Buddy's Marketing Forum

Buddy · Wed Oct 25, 2006 7:06 pm Protect Your Assets

Protect Your Assets
How can you effectively protect yourself from Internet Attacks?
by Barry R. Pekin
Thursday, November 22, 2001

The Internet is a very powerful tool. With but a mere click of a button, you can share information with people and organizations all over the world. Just a few years ago, this would have been much more difficult, and before that, it was nearly impossible. Unfortunately, as with most things, the more powerful technologies are, the more damaging they can be when used improperly or with malicious intent.

Internet attacks can take several forms. Viruses can infect and destroy your computer. Trojan Horses can lie in hiding to spring up and attack you and others from within your own computer. Denial of Service attacks can prevent you from accessing information on the Internet. And Social Engineering can take advantage of your good nature and lack of education to gain access to systems and information that should remain protected.

The First Line of Defense

The most difficult barrier for an Internet attack to breach is an educated user. While most of the popular Internet attacks are designed to exploit security holes in various software systems, they almost always rely on the user to take the first step that actually launches the attack. If the user keeps the door locked and barred, the attacker stands a far less chance of getting in.

In the past several months, we've seen the "I Love You" and "Melissa" viruses portrayed as virulent attacks that can destroy computers and bring the Internet to its knees. Both of these attacks were distributed via email attachments that exploited security holes in Microsoft Word and Microsoft Outlook. However, they could never have gotten off the ground if so many users would have just deleted them rather than letting their curiosity get the best of them.

Other attacks, referred to as "Social Engineering" take place on a regular basis, and are even popularized in movies. People working in a company where there is restricted access to information resources always rely on their passwords to let them in and to keep unauthorized people out. Unfortunately for us (and fortunately for the hackers), we are often too eager to help out someone in need. While this is a good characteristic in a person, it is a tendency that needs to be controlled where security is an issue. Hackers have recognized that they can call people and feign an urgent need where they require help to gain access to "their information". Quite often they will plea that they can't get in to a restricted site, but if they don't, their boss will fire them. After all, he's about to make a presentation to the shareholders, and if I can't get access to his presentation files to give to him, he's going to flop and it's going to cost the company millions of dollars.

Guidelines for Your First Line of Defense

There are several guidelines you can follow to educate yourself against these types of attacks that prey on your level of trust:

If someone you don't know sends you an email message with an attachment, DO NOT OPEN IT! If you're an advanced user, you may be able to determine that some attachments are completely safe (details to be addressed in another article). If, however, you cannot be 100% certain that an attachment is safe, err on the side of caution, and DO NOT OPEN IT!

If someone you DO know sends you an email message with an attachment, DO NOT ASSUME IT IS SAFE! While getting mail from a trusted source is one step toward trusting an attachment, it isn't enough. Did that person get a virus and pass it on without their knowledge? Where did they get the file? Are they 100% sure it's safe?

Don’t trust all web sites just because they look trustworthy. You can probably trust a download from CNN.com, Microsoft.com, or any of thousands of web sites out there. However, can you trust CNN-Archives.com? It looks like a trustworthy site, but is it really? As of the writing of this article, this URL was not in use. Unfortunately, nothing stops anyone from purchasing the domain name and distributing Trojan Horses to unsuspecting users. Chances are if you got to CNN-Archives.com, you got there from an unsolicited email message. This is the first warning sign that the site you are going to cannot be trusted.

Don’t volunteer too much information. If someone calls you and asks for help, don't start helping them until you can be 100% certain that you're not talking to a hacker. One great trick is to ask the person for a phone number so you can call them right back. Make up a story that you need to bandage a cut on your hand. If they won't give you a number, you have a very good reason to be suspicious.

Defer to the appropriate people. Be wary if someone is bypassing appropriate channels for help and coming directly to you. If your company has an established help desk, they almost certainly have procedures in place to protect the company from such attacks. (If they don’t, bring it to their attention!) If you’re not 100% of the person you’re taking to, don't be afraid to refer them to the appropriate channels. After all, it’s better to be safe, or you might be sorry.

