliable numbers about the costs of virus attacks because some effects — for instance, decreased productivity and unrealized business opportunity — are tough to quantify. In addition, many companies simply won’t share information about security-related losses. Following are several ways you can prevent or minimize the impact of virus attacks in your business: Install antivirus software on every computer. That includes laptops and PCs in remote offices. Encourage employees to use antivirus programs at home as well, especially if they use their own computers to connect to your network. In addition, consider protecting e-mail gateways with software that automatically blocks all incoming messages carrying executable code — but keep in mind that those filters may also capture legitimate business communications with harmless attachments as well. Keep antivirus programs current. With new viruses popping up regularly, it’s critical to make sure you’ve got the latest protection. Most leading solutions can be set to periodically update themselves online; you can also do the job manually to respond to new threats. Launch a company-wide prevention campaign. State-of-the-art security measures won’t protect your company unless everyone uses them. A single employee can unintentionally infect the entire network by opening a booby-trapped e-mail attachment or installing contaminated software. Make sure everybody knows and follows these basic virus-prevention procedures: Always delete junk e-mail messages — ads, jokes, chain letters — without opening them. More than 85 % of viruses infect businesses via e-mail, according to the International Computer Security Association’s (www.icsa.net) annual Virus Prevalence Survey released in March 2003. Never open e-mail attachments from strangers. And even those from people you know should be scanned with software that might spot viruses forwarded unintentionally. Be selective about downloading and installing software. Know the source and scan the files before running any new program. Get knowledgeable about pranks and hoaxes. Phony virus alerts waste almost as much time as the real thing. When you get a forwarded e-mail message breathlessly proclaiming some new threat, check it out at Vmyths (www.vmyths.com) or on other virus information sites before responding. Regularly update Microsoft products. Many viruses attempt to exploit vulnerabilities in Windows, Outlook, Internet Explorer, and other products by the giant software empire. Microsoft’s security page (www.microsoft.com/security/) provides alerts, “patches,” and advice for both home and business users. Back up. Back up. Back up. At work, store files on both PC and network hard drives. At home and on the road, copy important files to CDs or floppies. Begin backing up entire systems nightly or weekly, perhaps storing an extra copy of critical information offsite. Look into Web-based storage services such as Connected Corp. (www.connected.com), Easyspace’s Easyarchive (www.easyspace.com/services/easyarchive.html), and Elephant Backup (www.elephantbackup.com). The computer-virus universe changes constantly, with, according to some estimates, about 20 new viruses surfacing every day. You can’t vaccinate your computers against all of them. But with vigilance and commonsense caution, you can strengthen your company’s electronic immune system, making it much more likely to survive an attack. Glossary Antivirus Program: Software that detects and removes viruses from computer hard drives. Such programs must be updated regularly to add profiles for the thousands of new viruses that appear every year; updating can often be handled quickly online. Trojan (or Trojan Horse): A malicious program in disguise, named for the giant wooden gift horse the Greeks used to conquer their Trojan enemies. Trojans appear benign, entertaining, or even useful, but actually conceal viruses that can harm systems. Backdoor.BO (also called Back Orifice) is among the best-known examples. Virus: A malicious software program used to deliberately infect a computer system. Typically, viruses are concealed in existing programs and activated when those programs are executed. Viruses often cause damage by replicating themselves, causing systems to crash, or by attacking or attaching themselves to other programs. Stealth viruses remain hidden or change themselves after executing so that they can’t be detected. Well-known viruses include Melissa and Bubbleboy. Worm: A type of virus that replicates itself and gobbles up computer memory but cannot attach itself to other programs. Well-known worms include Klez.H, LoveLetter (sometimes called “IloveYou”), Bugbear, and