UK Signs on For Child Safety – We Say ‘Make it Global!’

By Laura Yecies

Summer is long since over school is well underway, and the realities are starting to set in. Around the world, a new generation of K-5 parents are dealing with a brand-new generational issue in child-rearing – how to keep your kids safe online.

We were Gen-Xers, the so-called slackers who turned out to be pretty ambitious after all. While we didn’t invent the Internet, many of us helped build it into what it is today.

Now, we’ve got to keep our kids safe, without having grown up in the same digital world. Yes, many of us are increasingly tech-savvy (the Internet started showing up in or around our college years, so we’re not completely clueless). But we certainly didn’t have the Net in kindergarten, nor were we building Facebook profiles to at age ten.

Dating back to the old Zone Labs days, all of us here on the ZoneAlarm team have long supported consumer education with our Defend the Net campaign (download the PDF format How to Protect your Family Online guide here http://download.zonealarm.com/bin/media/pdf/defendTheNet_howToGuide.pdf ). But we’re just one voice. Last month, the UK government has decided to undertake a massive effort to provide parents with a single-source guide to protecting kids online. From social networks to anti-malware, this site is expected to be very, very thorough.

More info here:
http://news.bbc.co.uk/1/hi/education/7638492.stm

It’s an honorable effort. But since the problems are hardly directed at the UK, I’d like to propose that this becomes a global effort. We need one source, in many languages, where parents around the world can find out all the information they need to protect kids online.

Currently, in the US, there are a plethora of resources, both public and private. We like www.safekids.org. FEMA has a site too, www.fema.gov/kids/on_safety.htm. As does the FBI: www.fbi.gov/kids/k5th/safety2.htm. And the National Cybersecurity Alliance: http://www.staysafeonline.info/home-quiz.html. And there are others.

Others sites we like:
NetSmartz
www.netsmartz.org

ChildNet International
www.chatdanger.com

Internet Content Rating Association
http://www.icra.org/kids

The New York Public Library
www.nypl.org/legal/safety.cfm

 

Bully Botnets 101

By Laura Yecies

Botnets continue to be the scourge of the Internet, affecting consumers, businesses and ISPs. The Storm worm, which over the past couple of years has created one of the largest known botnets ever and may have infected over a million PCs, is just the tip of the iceberg. The headlines are scary, but we believe it is possible to stay safe.

The first step is to understand the threat. What is a botnet, and how can you protect yourself from becoming a dreaded zombie?

Essentially, a botnet is a bunch of personal and even business PCs that a hacker has successfully compromised (with a Trojan, virus or other “backdoor” malware). Those PCs are referred to as “zombies” or “bots” because they are mindless thugs controlled remotely, used to carry a cybercriminal’s dirty work.

In the past hackers often used botnets to launch distributed denial-of-service (DDoS) attacks against a company, often in some sort of protest (or make a political statement etc). Basically, they wanted to wreak havoc. How did they do it? A hacker might harness the power of all the bandwidth available from thousands (or more) zombie PCs to flood
a company’s servers with random, useless Internet traffic and data packets in order to bring down their Web site or disrupt e-mail/Internet communications. Then they’d brag about it.

Today, botnets are less typically tools of revenge and glory and more often exploited for financial gain. They may be “rented” out to other cybercrooks for sending out masses of spam, or they may be used to serve illegal content such as child pornography – enabling the illegal venture to essentially hide behind an innocent PC user.

Botnets are also exploited to steal financial information (hackers can build up financial profiles of the “people behind the PCs” by spying on online banking, shopping etc and sell the profile on the Internet’s black market), or they’ll use them to distribute spyware like keyloggers to capture sensitive information from even more unsuspecting users.

Now you know what a botnet is and how hackers use them. So how do you know if you could own a zombie PC? Slow, sluggish performance is one sign. Is your Internet connection lagging? Does your PC get stuck at times (and you’ve exhausted all other explanations, like you haven’t run your system maintenance for awhile and you have adequate RAM etc)? Or, when you are doing nothing on your PC, can you hear it “thinking” (IE the processor is working, even when you’re across the room watching TV)?
Does your firewall give you random alerts when you are surfing the Internet?

