Editor : Martin Simamora, S.IP |Martin Simamora Press
Rabu, 04 Mei 2011
Cyber Security : The top 10 online threats
1 CHARLIE SHEEN MALWARE INFECTIONS
PROBLEM: The American actor is all over the news – and according to Anup Ghosh, founder of web protection service Invincea, his name leads to more malware infections that any other search term. Hackers manipulate search results so that when you click on a link, your computer is compromised.
SOLUTION: Avoid searching for popular cultural icons, since hackers use those terms as a honeypot. Otherwise, use a browser that spots them, such as IE9.
2 MAN-IN-THE- BROWSER
PROBLEM: First of all, there is no actual man in your browser. Instead, this technique involves a small Trojan virus that infects your computer when you visit a site. Then, when you go to use an online banking portal, the man-in-the- browser captures the data stream to steal your account information. In some cases, the deadliest Trojan horses can actually intercept bank transfers.
SOLUTION: One of the best defences is to avoid internet transfers altogether. If you must do them, use a malware-sniffing agent beforehand.
3 CONTENT FARMS
PROBLEM: You search for some innocuous term such as ‘Swiss Alps’ and click on one of the first links. The site looks legitimate: there’s a picture of the mountains and some text about what to do when you visit. But these content farms pull images and text from other sites, bait the search engines with optimised programming and then slam you with banner ads and text links that lead to malware sites.
SOLUTION: Learn to identify these fake sites, which often use bland colour schemes, simple font arrangements and no corporate branding.
4 FRAUDULENT BANNER ADS
PROBLEM: In February, the London Stock Exchange site served up banner ads that contained malicious malware, infecting thousands. Since reputable sites often use third-party ad networks, in this case the UK ad service Unanimis, then in turn serve up third-party ads from unknown advertising, it’s often diﬃcult to track where the ads originated and what damage they can cause.
SOLUTION: This practice of malvertising is extremely diﬃcult to eradicate since it has so many co-dependencies.
5 TRACKING YOUR WEB VISITS
PROBLEM: Cookies are the bane of the web, as these small software nuggets can track what you do. When you visit a site, they are installed without your knowledge.
SOLUTION: In the US, new Do Not Track legislation will force those who run web servers to protect against cookies. Private industry has also taken action: in Firefox 4, you can enable a Do Not Track feature that warns you about sites that distribute cookies and can block them. And Internet Explorer 9 includes a Tracking Protection feature that blocks cookies.
6 TRACKING PERSONAL DATA
PROBLEM: Sites such as Spokeo. com are notorious for doling out personal information to anyone with a PayPal account: once you register, you can look up the income of your neighbour, see if your boss has been divorced and even check the religious views of a co-worker. In the US, the Federal Trade Commission has reported that there is an oﬃcial complaint against Spokeo.
SOLUTION: None. Hundreds of sites track personal information, some legitimately. Security experts argue that personal data on the web is part of living in the digital age.
7 THE REPLY-ALL EMAIL FEATURE
PROBLEM: One of the most well- known features in Gmail and Yahoo! Mail is causing serious productivity loss: the reply-all button. As Simpler Consulting vice president Tim Whitmore notes, it causes workplace slowdowns because in the vast majority of cases there is no need to include everyone.
SOLUTION: The simple solution, Whitmore says, is to think about who really needs to know about the dialogue and include only those recipients. “If the email chain is getting out of hand, don’t be afraid to pick up the phone,” he adds.
8 DISABLING THE BROWSER BACK BUTTON
PROBLEM: Some advertisers have figured out how to inject code into your browser or a website and have disabled the back button, which is what you use to return to a previously visited site. The advertisers then inundate you with banner ads, play annoying music and disrupt your web travels.
SOLUTION: The only solution, other than avoiding sites that look questionable, is to look for the close box or click a bookmark to visit a different site.
9 STOLEN BUSINESS INTELLIGENCE
PROBLEM: If the WikiLeaks documents reveal anything, it is that nothing is safe on the web. As Invincea’s Ghosh explains, stolen business documents could lead to serious breaches – not just at a government level, but in corporations as well. “This is more than just a web annoyance,” says Ghosh, citing the Night Dragon and Aurora cyber attacks used by criminal gangs to steal corporate intellectual property.
SOLUTION: Companies should take precautions to protect data. Web browsing is not for the faint of heart.
10 POORLY DEVELOPED SITES
PROBLEM: Another annoyance has to do with the poor programming skills of web developers. As ProSite Web Design president Tom Warthen explains, headaches arise from errors on web pages, poor programming routines, broken links at a website and slowdowns caused by programming shortcuts. Forrester Research reported in 2009 that nearly half of all website visitors expect a page to load in two seconds or less.
SOLUTION: Warthen says better programming, especially using the latest Java controls, can help reduce errors.