Tag Archive for Computer

| July 3, 2012
Comments Off on BYOD Notes

BYOD Notes

90% of Employees Use Personal Devices for Work

90% of Employees Use Personal Devices for WorkA survey by DELL Kace (DELL) found IT managers feel they lack the necessary tools to properly manage BTOD personal devices. In the study, IT managers revealed they are unable to effectively protect corporate data and intellectual property as well as ensure compliance. Help Net Security says key survey findings include:

  • 87% of companies have employees that use a personal device for work including laptops, smartphones and tablet computers.
  • 82% citing their concerns about the use of personal devices for business use
  • 64% revealed they are not confident that they know of all personal devices being used for business purposes
  • 62% specifically concerned about network security breaches
  • 60% reported a greater demand for support of Mac OS X since the introduction of the Apple (AAPL) iPad and iPhone
  • 59% reported their personal devices have created the need to support multiple operating systems (OS’s).
  • 32% revealed employees use unauthorized personal devices and applications to connect to their network

On the governance side:

  • 88% said they believe it is important to have a policy in place to support personal devices, and another 62 percent revealed their organization lacks the necessary tools to manage personal devices.

It’s absolutely essential that IT teams deploy a strategy that provides end-to-end management capabilities on a variety of operating systems to effectively protect networks and address the consumerization and personalization of IT,” said Rob Meinhardt, general manager and co-founder for Dell KACE.

Related articles

Security Monitoring for BYOD Environments

Security Monitoring for BYOD EnvironmentsUnlike other BYOD security solutions that force organizations to install software on every new device, Lancope’s StealthWatch System provides security for any device entering the network, without having to install more software on the device or deploy expensive probes. Help Net Security reports that StealthWatch performs behavioral analysis on flow data from existing infrastructure to deliver end-to-end visibility and security across an organization’s entire network.

Net flow data already exists in network infrastructure devices to monitor network and host activity. Since net flow is already in most network equipment, it provides a cost-effective tool for monitoring mobile devices. The article says flow-based monitoring can uncover external attacks like botnets, worms, viruses or APTs, as well as internal risks such as network misuse, policy violations and data leakage. It can also be leveraged for other efforts including regulatory compliance and capacity planning, and for ensuring high levels of network and mobile device performance.

Related articles

IT is Embracing BYOD

IT is Embracing BYODIT is Embracing BYODCisco says that IT is accepting, and in some cases embracing, “bring your own device” (BYOD). Help Net Security reports that the networking giant found that some of the pros and cons associated with allowing employees to use their own mobile devices on their employers’ networks has become a reality in the enterprise.

The Cisco (CSCO) study BYOD and Virtualization (PDF) found most enterprises are now enabling BYOD.

  • 95% of responding firms permit employee-owned devices in some way in the workplace.
  • The average number of connected devices per knowledge worker will grow from 2.8 in 2012 to 3.3 by 2014.
  • 76% of IT leaders surveyed categorized BYOD as a positive for their companies and challenging for IT.

The survey says employees are turning to BYOD because they want more control of their work experience:

  • 40% of respondents cited “device choice” as employees’ top BYOD priority (the ability to use their favorite device anywhere).
  • Employees’ second BYOD priority is the wish to do personal activities at work, and work activities during personal time.
  • Staff wants to bring their own applications to work: 69% of respondents said that unapproved applications, especially social networks, cloud-based email, and instant messaging, are more prevalent today than two years ago.
  • Employees are willing to invest to improve their work experience. Cisco employees pay an average of $600 out-of-pocket for devices that will give them more control over their work experience the report says.

The article says these findings underscore that BYOD is here to stay, and managers are now acknowledging the need for a more holistic approach, one that is scalable and addresses mobility, security, virtualization, and network policy management, to keep management costs in line while simultaneously providing optimal experiences where savings can be realized.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Tablet computing | Tags: , , , , , , , , , ,
| April 12, 2012
2 comments

What is Malware?

MalwareMost users I talk to about malware seem to use the following terms interchangeably; malware, virus, trojan, keylogger, worm, backdoor, bot, rootkit, ransomware, adware, spyware, and dialer. Raymond.cc offers some standard definitions to clarify the conversations.