If you suspect your PC is a zombie, run a virus/spyware scan immediately and remove/quarantine any suspicious applications found. If viruses or spyware are found on your PC, consider changing your passwords and keep an eye on your bank accounts and credit statements. You can also take it a step further and sign-up for an identity theft protection service if you suspect your personal information has fallen in the wrong hands.

How can you prevent your PC from turning into a zombie? Use a full security suite, set your firewall settings to “high”, and make sure you keep your all of your antivirus and anti-spyware definitions/signatures up-to-date. Also, keep your PC’s operating system, plus all other installed software such as your browser, current by installing new
security updates and patches. This simple step can make a major difference, since hackers often install malware through exploits in everyday software.

Have you ever become part of a botnet? I’d love to hear your stories.

Phishing E-Mails Still Clog Inboxes – How Do You Spot ‘Em?

By Laura Yecies

As PC and browser security closes more and more holes, hackers are spending more time and effort finding ways to try to trick you into giving them access to your PC or giving up your personal data.

Phishing, or fraudulent e-mails posing as legitimate messages, remains a popular tactic by hackers. There’s little technical knowledge required to set up a phishing scam. All a person has to do is set up a real-looking Web site and spam hundreds of thousands of e-mail addresses, and wait for an unsuspecting victim.

Bank-related phishing e-mails remain the most popular, because we all notice a message from our bank and are likely to feel a sense of urgency to act. One common format is the “warning” e-mail. Ironically, hackers will base the theme on the premise that your account has already been hacked! One phishing e-mail I recently received came with the subject line, “Suspicious Activity Logged on Your Account – Please Respond Immediately.” The e-mail had very convincing graphics, and sounded alarming. I instinctively knew it was a fake, but because the e-mail did happen to branded with my bank’s name, just in case I called to make sure there were no issues with my account.   If you ever question an e-mail from a bank or credit card institution, just call you bank’s main number (but NOT the one in the e-mail…hackers use fake numbers too).

PayPal and eBay are also common themes used in phishing e-mails. In fact, a week ago I surfed over to Phishtank.com, a reporting site for phishing Web sites. Out of the top 50 most recently reported, 18 were fake PayPal sites, 6 were fake eBay sites, 22 were banks, and 4 were misc (including a fake MSN login Web site and a UK customs site).

There are two new ones that recently showed up in my inbox that I haven’t seen before. The first was from FedEx, telling me that my package was not delivered. Since I had recently sent a package, I was fooled!  Luckily, when it asked me to track the package using my credit card, I wised up and went directly to FedEx.com to track my package (it had been delivered).

The second was from a dating site. The phishers put together a realistic looking dating site and ask you to join. It looks like a scheme to capture your passwords (based on the assumption you use the same or similar passwords for many different sites).

The lesson? Phishing e-mails have not abated. So when you receive a suspicious e-mail in your inbox, be wary. And when in doubt, use the phone. Your bank (assuming it’s still in business!) and other financial institutions won’t mind.

Invisible Clicks – Could a Hacker Hijack Your Curser?

By Laura Yecies

There was a potential threat unveiled at the OWASP AppSec 2008 conference at the end of September, and after a little internal review we believe it worth a warning.

It’s a new kind of browser attack, currently only known to be a proof-of-concept threat (meaning we haven’t yet seen it in the wild). Dubbed “clickjacking,” it highlights the growing focus on the browser as the attack vector of choice for hackers.

According to Gregg Keizer at Computerworld, researcher Robert Hansen, founder and chief executive of SecTheory LLC, and Jeremiah Grossman, chief technology officer at WhiteHat Security Inc. have discovered a way that hackers can trick you into doing virtually anything – reportedly without ever even compromising a Web site.

Here’s the original story:

Security researchers warn of new 'clickjacking' browser bugs
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9115700

While the story doesn’t contain many specific details because the researchers are wisely working with browser and Web technology vendors to fix the flaw, it appears that hackers can set up shop in the middle of your browser and an Internet site and place hidden “click” buttons with various commands. For example, a hacker could place an invisible button over a legitimate link on a Web site, triggering a malicious download or otherwise opening up your PC to attack.