Lovgate. Further Reading The following books, all available from Amazon (www.amazon.com) and other booksellers, offer generally easy-to-understand information about computer viruses: Securing the Network from Malicious Code: A Complete Guide to Defending Against Viruses, Worms, and Trojans, by Douglas Schweitzer (John Wiley & Sons, 2002). Offers sound, practical, comprehensive advice from a security expert. Updates provided on a companion Web site. Malicious Mobile Code: Virus Protection for Windows, by Roger A. Grimes (O’Reilly & Associates, 2001). Focuses on defensive strategies. Viruses Revealed, by David Harley, Robert Slade, and Urs E. Gattiker (McGraw-Hill/ Osborne Media, 2001). Explains what viruses are, how they work, where they come from, how to prevent them, and how to deal with them. Includes case studies. Also available as a downloadable, searchable e-book. Resources The following Web sites provide comprehensive information about viruses, worms, and similar threats: About.com Antivirus Software Guide antivirus.about.com/index.htm?terms=computer+virus News, glossary, encyclopedia of hoaxes, links to vendors and other resources. CERT Coordination Center, Carnegie Mellon University www.cert.org/ A wealth of information on all aspects of computer security at work and at home. CNET Virus Alert Center www.cnet.com/software/0-7760531-8-6319437-1.html News on current threats, advice on PC protection, links to free resources, and antivirus software vendors. Computer Security Institute www.gocsi.com Major membership organization for technology-security professionals; Web site contains articles, reports, and links to additional resources about viruses and other security issues. International Computer Security Association (ICSA) Labs www.icsa.net Independent arm of security vendor TruSecure Corp. (www.trusecure.com) offers “vendor-agnostic” testing and research. Web site contains constantly updated virus alerts, white papers, studies, an annual Virus Prevalence Survey, and more. National Institutes of Standards and TechnologyComputer Security Resource Center Virus Page csrc.nist.gov/virus/ Information, links to other resources and antivirus software vendors. Sophos Inc. www.sophos.com/safecomputing Safe-computing advice for both network administrators and individual users. Virus Bulletin www.virusbtn.com Independent antivirus advice, news, profiles, and resources. Vmyths http://www.vmyths.com Supersite for information on virus myths and hoaxes. Vendors Following is a sampling of major antivirus software vendors whose offerings include products, services, and information targeted to small and growing companies: Command Software Systems Inc. www.commandsoftware.com Founded 1984; now part of Authentium Inc. Offers antivirus software for home users, large companies, and small businesses. Web site’s Virus Center includes news, alerts, a glossary, research, e-mail newsletters, and other information. Computer Associates International Inc. www.ca.com Founded 1976. Offers antivirus software for businesses. Web site’s Virus Information Center contains alerts, encyclopedia, and an extensive glossary. McAfee Security www.mcafee.com/ Founded 1989. Offers antivirus and security solutions for home users, large companies, and small and growing businesses. Network Associates Inc., McAfee’s parent company, provides free virus alerts, updates, update on hoaxes, and other information. Panda Software Inc. www.pandasoftware.com Founded 1990. Offers antivirus software for home users, large companies, and small and growing businesses. Web site includes Virus Information Center with virus encyclopedia (including “Top 5″ current threats), hoax updates, tips, and other resources. Sophos Inc. www.sophos.com Founded 1986. Offers antivirus software for companies of all sizes. Web site includes a rich collection of analyses, articles, updates on hoaxes, and alerts, including monthly “Top 10″ virus list. Symantec Corp. www.symantec.com Founded 1982. Offers firewalls, antivirus software, and other security solutions for home users, large companies, and small and growing businesses. Web site provides free virus alerts, library of virus information. Customers can download anti-virus updates from home page. Provides updates on hoaxes. Trend Micro Inc. www.trendmicro.com Founded 1988. Offers network antivirus software and other security products and services. Web site includes virus advisories, encyclopedia, prevention tips, and additional information. Also offers a free online cost-analysis calculator for determining potential financial impact of virus attacks. Send feedback, column ideas, and tech tips to annestuartinc@yahoo.com.