Second Line: Virus Protection

Even with the best education and knowledge at your fingertips, people make mistakes, and viruses can get by your first line of defense. In these cases, you need to have a good automated system watching your computer for attacks. Virus software is a "Must Have" purchase for any computer owner. Virus software watches your computer as you access web sites; download files from the Internet; load files from CDs or diskettes; or take any other actions that introduce new information to your computer. As each file is accessed, the contents are scanned and compared to a database of known viruses. When a virus is detected, the infected file can be quarantined or deleted, protecting your information from potentially serious harm. If you don't have virus protection software loaded on your computer, it's never too late to take that step.

The two most popular virus protection packages on the market today are McAfee (http://www.mcafee.com) and Symantec/Norton (http://www.symantec.com).

Once you have your virus protection software in place, keep it current! New viruses are discovered on a daily basis, and the anti-virus companies are quick to update their software to protect you. However, if you are not keeping your virus definitions current (which normally requires a subscription from the anti-virus software companies), you are at risk of attack from the newer viruses.

Third Line: Firewalls

A third level of protection from hackers is the use of a firewall. Firewalls can be implemented as separate hardware boxes that reside between you and the Internet and protect your computer from unauthorized activity. These hardware firewalls are normally used by companies and only the more advanced (and dare I say, geeky) computer users. Fortunately, there are also "Personal Firewall" programs that run directly on your computer and provide a very comparable level of security.

Firewalls actually watch Internet activity and only permit that traffic which has been explicitly cleared for access. Personal firewalls not only watch actual Internet (and Intranet) activity, they also watch your computer to determine which programs are attempting to access the Internet. Some programs, like your browser and email, will be granted the right to access the Internet. However, other programs (like that Trojan Horse you just downloaded) that attempt to access the Internet will be blocked from doing so, thereby preventing their spread. Firewalls can be a little more complicated to manage, but with a little education, they can become a critical line in your defense.

An excellent (and FREE) personal firewall application can be found at Zone Labs (http://www.zonelabs.com).

Fourth Line: Encryption

Did you know that every piece of email you send out (unless you're ahead of the game and already using an encryption package) can be seen by any number of computers within the Internet that are used to route your email?

The first, and easiest way for your email to be intercepted and read is by people simply looking at it on computers where it passes on its journey through the Internet. When you send an email message from your home computer, you connect to an SMTP server at your ISP (Internet Service Provider). Your email is received by that computer and written to disk. Anyone with access to that computer can now read that message. Now, after your ISP gets it, they're going to pass it along to another computer somewhere. That computer will do the same thing, and someone there will be able to read your email. This happens as your messages hop from computer to computer until they get to their intended recipients.

The second way for your email to be read is through the practice of “sniffing” – where someone will literally watch data (your email) as it is transmitted through computer lines and networks.

You may consider most of your email to be unimportant enough that you don’t care if anyone reads it. After all, who’s really going to care if you need to pick up bread tonight? But think about it. Do you really want would-be hackers to know exactly where you’re going to be? Also, consider the fact that not all of your messages are quite so trivial.

One popular package, PGP, or “Pretty Good Protection” (http://www.pgp.com) provides a very good level of encryption for your email. When you send a PGP encrypted message, it will appear as complete gibberish to anyone who intercepts it. The person you’re sending the message to, however, is able to open and decode your message without effort. This happens because in advance of sending your message, you will have traded “keys” with those individuals you want to send secure mail. These keys provide the information necessary to unlock and decode your message. This takes a little effort to setup, but once it's in place, it works very easily and effectively.

In addition to encrypting your email messages, PGP also allows you to encrypt files on your computer. If you have particularly sensitive information, you can encrypt it directly on your hard drive. If someone were to steal your computer, they still would not be able to access your confidential data. You can also encrypt files on a floppy diskette or CD. If you lose it, or it is stolen, your information is still safe.