Here’s how the story describes a potential scenario:

"Think of any button on any Web site, internal or external, that you can get to appear between the browser walls," Grossman said in an e-mail on Friday. "Wire transfers on banks, Digg buttons, CPC advertising banners, Netflix queue, etc. The list is virtually endless and these are relatively harmless examples. Next, consider that an attack can invisibly hover these buttons below the users' mouse, so that when they click on something they visually see, they actually are clicking on something the attacker wants them to."

We’re waiting to hear more, and as soon as the POC code is made public we’ll get to work testing and vetting the threat against ZoneAlarm, the Suite and ZoneAlarm ForceField. Our initial assessment is that ZoneAlarm ForceField would provide a key layer of protection, by isolating the attacker in your virtual browser and preventing malicious downloads.  Additionally, your ZoneAlarm Firewall is built with a self-defense mechanism that prevents remote commands from disabling its protections.

Browser security continues to be a very high priority, and we remain committed to helping you surf safely.

Can You Protect Against Badware by Only Allowing the Good?

By Laura Yecies

Last month, Rob Vamosi at CNET wrote a pretty forward-thinking story called “Will you be ditching your antivirus apps anytime soon?” 
http://news.cnet.com/8301-10789_3-9994679-57.html

In a nutshell, some people now believe you could theoretically use pure whitelisting strategies to prevent malware from infecting your PC. The idea is that your computer would only be allowed to run ‘known good’ programs and scripts, and anything else would automatically be blocked. It would give users unprecedented control and even potentially replace traditional antivirus technologies.

At face value, it may seem like a crazy idea. Would it really be possible to deem safe all of the legitimate software programs available today? There are thousands, and between updates and new vendors more every day. But the answer is…maybe.

Today, most A/V and A/S programs work by scanning your PC and checking the files against a database of known bad programs, IE viruses, spyware, Trojans etc. Many also have on-access scanning, checking files for viruses as you download them. And in an extra step, several are also now using sophisticated heuristics to identify similarities between old malware and so-called “zero-hour” malware…meaning that an a/v signature doesn’t yet have to be available to protect you.

On its own, A/V’s effectiveness is valuable but not fool-proof. However, with a good bi-directional firewall as the foundation, the combination provides good solid protection.

The whitelisting debate is particularly intriguing to our ZA folks, because we’ve long believed it to be a very valuable tool in our arsenal of tricks. SmartDefense Advisor, first launched with ZoneAlarm Pro, is a feature in the ZA firewall that unobtrusively checks newly downloaded software against a vast database of both “known good” and “known bad” programs.

ZA Whitelist: Everything tagged as good is automatically allowed and no ZoneAlarm Alert is shown.

ZA Blacklist: Everything tagged as malicious, or on the blacklist, is “killed” and quarantined to prevent damage to your PC, and no alert is shown.

Unknown: With any program that is previously undectected or not in the database, users receive an alert and are allowed to choose to allow or block it.

Currently, over 2 million programs are identified by the SmartDefense white and black lists. How do we find and catalogue new programs, both good and bad? That’s a unique attribute of ZoneAlarm. As a part of SmartDefense Advisor, we launched a program called DefenseNet. Millions of ZoneAlarm users have opted-in to this program to share their everyday security decisions with us. So when a new good or bad program shows up in the wild, and one of these users clicks “allow” or “deny”, we receive notification and can follow up. Our engineers know very, very quickly. It’s like one giant honeypot.

Our OSFirewall works along the same philosophy, except it monitors the communications and actions internally. So if one program tries to access or alter another, the OSFirewall can check the whitelist or blacklist to check and see if that process should be allowed. For example you need Microsoft Word to be able to work in harmony with your keyboard, but a malicious keystroke logger must be blocked.

Pure whitelisting strategies can currently fail in multiple scenarios, but most notably when hackers use packed malware, IE malware hidden within legitimate files or programs. And new software programs are launched every day, and others patched and updated with new features. Code isn’t static. How can all security vendors constantly keep up? True, you can make the same argument for blacklisting…even with heuristics a small percentage of malware can break through current A/V solutions because vendors simply can’t keep the databases fully populated in real time.

