It seems that the article had a good number of visits, but at the same time I saw that I kept receiving more and more spam of this kind. CLICK HERE FOR THE ORIGINAL ARTICLE.

Almost all of the emails were coming from people in my list. That is because these contacts had their computers infected with malware that was distributing these messages. Many of these sites have not found themselves in the “black lists” of anti virus software companies.

A new threat on the block is http://why-do-they-block.com/ (ATTENTION !!! DO NOT FOLLOW THIS LINK)

The domain name is registered to a Chinese name and address , and if you have been a victim of this site, here are the details they have registered (found through a public domain WHOIS service)

The Data in Paycenter’s WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration record.

Administrative Contact:
Name : Lrq Meu
Organization : Lrq Meu
Address : BaoChun Rd. 623, No. 04, 1F, Apt. 3350
City : Bejing
Province/State : Beijing
Country : CN
Postal Code : 100176
Phone Number : 010-010-01245857-01245857
Fax : 86-010-01245857-01245857
Email : bnneevp@126.com

A lot of tempting messages out there, promising you that you that by logging into a website, using your Hotmail email and password, you can find out who has blocked you on MSN,

The temptation is high for people who suspect that they have been blocked by friends, ex or potential partners.

Once you are tempted, giving away your Hotmail password is just a click away. But what do you get in return? The answer is simple: disaster.

Once you press the SIGN IN button, your email and password are emailed to the person who has set up the trap. They receive your details, and immediately they log in to your email account, change your password and your security questions. You do not realise what happens at the beginning but in a few minutes you see that you are disconnected from MSN Messenger. You try to login and your password is not recognised. Your next instinctive move is to go to the Hotmail website. You get there but you are signed out. You try to sign in again and you get the same error message: your password is not recognised.

Photo 1. Phishing Warning from PC GUARD.

Most Internet Service Providers (ISPs) have updated protection and databases that contain all reported web forgery. The screenshot from Photo 1 is a typical example of a Pc Guard warning. But the responsibility also lays with the user. It is YOUR responsibility to install an up to date Firewall and anti-virus suite. The antivirus suite must have more than the old traditional antivirus.

In our days, the acceptable setup for such a suite would include :

• Anti Virus (for viruses)
• Firewall (for attacks from the web)
• Anti Spyware (protection from stealth spyware code)
• Identity Theft Protection (protect your identity and login details)
• Parental Control (to restrict and control your children’s access)
• Privacy Manager
• Pop Up Blocker

Photo2. A phishing login page in French.

Photo 3. A typical login page of an MSN Messenger phishing scam.

The phishing websites are very often different from the Messenger login, but carry similar logos and colours. Sometimes the web page is almost identical to that of Yahoo! Or Hotmail or any other webmail platform. If that is the case, the easy way to check the validity of the site, is to look at the URL (address) box on your browser.

For Hotmail, the address should look something like:

http://mail.live.com/default.aspx?wa=wsignin1.0          

and for Yahoo something like this:

http://uk.yahoo.com/?p=us

 where “uk” is relevant to the country you are in (i.e. I am in the UK).

You may ask “why would somebody want your email account”?

There are actually more than one answers to this question; and none of them is any better than the other.

1. In your account you are bound to have kept emails with login details to websites like PayPal.
2. You might have stored “draft” messages with login of your internet banking.
3. You might have sensitive information stored in your account
4. You might need your account urgently so you will be vulnerable to blackmail. If you wonder how will the contact you if you do not have access to your account … the answer is simple. You might have another email address in your account (as alternative email for security) and if you do not, they just login to MSN or Yahoo Messenger and inform your friends!

Once again the key word in protecting yourself is common sense.

1. Do not follow links that look suspect (even if it is from people you know).
2. Do not click on links from emails coming from people you do not know.
3. Do not be tempted to put your email and password to any website. You will just lose your email account.
4. Do not save your webmail, PayPal and e-banking addresses in your Favourites. They may be altered by malware and lead you straight into a trap.

In my professional capacity I see way to often people who lose their email accounts, or people whose computers are infected, and they have no idea about it. It is easier for someone else to spot it, since I receive spam messages from their accounts.

