Innovative Security Solutions

Protecting Digital Frontiers

Security 101

 
Security by definition instills a sense of protection and comfort, however the methodology and implementation frequently is not achieved by the average user on the Internet. This is not always due to a lack of understanding but rather a sense of anonymity by being in front of a keyboard and mouse rather than in a room full of people.

 

For example:· If an individual were to be in a public place and a stranger were to approach him and ask for personal information, the most probable response would be to go away. However many times people have a general sense of comfort divulging their life story on the Internet which essentially is a world wide exhibit to be seen by all.

 

It is important to familiarize oneself with some of the more prevalent attack vectors in the wild on the Internet today.
  • Phishing ( pronounced "fishing") : Phishing is a scheme where someone sends you an carefully crafted email or link to a website that convinces you to enter personal information thereby tricking you into divulging private information to an unknown source.
  • Spyware and Malware : Spyware is a form of information gathering software that collects information from a computer without the user's knowledge. While some spyware can be non harmful some forms can be classified as Malware which can be harmful to the user. Common forms of Spyware / Malware include keyloggers and other software that can possibly even remotely control the infected computer.
  • Viruses / Trojan Horses : Viruses are carefully crafted programs that target specific operating systems in an effort to disrupt the normal operation of a computer system and possibly install a payload to the victim machine. Many times the payload that is left behind appears to be benign to the end user, however, similar to Greek history, the benign program in fact has a malicious payload that may compromise the host machine and cause further harm.
  • Crypto-ransomware : Crypto ransomware such as Crypto-locker and variants can cripple a network quickly. The malware goes throughout your computer ( and networked computers ) and encrypts all the files it finds with a secret key. Once the encryption is finished it warns the owner that unless a ransom is payed to de-crypt the files, the secret key will be destroyed and the encrypted data will be lost forever.

Mitigation of these threats is achieved via effective use of both hardware and software that is properly configured to prevent such malicious software from entering a network and infiltrating machines. Additionally staff training is also an essential part of the process to ensure that employees do not get tricked into divulging sensitive information.