BUT, what is more acceptable? A small percentage of malicious programs occasionally leaking through but being caught by other security layers, or legitimate companies being denied the ability to conduct business-as-usual because of vendor delays?

In sum, focused whitelisting is a valuable layer of security. However as things stand, as a solo strategy it is not as effective as a solution that uses multiple layers of protection. Despite some seemingly insurmountable issues, it’s definitely an area that deserves more focus.

Introducing ... ZoneAlarm Internet Security Suite 2009

by Laura Yecies

ZoneAlarm Internet Security Suite 2009 is now here! Congratulations team, and thank you to all our ZA customers who helped in the beta testing to make this our safest, fastest and easiest release to date.

A new UI, improved system efficiency and core security enhancements such as a new-and-improved ID Theft prevention system, rootkit blocking and Early Boot Protection defense all come together to make things easier and more secure for you. You’re protected earlier and better. With One-Click Fix It, it’s now easier than ever to keep your ZA up-to-date against new attacks. You can read more here: http://www.checkpoint.com/press/2008/zonealarm-suite-8.html

It’s always hard to explain to people, even friends and family, what kind of effort and coordination goes into a successful launch. It’s like an orchestra playing Dvorak’s Slavonic Dances from start to finish, with all the different elements playing in concert, ebbing and flowing, building and breaking and on and on.

Rather than regurgitate product features, I thought I might give you a little insight into how a ZoneAlarm product and development lifecycle works. It all starts with our security and product experts. On an ongoing basis, these exceptionally bright and dedicated folks closely watch the threat landscape and brainstorm ways to protect you against new attacks. At the same time, we’re evaluating our current code, looking for places to tighten things up or add incremental value, either from a security or usability perspective.

Our launch scheduling is a little different than the competition. Most security companies have scheduled releases at predetermined times of year (IE a Spring and a Fall release). At ZoneAlarm, we make updates and add features as needed and as available. This reduces unneeded product launches and gives us the flexibility to keep improving the product incrementally on the fly.

So once our security and product teams decide what features are needed to strengthen security, they get to work on creating development scrums (alluding to the old rugby practice of a single team working together to advance the ball…no Hail Mary’s here!). The scrum method allows us to build components and features and be ready to release at anytime. You may or may not have noticed, but it’s not unusual for us to do a software update with minor changes or enhancements. Often, these upgrades go out with very little fanfare but have huge benefits because they can immediately protect against brand-new attacks. You just see that an update is available. We love having this flexibility and not having the rigidity of twice-a-year blowout releases.

When we do have major releases, that’s when the marketing team gets involved. It’s their job to let you know what’s in the product so you can take advantage of it, without getting scared off by some techie lingo. We spend a lot of time trying to make sure we tell our story in a way that makes it easy for you to understand the benefits of a new ZA release.

I hope that helps. We’re very excited about ZoneAlarm Internet Security Suite 2009. We look forward to your feedback!

A Browser Virtualization Primer

by Laura Yecies

What’s the difference between a regular browser and a virtualized browser? Not much that you’d notice, and plenty that you won’t. And that’s the way it should be.

Security should require as little intervention as possible from you. It should instinctively deflect attacks quietly in the background while allowing you to go about your everyday business without interruption or interference.

That’s the goal behind the browser virtualization feature we built as the foundation of the new ZoneAlarm ForceField. In some ways, it’s anti-traditional. It doesn’t scan your hard-drive or filter incoming emails. It’s not actually looking for threats. Browser virtualization allows you to be attacked, but at the same time avoid harm.

But to us, this approach *is* traditional…it’s not unlike the firewall. Like the original firewall (which remains super-relevant even after almost a decade), in a way browser virtualization tricks a hacker into believing something. The firewall stealths ports to avoid random probes hackers may have unleashed on the Internet (ie a hacker may run a port scan on a range of IP addresses to find vulnerable PCs connected to the Internet). Similarly, browser virtualization can trick a hacker into believing the files he seeks to infect through Web-based attacks are simply not there, because they’re partitioned away from the Web session.

That provides a bubble of security that allows you to make mistakes, and flush them away simply by closing the browser. It’s security without the hassle.

Why is it important?

