By and large, the world is in denial regarding two of our most severe threats: HIV/Aids and information security. While the statistics show unquestionably that Aids will kill many millions of people in the next few years, and that many thousands of companies are at risk from security violations, the reaction to both is so similar that the comparison must be drawn: for the most part, people don`t believe it can happen to them.
Who`s safe? If anti-virus vendor Network Associates` Web sites can be defaced, then surely anyone`s can be?
Ian Melamed, chief technology officer, SatelliteSafe
We know from bitter experience, however, that many people who are not protected and fail to take the necessary precautions will suffer the consequences of HIV/Aids and information security. It truly is only a matter of time.
It`s beyond the scope of this column to caution you regarding HIV/Aids, but I can pass on to you some solid words of advice, as compiled by USA Today, America`s largest-circulation and most popular newspaper. It has provided some sage words on how to practise safe e-mail and thereby reduce the chances of being infected:
1. Don`t open attachments from unknown senders.
2. Be suspicious of mail with attachments even if you know the sender.
3. Don`t open attachments unless absolutely certain of what they contain.
4. Beware of odd subject lines.
5. Be careful of files downloaded from HTML e-mail.
6. Junk mail and chain letters are frequently compromised with viruses.
7. Use an e-mail-capable anti-virus package and keep it up-to-date.
8. Check for vendor security patches at regular intervals, and install them.
9. Make frequent system backups for disaster recovery.
10. Use caution even if the sender`s name is familiar.
Do take care. Viruses really can be prevented, if you exercise common sense.
* There`s a nasty new virus on the loose, and you need to be on the lookout. It`s Romeo & Juliet, which operates more or less along the lines of the Love Bug. Once executed it sends an e-mail to everyone in a recipient`s address book. It arrives as an HTML e-mail containing an executable file, "My Romeo", and a compiled help file "My Juliet". The main difference is that Romeo & Juliet`s code is embedded in the body of the e-mail and it is invoked without user intervention. So watch out for any romantic messages.
* Also causing some havoc is a bunch of screensaver viruses, most notably Hanson.scr. They are sent to you as screensavers, and while they`re running, the actual payload is executing. Others reported are Navidad@M, Happy99/W32Ska@m, MeltingScreen.exe and Backdoor-G.
* Deutsche Bank in London was hit by an unusual bit of computer crime. Thieves last week made off with a small mountain of Sun Microsystems computer hardware, including up to 50 motherboards and I/O boards in a raid on the bank`s "secure servers". Sun equipment has been targeted in a number of crimes, apparently as part of a steal-to-order syndicate.
* There has to be a moral in here - Luciano Pavarotti was declined access to a Sheraton hotel in Italy because he lacked proper identification. He stormed off in a huff and booked in somewhere else. Here`s the bigger picture: if someone as famous as the unmistakable, one and only Pavarotti cannot authenticate himself in the real world, how are we anonymous, amorphous types going to do so in cyberspace?
* It really must be silly season already. The prison ID card of the most famous of all hackers, Kevin Mitnick, is being auctioned off by his father at dutchbid.com. Bidding, when I last looked, had reached $3 000 and was set to close on 9 December. You can also buy one of 25 autographed bumper stickers for a mere $175, or his ham radio for $350. Earlier, the eBay, Yahoo and Amazon auction sites removed the card from their sites. Feel like blowing more than R21 000 on a hacker`s memorabilia?
* And here`s one for the books: a 22-year-old computer hacker has received a one-year suspended jail term in one of Poland`s first computer crime-related convictions. The hacker, identified as Andrzej G, was found guilty of breaking into the system of a local business and destroying files worth R7 000. He proclaimed his innocence, but the court found him guilty and confiscated his hard drive.
* Who`s safe? If anti-virus vendor Network Associates` Web sites can be defaced, then surely anyone`s can be? Web site defacers, terming themselves Insanity Zine Corp, vandalised two of Network Associates` Brazilian-based Web pages. Pages were covered in graffiti including the slogan, "God save the script kiddies". And all of us...
(* Sources: HNN and USA Today)
Share