One final aspect of encryption is what most people are already familiar with – secure Internet transactions. If you’ve ever visited a web site where you’ve done online shopping or banking, you’ve probably noticed a little lock appearing at the bottom of your browser. This lock indicates that the information being transmitted back and forth between that web site and your browser has been encrypted. Another indication that you’re accessing a web site over a secure connection is that they URL will start with “https” instead of just “http”. Fortunately, your browser supports secure connections automatically – you don’t have to do a thing. You should, however, be aware of it and look for it when you are sending confidential data (such as your credit card information) to a web site. Just as with your email, your web browsing activity can be intercepted or sniffed – unless it is encrypted. If you don’t see the lock, assume your personal information is available for the world to see.

As an added benefit, when you’re conducting business over a secure connection, not only is your information protected from prying eyes, but you can also feel more confident with the owner of that site. In order for a web site to support secure transactions, they must provide proof of their identity to a trusted Certification Authority.

Wrapping it Up

Ultimately, Internet and Information Security is your responsibility. Whether you are working at home or within a corporation, you must take the first responsibility to protect your information assets. Your best lines of defense are:

Education
Anti-Virus Software
A Firewall (and/or Personal Firewall)
Encrypting your information
By taking all of these precautions, you will find that you are protected from virtually any attack that can be launched against you.
*********
This article is old- but I felt it contains alot of valid information. - Buddy

kjdama · Thu Nov 02, 2006 10:36 pm

Some of that information is a little scary to think about! I never realized that email can be intercepted like that!

ebizgold · Mon Nov 06, 2006 3:11 am

Certainly is scary.... These days nothing seems to be safe... I never open an attachment if I don't know who it's from.

Buddy · Fri Nov 10, 2006 5:00 am

It is amazing what people and computers are capable of doing. I am glad to read that it was informative. Buddy

bandit · Fri Nov 10, 2006 3:39 pm

This is good information.

What about spyware protection?

Buddy · Fri Nov 10, 2006 3:50 pm

I personally use Webroot Spy Sweeper.. www.webroot.com
I am sure other members will have ideas as well. Buddy

bandit · Sat Jan 13, 2007 7:56 pm

Well I just had someone get into all my accounts changing passwords on me in some accounts. Took over my yahoo and gmail addresses and changed my profile in yahoo so I can not get it back without this 4 day interigation from yahoo. Easier for the person to get into my yahoo account then for me to get it back. Meanwhile this person is using my yahoo account to change my passwords in payment processors and trying to request money. Only e-gold was easy for them. The rest I caught them in time.

So please make sure that you are secure, I had turned off my firewall to put a program on and did not turn it back on, My brother discovered a guest account was set up on my computer.

It happened within seconds since I was in yahoo when I got an email saying that my withdraw to e-gold is pending. Alarm bells went up as I did not request this. Went to email company only to find that I no longer had access to my Yahoo account or my e-gold account or to that company. Then started checking other accounts finding that passwords were changed.

Never realized that it could happen so fast and if I was not in yahoo at that time it would have been worse.

mizrae · Wed Apr 25, 2007 2:05 pm Other E-Mail Scams

Hi All, I know I'm new here; but I just had to reply to this post. Twice now I was sent messages (one claiming to have come from PayPal and one from Yahoo) claiming that I have either had an unauthorized access attempt or that I had won a sweepstakes. In both cases, it was a fraud look-alike site attempting to get my log in information. I contacted both parties first to see if the e-mails were legit, and guess what, they were not. I am so glad I thought to question these e-mails instead of responding. You are so right about the internet user being educated about these hacker attempts.

kjdama · Fri Apr 27, 2007 11:24 am

wow, bandit- sorry that happened to you. Were you ever able to get your yahoo account back?