Each time you surf the Web, a number of changes — many innocuous — are made to your OS. For example, when you fill out an online form to become a registered user of a Web site, the site’s server may download a “cookie” onto your PC to allow you to be automatically logged in on your next visit.

But some hackers are using Web sites to deliver malicious software to your PC.

For instance, a keylogger could be automatically downloaded from an infected Web server to your PC to record everything you type and transmit it to cybercriminals. Or a Trojan could be hidden in a video you are trying to watch on a social networking site, allowing a hacker to take over control of your PC and turn it into a “zombie” PC.

How does it work?

ZoneAlarm ForceField diverts all automatic reading and writing attempts as you surf the Web to an emulated, or “pretend” part of the operating system, isolating your “real” operating system from automatic drive-by-downloads and Web-based malware. It’s essentially a reverse-trick.

You may have heard of business-focused PC and data center virtualization solutions from companies like VMWare and Citrix. ZoneAlarm ForceField’s virtualization engine is in a way similar in function to “manual virtualization systems” like VMWare™. But instead of virtualizing an entire image of your operating system and partitioning it like an entirely new “second PC” on a single machine,  ZoneAlarm ForceField uses precision emulation, virtualizing only those parts of the operating system that are written to by Web sites. It also automatically maintains the virtual system it creates.

There is no large installation, significantly less system memory use and associated performance degradation, and no need for you to keep track of two separate operating systems (or even two separate filing systems).

The virtualization engine works in two directions, protecting your PC by writing “unsolicited” downloads to the emulation layer (but still allowing you to intentionally download stuff you want), but also protecting the Web session (such as banking, shopping etc). The “bubble” prevents spyware technologies like keyloggers and screenscrapers that may already lurk on your PC from seeing anything you are doing. It’s like blinding the spyware.

This is a new technology, and we’re already working on our next generation of virtualization technologies. Stay tuned…

Patch Tuesday and ZoneAlarm

by Laura Yecies

It’s now been 2 weeks since the Patch Tuesday mess that knocked many of you offline. Since ZoneAlarm updates have been released, Microsoft has released a revised security bulletin and knowledge base article, and things have largely returned to normal, I wanted to offer you an apology, plus an explanation of events and outline the steps we’re taking to reduce the risk of this happening again.

First, the apology. This should not have happened, and everyone here at Check Point is very sorry for your inconvenience.

What happened? As you probably now know, Microsoft issues new security patches on the second Tuesday of each month for its Windows operating system and Internet Explorer browser. This is called “Patch Tuesday.” Two weeks ago, one of the security updates wasn’t compatible with ZoneAlarm, causing many of our customers to lose Internet access.

(What’s particularly ironic is that we have long tried to tell all of you how important it is to patch your PC as soon as Microsoft releases these updates, and I always try to reiterate that point here in this blog. And I still will – these security updates are critical to your overall PC safety…please don’t allow this experience to change your patching habits.)

But I digress.

In this case, since it was a Windows patch and not an update issued by ZoneAlarm that instigated the crisis, we learned of the conflict from you – through our customer service line, forums etc. Immediately, our engineering team sprung into action, and in less than 24 hours released a new, tested and QA’ed version to resolve it. Our team posted a work-around to the Web site within hours, and our developers in San Francisco worked through the night to create a permanent solution. This is no easy feat, and while I’ve thanked them personally, I also wanted to acknowledge their outstanding commitment publicly.

So here’s what we’re going to do: We’ve assigned a team of top engineers to install any new updates on a new test bed currently being engineered specifically to catch compatibility issues between Windows or Internet Explorer and all ZoneAlarm products. This will happen in real-time on Patch Tuesdays.

In addition, we’re working with Microsoft to try to open up new communication avenues. While it’s not a panacea, more open and coordinated communication is a positive step forward.

Thank you for your understanding, and a special thank you to everyone in the ZoneAlarm user community who helped us spread the word once we had a workaround identified and posted. Your help was invaluable.

Safe surfing,

Laura

Microsoft Patch Update may disconnect you from Internet – how to fix

A message from ZoneAlarm ….