MalwareMalware is short for Malicious Software where all the terms above fall into this category because they are all malicious. The different term being used instead of just plain virus is to categorize what the malicious software is capable of doing.

Virus spreads on its own by smuggling its code into application software. The name is in analogy to its biological archetype. Not only does a computer virus spread many times and make the host software unusable, but also runs malicious routines.

Trojan horseTrojan horse/Trojan is a type of malware disguised as useful software. The aim is that the user executes the Trojan, which gives it full control of your PC and the possibility to use it for its own purposes. Most of the time, more malware will be installed in your system, such as backdoors or key loggers.

Worms are malicious software that aims at spreading as fast as possible once your PC has been infected. Unlike viruses, it is not other programs that are used to spread the worms, but storage devices such as USB sticks, communication media such as e-mail, or vulnerabilities in your OS. Their propagation slows down the performance of PCs and networks, or direct malicious routines will be implemented.

Key loggerKey loggers log any keyboard input without you even noticing, which enables pirates to get their hands on passwords or other important data such as online banking details.

Dialers are relics from a time when modems or ISDN were still used to go online. They dialed expensive premium-rates numbers and thus caused your telephone bill to reach astronomic amounts. Dialers have no effect on ADSL or cable connections, but they are making a comeback with mobile devices and QR codes (I covered Attaging here).

BotnetBackdoor / Bots is usually a piece of software implemented by the authors themselves that enable access to your PC or any kind of protected function of a computer program. Backdoors are often installed once Trojans have been executed, so whoever attacks your PC will gain direct access to your PC. The infected PC, also called “bot”, will become part of a botnet.

Exploits are used to systematically exploit vulnerabilities of a computer program. Whoever attacks your PC will gain control of your PC or at least parts of it.

Spyware is software that spies on you, i.e. collect different user data from your PC without you even noticing.

AdwareAdware is derived from “advertisement”. Besides the actual function of the software, the user will see advertisements. Adware itself is not dangerous, but tons of displayed adverts are considered a nuisance and thus are detected by good anti-malware solutions.

Rootkit mostly consists of several parts that will grant unauthorized access to your PC. Plus, processes and program parts will be hidden. They can be installed, for instance, through an exploit or a Trojan.

Rogues / Scareware are also know as “Rogue Anti-Spyware” or “Rogue Anti-Virus”, rogues pretend to be security software. Often, fake warnings are used to make you buy the security software, which the pirates profit from.

RansomwareRansomware “Ransom” is just what you think it is. Ransomware will encrypt personal user data or block your entire PC. Once you have paid the “ransom” through an anonymous service, your PC will be unblocked.

There are different categories of malware the author says that most of the malware today combines different kinds of malware to achieve a higher rate of infection and giving more control to the hacker. Most malware is invisible that runs silently without your knowledge to avoid detection except for ransomware and adware.

Using “virus” as a catch-all phrase to include all types of malware is no longer right. The correct word to use should be malware. However, don’t expect the big anti-virus companies to rebrand their products to Kaspersky Anti-Malware or Bitdefender Anti-Malware because doing that may risk losing their brand identity even if they do offer a complete anti-malware solution.

The blog says it doesn’t mean that you’re safe if you don’t see it so it is important to run an anti-virus software from reputable brands such as Kaspersky, ESET, Avast, Avira, AVG (at one time AVG was installing a Yahoo toolbar without notice) MSE together with a second opinion anti-malware such as HitmanPro, Malwarebytes Anti-Malware, and SUPERAntiSpyware. As for Emsisoft Anti-Malware, it comes with its own Anti-Malware engine and Ikarus Anti-Virus Engine.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| March 13, 2012
2 comments

Detroit Safest Online City Again

Detroit Safest Online City AgainNorton, the anti-virus arm of Symantec (SYMC) teamed up with research firm Sperling’s BestPlaces to rank US cities based on a number of cybercrime risks and they found Detroit the safest online city for 2012. I wrote about Detroit’s 2011 ranking here.

DetroitBert Sperling, lead researcher for the analysis said, “By looking at data from consumer lifestyle habits as well as cybercrime data provided by Symantec, … we’re able to provide a holistic view of the various factors that put a person at potential risk.