Do not be a victim. Keep your login details safe, and never click on anything that is tempting.

Read more updates on this article by clicking here.

The problem starts with the fact that Nigeria is not on Paypal’s list of countries which can be found here.  It is purely speculation on my part but I would guess it is due Nigeria’s laws, combined with the amount of fraud coming out of Nigeria.

However, if you absolutely must have access to a Paypal account, and use it in Nigeria, here are a few steps you need to take.

1. You must obtain a US proxy IP address
2. You must obtain a US mailing address
3. You must obtain a US issued Debit/Credit card account
4. Make sure the card has the US address for billing

You may use Google to get any info you might need on where to obtain these things.

Also you should use Google to learn how to use a proxy IP if you don’t already know how to do that.

Now you can register for an account using the proxy, and US card, and US address.  Paypal will verify your account via email, and by making a couple small deposits, you will need to know the amounts.

Once that is done, you will have a verified Paypal account.

Never, under any circumstances allow someone else to use your account, or give account details to anyone.  It is estimated that there are over a quarter million people involved in internet fraud in Nigeria. 

Never allow the use of your account by someone else for purchasing, or receiving money, or any purpose.

Be safe, not sorry.

Whether they get the cookies on your computer by an annoying popup or by a simple banner ad, they can track your presence on the internet without trouble. Here are a list of the hard hitters of ads and online tracking:

aCerno
Advertising.com
Akamai
AlmondNet
Atlas
AudienceScience
BlueKai
BlueLithium
Burst Media
Collective Media
Dedicated Networks
eXelate Media
FetchBack
Fox Audience Network
Google
interCLICK
Lotame
Mediaplex
Media6degrees
Mindset Media
NextAction
Quantcast
richrelevance
Safecount
SpecificMEDIA
Traffic Marketplace
Tumri
Turn
24/7 Real Media
Undertone Networks
ValueClick Media
[x+1] (formerly Poindexter Systems)
Yahoo! Ad Network
TACODA Audience Networks
Tribal Fusion

All of which legally have to allow for an end user to opt-out of tracking. Opting out from each company individually is effective but takes forever (they don’t want you to). However, an online organization against user tracking has set up an easily accessible, across-the-board opt-out feature. This organization also allows you to see which companies you are currently being tracked by.

I hope that you guys can all untrack yourself by the above method or by doing all of them individually.

Goodluck!

The current set-up of the fraudulent ads may be found in the flat for rent offers. The ads promise the rent of a flat or house in the centre of London with a low monthly rent to pay. The ads never show a phone number. Upon first contact by e-mail, the return e-mail states the advantages of the flat or house as seen in the ad and includes the information that the owner of the flat is now abroad and needs some proof of funds before returning to London to go through with the deal.

For the proof of funds you are asked to send money equivalent to one month rent and the deposit to your own best friend in Britain by Western Union and to provide a scan copy of the transaction to them immediately, as the interest in the flat or house is so high. But with the transaction number on the Western Union transaction sheet as well as the full names of both recipient and sender, the money may be claimed by somebody unauthorized.

In a trial run on one ad that seemed to be fraudulent to me, I received an e-mail informing me that the landlady was now in Denmark. I replied that I was in Denmark, too, and could we meet please? Whereupon, the landlady was suddenly to be found in Dubai.

How can you be sure that you are not defrauded?

All you have to do is apply a bit of common sense. As a first step, always be aware that there are many fraudsters out in the net, trying to get the unwary. Be aware that fraud is not something that happens to others only, but could be aimed at you anytime. Secondly, a thing that sounds too good to be true usually is. And third, never give a Western Union transaction number to anybody but the recipient of the money. And use the reporting buttons offered on any site, so they can take out the fraudulent ad to safeguard other users.

Of course, the surefire way to protect your PC from becoming ill with computer viruses or worms, is to practice absence from the Internet, but if that option is too extreme for you to do, then take preventive measures to protect your computer software and hardware by using the proper computer condom protection. If you should choose to shrug off this advice, then it is a good idea to keep the phone number to your local PC doctor on standby and enough money to pay the doctor bills.

Before installing any new software, make sure that you use the add/remove programs option and remove any other anti-virus, anti-spyware, anti-malware, additional firewalls that are not in use. Doing this will help eliminate any potential program conflicts that can slow your computer down to a crawl giving the appearance that the PC is infected with a virus.

If you are using MS Windows and have, but are not using the pre-installed copy of Norton Antivirus, then it is highly recommended that you remove this program off of your computer hard-drive before installing any other antivirus software programs. Norton Antivirus can cause your computer to have the sniffles without ever having a full-blown cold. When your computer isn’t feeling good it becomes slow and sluggish. Removing this program will almost instantly make your PC run faster and feel better than ever before.

ZoneAlarm Firewall

One of the first lines of defense to keep your computer running healthy and protected is installing an up to date firewall. Computers without this type of protection is much more prone to coming in contact with harmful viruses and worms, but most of all, the computer could become compromised by hackers wanting to steal the information that is stored on the computer’s hard-drive. Installing and using an up to date firewall will assist in stopping or at the very least, making it much harder for a hacker to gain access to your computer system.

Avast!

This antivirus software is in my personal opinion, one of the best free computer condoms available on the market today. It comes complete with all the tools needed to thoroughly exam, identify and heal most of the newest worms and viruses that are being spread on the Internet daily. Avast! A proactive software company that automatically updates users’ free home edition antivirus software at least once per day. Users still must manually activate the antivirus scan when using the free home edition or wanting something easier, then the Avast! Pro edition can be purchased and setup to automatically scan the PC at whatever times that you want the program to examine the system.

WOT 

One of the most important things to remember about the websites that you want to visit is that, they are not all created with your safety in mind. Some websites are plagued with all kinds of hidden dangers designed to wreak havoc in your computer system, so it becomes an extremely important issue to think about and tackle before visiting the websites that you want. The Web of Trust (WOT) is a free Firefox security add-on for your browser that is designed with your safety in mind. Using this line of protection before visiting the websites that you desire, will help protect your computer from online scams, identity theft, spyware, spam, viruses and more. So, have the peace of mind when exploring the worldwide web when using WOT as one of your first lines of defense.

Ccleaner 

The best defense is to have in place a good and solid offense. Ccleaner does help with this by providing a freeware system optimization, privacy and cleaning tool that will free up hard disk space and have your Windows OS running faster. Using this type of protection will allow you to clean the traces of your Internet activities and online history as it goes to work cleaning the computer registry that may have become corrupted after browsing websites that have been visited during the day. Use this free program and your computer will love you for doing it.

MailWasher 

Browsing the Internet isn’t the only way that potentially fatal viruses and harmful worms can enter the safety zone of your computer’s hard-drive, but many times these dangerous bugs will use the front door, so to open a backdoor that a hacker can than use for whatever they are wanting to do. The front door is the email that you receive everyday and the backdoor is the unsecured ports that are built into the computer’s hardware and software. To protect your computer from potentially harmful email or spam, just install and use a program such as MailWasher to intercept the dangerous kind of email sent before it even gets the chance to enter into the computer’s hard-drive. Block any sender that has been flagged as harmful and safely delete any email that is potentially dangerous to receive and do all of this for free.

Mailinator 

Talking about unwanted and potentially dangerous email or spam, we should not forget how most spam we receive is sent to us. For spammers to send us email they first must have obtained our email address from some source, and then usually they send out bulk junk email to whomsoever is on their list. To combat this can be a daunting daily task of scanning email, blocking unwanted senders or even paying an expert to remove your email address from mailing lists that some spammers employ to complete their master plan. Spammers and hackers are on a mission to get want they want at others expense and safety, so these people are actually the rapists of the Internet. To stop a potential rapist from attacking your computer take the proper precautions to keep them from knowing where your computer resides by using a temporary email address anytime when signing up for something that you want to join or have sent to your computer via email.

This is not foolproof, but if you use this program along with the other things that we have already discussed, then in the long-run your computer will be better protected against the majority of sneaky dangers from harmful worms, unwanted spam (potential virus carriers) and fatal viruses that are spreading like wildfire on the Internet daily. So, if you would not have unprotected sex with multiple strange partners that you should meet, then why should your computer be subject to unprotected sex on the Internet especially since it will come into contact with potentially hundreds of strange bedfellows in a single day?

If you remember all the tips above, your computer should definitely improve in performance and safety, so have fun! Want to read more? Read 10 Amazing Sites to Discover or visit my blog.

Though it is not guarantee that this will stop thieves from copy and paste, it might help ward them off, unless they totally do not care about plagiarism!

Step by Step to Use CopyScape

• Click on the link and fill in your URL, you can find out quickly what and where your popular articles are. To test this out, copy this link: Five Signs That Tell Your Relationship is Over and paste it in the box on CopyScape. You will see there are many results, some link back to my original URL, and some copied and pasted the whole article without my byline.
• On this same page, you will see a banner underneath the box like this:
  
  Defend your site with a plagiarism warning banner!
• Click on this banner to get the code and put it on your article at the very end before submit it. Remember, this is just a preventive measure or a warning for people who respect the law. It is not the absolute answer!
• For personal blog, you can use the same code on your page. Make sure you comply to the term of service.

Two more sections on this website that should be explored:

Preventing to Website Plagiarism

In this section, you will learn how to prevent your article from plagiarists from stealing your content. As mention above, you can put a banner on your article to deter thieves, or you can subscribe to CopySentry for a small fee of $5.00 dollars a month to detect plagiarism automatically. This may work if you own your blog or website though.

Responding to Website Plagiarism

This is a must read section! There are many helpful links you should know when you plan on taking action. You will be able to find the website owner’s name, phone number, and contact them directly. You can also file a Digital Millenium Copyright Act (DMCA), and use Internet Archive to show proof of infringement.

Other Sources

Another way to protect your content is to install JavaScript code to stop the right-click action. This is a common, but temporary way to protect photographs. However, if the experience plagiarists know how to get around the code, they still can steal the content! It is designed to deter some visitors, not all.

• Hypergurl: No right-click for images. No right-click for source. Disable “copy and paste”. Protect source code.
• JavaScript: No right click script
• Billybear4kids: No “Right Click” Script
• Java-Scripts.net: No Right Click JavaScripts

The best way for us to protect our material right now is to use CopyScape since we can just imbed the code at the end of our article. Here is an article I found today using this method: Oh No, Not Another Funny Cat Thing.

War Driving Versus Wireless Network Hacking

While; most of us have heard of hacking, the more recent practice of “war driving” is not so well known.

War Driving

War driving is the practice of cruising around with a wireless enabled laptop complete with a plethora of wireless networking detection and cracking tools. Many war drivers even make use of GPS to physically locate with pin-point accuracy the precise locations of any wireless networks detected.

The major distinction between war driving and hacking into wireless networks is that in the strictest sense war driving is all about discovering the existence of wireless networks.

Wireless Network Hacking

Hacking wireless networks on the other hand is about cracking/breaking into the wireless networks discovered through war driving or any other means for that matter. In short, the hacking of wireless networks is all about gaining access to a network whilst not being a legitimate bone fide network user with authentic access privileges and rights. This does not infer in any way that a would-be intruder/hacker is implicitly malevolent.

War Driving and Wireless Network Hacking Tools

Both war driving and wireless network hacking tend to use the same range of tools as each other. Candidates include specialty wireless packet sniffing tools (Airsnort, Kismet, NetStumbler and Wireshark etc).

The sorry reality is that for tools such as Kismet there really is very little you can do to prevent them from discovering the presence of your wireless network. Fortunately however; there are countermeasures such as fully encrypted transmissions, tunneling and heightened authentication procedures, which you can employ to deny the potential malevolent intruders from progressing beyond the discovery phase.

Legitimate Ethical Wireless Network Hacking

There are many reasons that one may attempt to hack one’s own wireless networks. For example; legitimate authorized and authenticated security staff may be conducting site surveys, penetration testing or network security preparedness assessments and will usually harbor no truly malevolent or other “evil” intentions.

I say usually because many security breaches do involve breaches of trust by authentic personal. Subversion from within is an issue that has existed since long before wireless networking capabilities were developed. Then there is that group who may be attempting to access/hack into your wireless network for the thrill of it simply because it’s there.

War Driving and Wireless Network Hacking Tools

Note that the standard tools used for war driving and wireless hacking purposes are generally the same. They are also the very same tools that authentic network security personal will use to conduct site surveys and penetration testing etc.

Downloadable Self-Extracting and Automatic Installer Packages

In addition, the vast majority of these wireless network tools are freely available for download via the Internet. In general; you will find that the vast majority of these tools will come in the form of self extracting installation packages and/or user installable software.

Here are a few free for private use wireless networking, survey, network discovery, packet sniffing, site assessment and penetration testing tools currently available: Airsnort, ASLeap, CowPatty, Ethereal, Kismet, NetStumbler and Wireshark

Sophisticated Yet User Friendly

What many may not realize is the degree of user friendly sophistication and capabilities that these tools have attained over the years of their existence and development.

Armed by Default

So it is that in today’s wireless networking climate we must assume; that by default, attackers will also be armed with these tools. Bearing this in mind, we will construct our defenses in a manner best suited to counteracting a multiplicity of threats originating from all angles.

War Driving Protective Countermeasures

Countermeasures to protect your wireless network from war driving and hackers in general must be well planned and rigorously maintained and update. Vigilance is the key.

Transmission Medium Access

First line of defense in overcoming the threats posed by war driving and wireless network hacking is achieved by reducing a transmission medium’s exposure to potential threats.

Network Surveys

Site surveys need to be conducted to identify signal leakage and rogue Wireless Access Points (WAPs). This can be easily accomplished without high-tech gadgets. Simply walk around the various network zones, zone perimeters and site perimeters with a wireless enabled laptop to see what signals it can detect. You should be doing this in very much the same way using the same wireless detection and hacking tools that a war driver or any potential hacker would.

Wireless Network Physical Security

Wireless Access Points (WAPs) need to be located and secured in such a way that they can remain free from physical interference and tampering. A redirected WAP antenna can present external entities with an access point to your network.

Furthermore; if enough WAP antennae are compromised (out of alignment, redirected or non-functional) total wireless network collapse can result. Regular inspection and adjustment of WAPs is the best way to limit the damage that can be caused as a result of WAP physical security issues. It also has a role to play in overall network performance and assessment.

Antennae

The use of mixed unidirectional and omnidirectional antennae in a production environment will be of considerable assistance in helping to reduce network perimeter signal leakage.

Multiple In Multiple Out (MIMO) antennae can be used for areas of high network traffic that are contained entirely within your internal network’s publically inaccessible physical perimeters. Careful antennae selection and placement will contribute greatly to wireless networking coverage pattern shaping.

Network Segmentation

Subdividing your network into a number of smaller logical subnets will also help reduce exposure while at the same time delivering greater overall network efficiency and performance. You can also use this as a means of adding extra layers of authentication.

Demilitarized Zones (DMZs)

Use DMZs with limited access rights and privileges to confine potentially “undesirable” traffic to areas of limited functionality without exposing your entire internal network to the threats that they may pose. In this way you can provision and maintain a lower risk publically accessible zone on your network’s periphery if so desired. It also greatly simplifies firewall access lists and rules configuration, management and upkeep.

Disable Internal Anonymous Ad Hoc Connectivity

Sometimes circumstances will dictate that you have no choice other than to permit some degree of anonymous publically accessible ad hoc connectivity to your wireless Network. Confining this type of accessibility to your network’s perimeter using DMZs is usually the way to go.

However; anonymous ad hoc wireless connectivity is not needed for purely internal wireless network accessibility. From a security standpoint once authorized users are internal to your wireless network’s perimeter, they do not need anonymous ad hoc connectivity capabilities, so disable it. All they need do is log onto the network in their usual prescribed manner. Your network access authentication procedures will define who is, and who is not permitted access.

Signal Leakage

You will need to conduct regular site surveys and network preparedness assessments to check and verify that no signal leakage from the fully internal wireless network to the publically accessible zones is occurring. Also check to ensure that there is no leakage from the publically accessible ad hoc wireless networks into your network core.

Change Default Settings

This one is really a no-brainer. Once your wireless devices are up and running change the manufacturer default settings for such properties as administrator name, password or better still passphrase, authentication mechanisms, network name and ID, broadcast parameters, pre-shared keys and the default encryption methods and settings as well as the connection method used to gain access to network resources.

Microsoft Windows Zero Configuration

Microsoft Windows zero configuration anonymous ad hoc wireless network implementations will; by default, result in both wireless enabled client devices and Wireless Access Points (WAPs) alike to persistently advertise their presence to the rest of the world.

Advertising Connectivity Offers and Requests

The client will continually transmit a request for connectivity and the WAP will continually transmit an offer to provide connectivity. This advertising activity by both sides will continue regardless of whether or not the client and WAP are actually connected.

Wireless Networking Administrative Overheads

Yes; this does contribute to a wireless network’s administrative overheads. Most operating systems, networks and wireless access devices also exhibit the same type of behavior when it comes to announcing their presence.

MAC Address Filtering

Wireless enabled device authentication can be most easily implemented through MAC Address filtering. Wireless Access Points (WAPs) and wireless routers have administrator definable access control capabilities based on Layer 2 addressing.

The MAC Addresses of permitted wireless enabled devices are entered into the Wireless Access Point (WAP) or wireless routers MAC Address filter table. Simple Permit/Allow or Deny rules are associated with each MAC Address contained within the devices MAC Address filter table.

The simplest way of using a MAC Address filter table is by entering a list of specifically permitted client MAC Addresses and access is denied to all other devices. All devices lacking a qualified listed in the MAC Address filter table will be automatically denied network access and packets originating from them will be automatically dropped.

MAC Address filter table based access control actually precedes any user based authentication mechanisms since the MAC Address is contained in the Layer 2 header of every packet placed onto the network. This means that packets originating from devices not listed as being permitted in the MAC Address filter table will be dropped without ever being placed on the network transmission medium.

Service Set Identifier (SSID)

Service Set Identifier (SSID) is the name used to identify various different 802.11x wireless networks (WLAN). By default all client devices receive SSID broadcasts from all Wireless Access Points (WAPs) that are within range.

Selection of the Wireless Access Point (WAP) that is to be used for the current connection depends on the specific configuration of the client, either a pre-configured Wireless Access Point (WAP) or the user will select the Wireless Access Point (WAP) from a list of Wireless Access Points (WAPs) discovered as a result of their SSID broadcasts.

Disabling SSID broadcasting by WAPs is one of the best ways of ensuring that you do not come to the attention of war drivers. Although tools such as Kismet can still discover your non SSID broadcasting wireless network many would be intruders will however be thwarted by a lack of SSID broadcasts. Wireless network SSID verification prior to connecting to a wireless network can also help users to avoid the threats posed by “evil twin” attacks.

Encryption

All traffic over publically accessible transmission media such as wireless networks should be protected by very strong advanced encryption.

128-bit Encryption

If your default encryption is Wired Equivalent Protection (WEP) then you should be using a 128-bit encryption key and not the default 40-bit key as a 128-bit key will take considerably longer for intruders to crack.

WPA and WPA2

However; if your equipment supports it, use WPA or WPA2 instead of WEP (although this may require a firmware or software update). WAP2 uses AES which is essentially unrealistic and impractical to break by most hackers.

Authenticated Access Only

Configure your wireless network to permit authenticated user and system access only.

Pre-Shared Keys

If using pre-shared keys make them long and complex as this type of key has less chance of being cracked via brute force dictionary attacks which means that it is impractical for most hackers to guess/crack.

EAP Protected Authentication

In corporate scenarios use EAP or even EAP-FAST to protect authentication and severely restrict the number and frequency of retries before the account is locked-out.

Certificates

If using certificates configure the certificate-based authentication to validate both user and remote device prior to being granted access to the wireless network. Also ensure that rogue systems will be denied access by default.

Tunneling

Corporate users should be using IPSec VPN with split-tunneling disabled.  This will force all traffic leaving the machine through an encrypted tunnel that would be encrypted with DES, 3DES or AES. Remember public wireless hot

Application Layer Encryption

Because public wireless hot spots do not generally offer encryption you can use application layer encryption software to rectify this failing. Simplite does a good job of encrypting IM sessions.

Firewalls

Install and run software firewall if you have not already done so. Microsoft Windows XP and Vista both have a built-in firewall application. Although it receives, criticism from some quarters the Windows Firewall application is free with the Microsoft Windows OS and has recently received additional improvements. If nothing else is available, use it.

Directory Services

Correct configuration of user accounts and credentials through directory services such as Microsoft’s Active Directory will help with a more granular control over user wireless network access and privileges.

Corporate Firewalls

For larger networks it is probably more appropriate to implement a strategy that includes the deployment of one or more dedicated hardware firewall devices/appliances with Intrusion Detection (IDS) and Intrusion Prevention (IPS) capabilities. Vyatta and Untangle both offer viable lower cost alternatives to other more expensive commercially available firewalls such as Cisco’s PIX and Microsoft ISA 2004.

Malware

Use antivirus and other malware applications as appropriate

Updates

Regular updating of your current and future security applications and tools should never be overlooked. This will include regular testing of both your wireless and wired networks and a thorough appraisal and assessment of their current state of readiness. Here is your best protection against so-called zero-hour vulnerabilities.

Security Policies

Develop, implement and maintain appropriate wireless usage security policies.

User Education and Security Culture

Educate your users in wireless security best practices. Update and communicate with wireless users whenever issues arise. What affects one user is in all likelihood capable of affecting them all. Develop a security conscious atmosphere and culture.

Other Technologies

SSL, Extended Validation SSL, SSH, OpenID, PPPTP, L2TP, IPSec VPN, digital certificates, hashing algorithms

The term “cyber espionage” was first coined by the Department of Defense to characterize methods used by opposing countries such as China and Russia to breach its top secret networks for the purpose of stealing U.S. military or government secrets. However, due to recent evidence regarding the emergence of a number of breaches at U.S. research labs and targeted phishing campaigns against corporations located in the U.S. and abroad, cyber espionage is breaking new ground at an alarming pace.

Today, economic gain appears to be the number one motivating factor for new and seasoned cyber criminals, followed by companies seeking to gain a competitive advantage, and a variety of amateur hackers targeting large companies looking to establish a reputation and bragging rights. According to PricewaterhouseCoopers, corporate espionage costs the world’s 1,000 largest companies in excess of $45 billion every year and the SANS Institute ranks cyber espionage number 3 on it’s “Top Ten Cyber Menaces for 2008”. If fifty percent of corporate espionage was indeed perfected by utilizing covert electronic techniques for stealing information, that would yield a $22.5 billion a year market for cyber espionage, based on PricewaterhouseCoopers estimates. During an economic recession, it would be very hard to find someone who would not want a piece of this market; especially if they could be convinced that their electronic criminal activities could not be traced.

In addition to financial gain, a new wave of cyber espionage is being launched by disgruntled employees who attempt to leverage the confidential data they obtained through network looting as a bargaining chip or for vindication against their own company or co-workers. Ironically, companies that have been victimized by cyber espionage are usually the ones with more than adequate resources and expertise to protect against the attacks.

In 2000, hackers broke into Microsoft’s systems and accessed Windows and Office source code. They had access to the source code for approximately three months before being discovered.

In 2001, Fortune magazine reported that Proctor and Gamble had been involved in illegal corporate espionage against its archrival Unilever. The article alleged agents appointed by P&G misrepresented themselves as market researchers and used other electronic methods to collect information about Unilever.

In 2006, the UK extradited two hackers to Israel because they developed and sold spyware that was used to spy on rival companies in Israel. Several private investigation companies in Israel sent e-mails with Trojan horse viruses that were designed to evade anti-virus applications.

In 2007, members of AirTran Airways’ executive management team in Orlando, Florida were targeted by phishing e-mails that sought to trick them into divulging confidential corporate information and placed bot-like malware on their computers to capture sensitive information.

The details of these cases were made public most likely due to regulatory reporting requirements; however, there are hundreds of cyber espionage incidents that are not publicized, even though regulatory requirements for reporting these types of incidents exist for the majority of companies affected. Publicly traded companies and companies operating in the healthcare, financial, and government contracting sectors all have regulatory reporting requirements as it pertains to information security incidents. However, most companies don’t report cyber security incidents for fear of damaging their reputation and potential revenue loss. Some companies report information security incidents as required, but not until well after the incidents have been mitigated and prevention measures have been implemented.

In most cases, if companies were to adopt an “an ounce of prevention, beats a pound of cure” philosophy regarding cyber security, rather than an “if it isn’t broke, don’t fix it” philosophy, the risk of cyber espionage could be reduced significantly. Unfortunately, most companies’ approach to cyber security is reactionary, which can prove to be detrimental to their reputation and bottom-line when a breach occurs. Additionally, since cyber espionage often goes undetected, it is usually too late to effectively mitigate the breach before significant loss when it is actually detected.

Just as other crimes seeking financial gain tend to escalate during economic recessions, it is very logical to assume cyber espionage is among these crimes. However, pouring money into the latest security solutions without a defined strategy will simply lead to more widgets eventually being left on the shelf collecting dust.  To make sure your company is prepared to defend against targeted cyber espionage, I recommend the following strategies:

Increase the Information Security Organization’s Visibility

Most companies make the mistake of burying their information security organization under their information technology organization, which often limits the scope of information security to technological solutions only. Not to mention the intradepartmental political screening in an effort to conceal the vulnerabilities caused by IT solutions from executive management. To achieve optimal effect, the information security organization must be strategically aligned with Legal, Risk Management, Human Resources, Regulatory, and executive management. Depending on the corporate culture, industry, and or the degree in which executive management values or understands the mission of information security, attaining appropriate visibility for the information security organization may be very challenging. Regardless of the challenge, information security leaders must strive to attain this goal because visibility can be an effective deterrent.

Implement a Best Fit Information Security Program 

Reliance on point solutions to protect your company’s information assets is an ineffective strategy with little to no return on investment. To become more effective in protecting the corporate environment from cyber espionage, information security leaders must take a holistic approach to information security by implementing a corporate-wide information security program to encompass all personnel, processes, and technology. Using security best practices as defined with the ISO 27001 certification process, information security leaders can use this as a framework for implementing a best fit information security program for their company.  An effective information security program should include components such as a security policy, training and awareness program, asset management strategy, compliance, personnel and physical security, access control, application/systems development, change management, business continuity strategy, governance, and the most important component, buy-in from executive management and or the board of directors.

Layered Security Approach 

The days of just relying on firewalls to protect enterprise perimeter networks and information assets are long gone; firewall manufacturers realized this years ago when they began integrating intrusion detection and prevention functionality in their products.  Although, the added firewall functionality is a significant improvement, it doesn’t address virus and malware on mobile devices, data leakage and compliance issues, role-based and need-to-know access control, or security vulnerabilities that exist on converged networks such as data, voice, and video. Information security leaders can better minimize the risk of cyber espionage by implementing technologies that will provide protection, monitoring, and enforcement at the perimeter as well as within the defined security zones behind the perimeter such as at the desktop/laptop and data centers.

Technologies to consider for a layered approach are enterprise-class anti-virus and malware solutions for the desktop, email filtering solutions, web filtering solutions with dynamic URL verification and filtering, security information management systems with intrusion prevention and robust notification capabilities, data leakage protection solutions, and firewall technology for the perimeter network protection and laptop protection.

Other Articles:

Will Americans Elect a Lo-Tech or Hi-Tech President?