On Tuesday, Microsoft rolled out an automatic update to all of their users.  Unfortunately, this cut off Internet access for anyone on Windows XP or Windows 2000 using the ZoneAlarm firewall.  This is the #1 free firewall in the world, and is also included in other security products sold by ZoneAlarm.

For ways to fix this, go here:  http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html

Or call Customer Service here: 1-877-966-5221

 

 

 

Defining Our Defenses

by Laura Yecies

Here along the 101 corridor in Silicon Valley, technical jargon, acronyms and super-secret code names can at times overwhelm our daily lexicon. But when we launch a new product, it’s our responsibility to leave the techie talk behind and explain how it works in real English. Sometimes, that’s not as easy as it looks.

Take the firewall. It’s not a complicated technology, but when we first launched it almost a decade ago, there were extensive debates about how to describe it to people. In fact, the first edition of ZA wasn’t even called a firewall, it was port management software for enterprise PCs. ZoneAlarm ended up being the first personal firewall and today that core product remains the leader in free firewalls (and is the foundation of almost all of our ZA products). The final explanation not only described our product, but defined firewalls for the entire industry.

More recently, we faced a similar situation. ZoneAlarm ForceField is the first of its kind. True, there have been some basic virtualization attemps (such as GreenBorder bought by Google and discontinued) but they lacked the active security layers anti-phishing and drive-by download security we added and were difficult for consumers to use. Forcefield isn’t a single technology, but a grouping of key features intended to work in concert to ensure a safe, easy, surfing experience.

So there was no established industry jargon, or accepted terminology to help us describe ForceField’s capabilities. There was no naming nomenclature (IE “Internet Security Suite”) to guide us in the branding and marketing. It was a blank slate.

We accepted the challenge enthusiastically as this is one of the most fun parts of a marketer’s job. Everyone in our group was encouraged to give input, especially with coming up with an analogy that related to real life - to better explain the technology to everyday people. Some of the ideas were fun and wacky (May the ForceField Be With You), others were intended to give you a visual picture of how the technology worked. We ended up going in that direction, and two main concepts have endured. The first is the idea that ZoneAlarm ForceField is your browser “stunt double”. It’s you surfing the Internet, but your stunt double takes the hits when a hacker tries to strike. At the end of your session, you can toss away the stunt double browser, keeping the “real you” safe.

The other analogy that we use is the virtual bubble of security – in fact this idea is what gave rise to the product name.  Surfing the Web with ForceField is like surfing in a bubble that you control. Attacks that happen during your session are isolated in the bubble, protecting your PC and keeping your most sensitive data safe. At the same time, malware already on your PC, like perhaps a keylogger, is prevented from spying on anything happening within your surfing bubble, keeping your keystokes, mouse clicks and Web transactions safe from prying eyes. 

I’m not sure either of these two descriptions are 100%, but they’re close. However, we’re always open to ideas, so if you have one feel free to e-mail it over (lyecies@zone.checkpoint.com).

Also, in future posts we will start a series using real-world language to explain *all* the different features in the Suite that protect you, and how they work. We talk about layered security, so these posts will explain each individual feature, how to best use it, and how these different layers work together to help keep you safe from a variety of attacks. Also, please let us know what you think…are the descriptions still too technical? Do you have a better way of explaining it? We’d love to hear from you…

Safe surfing!

Laura

Could you embrace insecurity?

By Laura Yecies

What would you do if the Internet simply couldn’t be secured?

If you believe all the threat reports/analysis/discoveries/warnings frenetically crossing the wires on an almost daily basis, it may seem like the hackers are winning despite over a decade of security innovation. The latest headlines have been enough to make even the most security conscious second-guess their security strategy.

Not that I agree with those gloom-and-doom reports, but I got to thinking…what if someday they were right? What if things deteriorated so badly that security was rendered totally ineffective against the bad guys?

What would you do?

The easy answer…you could unplug altogether. Extreme, but effective I guess.

More likely, you’d have to adapt. Just like people living in rough neighborhoods can’t simply hide indoors with gang wars raging on outside, you’d still probably use the Internet. But in a world with no online security, much of what you do on the ‘Net every day would have to change. You’d have to be extremely wary all the time.

First, you’d have to severely limit your activities to mitigate the risk of exposure.

You’d have to assume as soon as you plug in that squeaky clean brand-new PC, it would be compromised by hackers within seconds (true even today...port scans to random IP addresses can find a firewall-less PC in less than 8 seconds in our testing). So no personal files could be kept on the PC. Ever. You’d probably end up having two …a disposable PC for the Internet and a disconnected PC for any personal computing or storing anything remotely sensitive

Once surfing with the “dirty” PC, you’d have to take extra care to remain totally anonymous. No credit cards, no online banking, no stock trading etc. You couldn’t do anything involving information that could lead back to you in real life. Why is anonymity so critical?

Because the information you transmit over the Internet to bank, shop or conduct other sensitive transactions is the same information that make identity thieves thrive. Either they steal your credit card for immediate purchases or hack into your stock/bank account with your keylogger-captured username and password and transfer out all your funds, or they build a more complete profile of you and sell it in aggregate form on the Internet’s black market for as little as 50 cents. At that point, some unscrupulous identity thief has free reign over your life…s/he can open up new credit in your name, redirect your mail, turn off your utilities, travel in your name etc.

E-mail would remain possible, assuming you were willing to wade through thousands of spam mails a day, but you’d have to set up online e-mails using fake registration information (IE address, phone etc) and a pseudonym. Content would be limited to social and benign topics, because you’d have to assume everything you typed or sent was being read by someone. Same with gaming, social networking etc. You’d have to pretend to be someone else.

Your PC may even be rendered useless, riddled with spyware, adware (remember those pesky pop-ups you so rarely see these days??) and viruses. Hackers may even hold it for ransom. Bandwidth on the Net would be sucked up and traffic would slow to a crawl under the weight on all the DDoS attacks, spam, malicious downloads etc.

And this is just how insecurity on the ‘Net would affect your personal ‘Net life. The implications on corporations would be devastating, potentially grinding the economy to a standstill. Business communications over the Internet would have to be halted, so all of the productivity gains made in the past two decades would disappear overnight. Remember when your credit card was carbon-copy-swiped? The only way to know what hit your account was through the mailed monthly statements. You’d have to go to the bank to deposit your paycheck…no more direct deposit (and it would take days and days to access the money). Phone calls would cost dollars-per-minute instead of pennies, because VoIP networks would be rendered useless. Just the tip of the iceberg.

So, when you put it all into perspective, maybe things aren’t as bad today as some would have you think. Of course, everything isn’t so hunky-dory that you can run around ‘naked’ on the ‘Net, but with a few basic precautions, IE a little ‘Net smarts, a tough firewall, effective A/V+anti-spyware, and browser security, you can stay safe online.

Search Strikes Back…Part 2

By Laura Yecies

(Search Strikes Back, Part #1 here)

 
Search continues to be a major avenue for hacker attacks. This time, existing and potential customers of the uber-exclusive Citadel Investment Group were duped into visiting a cloned site hosted somewhere in China. It’s akin to a phishing attack, except instead of tricking people through e-mail, the hackers used Google…

 
“If you typed "Citadel,""hedge" and "fund" into Google in December, a curious site called "cita del-group.net" popped up. It bore the hedge fund's turreted logo, but the site contained some unique alterations, such as contact information written in Chinese.”

Full story: http://news.postbulletin.com/newsmanager/templates/localnews_story.asp?z=20&a=348547

 
This tactic is one that worries those of us in security, because it takes more than just one product or idea to have a fully effective defense strategy: 

-It takes the vendors, with innovations like ZoneAlarm ForceField to warn you about potentially fake or cloned Web sites appearing on search engines before you fall victim;

-It takes extra diligence on your part and a healthy dose of skepticism when linking to any site that exposes you to financial risk (type the URL yourself instead);

-It takes extreme vigilance from search engines to prevent them from being exploited as a platform for hackers (the days of simply cataloguing any and all Web sites must end…legitimacy must be determined);

-And it requires financial and shopping sites to make security the highest consideration (instead of “managing risk” with ROI calculators).

Search engines are useful and necessary tools of your Internet experience. Armed with a little knowledge and a little technological help, and you can have a safe searching experience too…