The Huff Post reports that the study looked at the prevalence of Internet use in addition to the types of risks users face online. Consumer statistics include the number of PCs, use of smartphones, the use of social networks, e-commerce, and accessing potentially unsecured Wi-Fi hotspots. BestPlaces also looked at the following cybercrime data: bot-infected computers located within a specific city, attempted malware infections, spamming IP addresses found within a specific city, and web attacks originating within a specific city.

Wi=FiSymantec says Detroit had low scores in the number of Wi-Fi hotspots, potentially risky online consumer behavior, and PC expenditures. Other low-ranked cities include Tulsa and El Paso.

Users are at most risk for cybercrime in the following cities:

1. Washington
2. Seattle
3. San Francisco
4. Atlanta
5. Boston

SymantecWith the explosion of smartphones, tablets, and laptops in recent years, and the rise of apps and social networking sites, our online and offline lives are blending together in ways that we’ve never before experienced,” said Marian Merritt, Norton Internet Safety Advocate. “…this analysis highlights the potentially risky factors we face each time we go online. By taking a few simple precautions now, people can make sure they stay protected against online threats.”

Greg Donewar, manager of the National White Collar Crime Center told Huff Post,… over the past year, we’ve seen a considerable increase in cybercrime attacks, and whether a person lives in the riskiest online city or the safest, consumers everywhere need to be aware of the inherent dangers of online activity.

rb-

Forbes says that cyber-crime is a $37 billion crime that affects 1 in 25 Americans. Take these steps to protect yourself online:

Create better passwords. Avoid passwords like password, 123456, qwerty, abc123, or monkey, these are the top most common passwords (I have been writing about weak passwords for since 2010). Forbes says your first line of protection against cybercrime is to make sure all of your passwords follow these rules of thumb:

  • At least eight characters
  • A mix of these four types of characters: upper case letters, lower case letters, numbers, and special characters
  • Not a name, slang word, or any word in the dictionary
  • Don’t keep the same password; change it every six months
  • Have uniquely different passwords (not just slight variations of the same password) for every account and site

Monitor your financial accounts. If you shop online, use online banking, or have any personal or financial information available online, you are at risk of finance-related crimes like identity theft and fraud which Huff Post says costs the average victim $631 in out-of-pocket costs. Forbes says that one of the easiest ways to protect yourself is to monitor your credit to detect any red flags early. They recommend users set up spending limit alerts on credit cards and checking accounts to keep tabs on your balances. Automatically monitoring for suspicious activity and fraudulent accounts helps catch costly identity theft and fraud immediately.

Lockdown your smartphone. If you use your smartphone to shop, spend, socialize, and surf, your phone’s sensitive information essentially becomes a one-stop shop for cybercriminals. Forbes says if stolen or exposed to thieves, your smartphone can compromise your personal and financial information anytime and anywhere. Here’s a quick five-minute checklist from Forbes on how to properly secure your mobile phone:

  • Password-protect your phone with a complex and unique password, and set your phone so it auto-locks and never saves any passwords.
  • Enable a service with remote tracking. You can also set your phone to automatically wipe your data if your phone password is inputted incorrectly several times.
  • Turn Bluetooth off if you’re not using it. Thieves can pair their Bluetooth device with yours and hack personal information.
  • Be careful on public Wi-Fi networks where thieves can remotely access your data undetected. Only connect your phone to secure networks.
  • Before downloading any apps to your phone, always do a quick search to make sure it comes from a legitimate site or publisher. Check user reviews on sites like appWatchdog for complaints.
Related articles
  • Why you should password-protect your smartphone (ctv.ca)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| March 4, 2012
Comments Off on 1963 Short From Muppets Jim Henson for Bell System

1963 Short From Muppets Jim Henson for Bell System

1963 Short From Muppets Jim Henson for Bell System In the wake of the recent The Muppets movie, AT&T (T) re-discovered a film by Muppets creator Jim Henson. He created the film for The Bell System nearly 50 years ago. CNet author Edward Moyer says the film gives a hilarious glimpse of Mr. Henson’s earlier days – and of the youthful years of computing.

AT&T posted the 1963 short “Robot” on the company’s ATTTechChannel section on YouTube, addresses the anxiety felt by humans in regard to machines and computers. The article says the film was “made for an elite seminar given for business owners, on the then-brand-new topic–Data Communications,” AT&T explains on the YouTube page. And the company continues:

The organizers of the seminar, Inpro, actually set the tone for the film in a three-page memo from one of Inpro’s principals, Ted Mills, to Henson. Mills outlined the nascent, but growing relationship between man and machine: a relationship not without tension and resentment….”

Displaying his mastery of slapstick, comic timing, and sound effects, Henson uses his humorously menacing star, “Computer H14,” to reassure viewers that they need not be alarmed: humans remain in control according to CNet.

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| June 25, 2011
Comments Off on 40 Years of Malware – Part 2

40 Years of Malware – Part 2

40 Years of Malware - Part 22011 marks the 40th anniversary of the computer virus. Help Net Security notes that over the last four decades, malware instances have grown from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Fortinet (FTNT) marks this dubious milestone with an article that counts down some of the malware evolution low-lights.

The Sunnyvale, CA network security firm says that viruses evolved from academic proof of concepts to geek pranks which have evolved into cybercriminal tools. By 2005, monetization of the virus scene was underway and almost all viruses developed for the sole purpose of making money via more or less complex business models. According to FortiGuard Labs, the most significant computer viruses over the last 40 years are:

See Part 1 Here – See Part 2 Here  – See Part 3 Here  – See Part 4 Here

1945 – A Bug is Born –  Grace Murray Hopper, a researcher at Harvard, notes a system failure and finds a moth trapped in relay panels.

1949 – Self-replicating programsJohn von Newman a researcher from Hungary published the theoretical base for computers that store information in their “memory”.

1962 – A group of Bell Telephone Labs researchers invents a game that destroys software programs.

1971 – The Creeper Virus appears on ARPANET, the forerunner of the Internet. It replicates itself and displays a message: “I’m the Creeper: Catch Me if You Can.”

1974 – The Wabbit – was a self-replicating program, that made multiple copies of itself on a computer until it bogs down the system to such an extent that system performance is reduced to zero and the computer eventually crashes. This virus was named wabbit because of the speed at which it was able to replicate.

Apple IIe1981 – Elk Cloner – the first widespread virus on the Apple (AAPL) II platform, spreads by the floppy disk and infects boot sectors, generating messages and impairing performance.

1983 –  The term “computer virus” comes into vogue after Professor Len Adleman at Lehigh University demonstrates the concept at a seminar.

1986 – The Brain is the first global epidemic on the PC platform and shows businesses and consumers are clueless about protection.

1987 – Jerusalem virus – On any Black Friday (Friday the 13th), it would delete any programs that were run, instead of infecting them, so it simply couldn’t be ignored,” Roger Thompson told News.com, Australia. “You couldn’t throw away your hard drive, and reformatting it didn’t remove the virus,” the chief research officer for AVG said.

BSD Daemon1988 – The Morris worm – created by Robert Tappan Morris, infects DEC VAX and Sun machines running BSD UNIX connected to the Internet and becomes the first worm to spread extensively “in the wild”, and one of the first well-known programs exploiting buffer overrun vulnerabilities.

1990 – Chameleon– the first documented polymorphic virus, malware that adapts and changes to avoid detection.

1992 – Michelangelo – was expected to create a digital apocalypse on March 6, with millions of computers having their information wiped according to mass media hysteria surrounding the virus.  Later assessments of the damage showed the aftermath to be minimal.

1995 –  Concept – the first Macro virus attacked Microsoft (MSFT) Word documents.

1996 – Laroux – the first Microsoft (MSFT) Excel virus, appears in the wild.

1999 – The Happy99 worm – invisibly attached itself to emails and would display fireworks to hide the changes being made then wished the user a happy New Year. It modified system files related to Microsoft (MSFT) Outlook Express and Internet Explorer (IE) on Windows 95 and Windows 98.

1999 – The Melissa worm targeted Microsoft (MSFT) Word and Outlook-based systems, and created considerable network traffic.

rb-

Back in the day, I had to deal with both Happy99 and Melissa, as well as the occasional Stoned. Melissa was the easiest to deal with since I was running a GroupWise shop at the time, once the news spread, we just pulled the Cat5 from the GWIA and we saw minimal blowback. Let’s hear it for technological diversity.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »