I know this will come as a shock to all security experts, but our systems and networks are constantly under attack by an ever-expanding list of malware that threatens just about everything we do online — from working and shopping to communicating and governing. It’s true that hackers never sleep, which means that every corner presents a potential danger each time we go online. If we aren’t adequately prepared to protect the systems we rely on and get ahead of more harmful, targeted attacks, we will continue to fall victim to evolving cyber crimes that are out to exploit our systems to steal sensitive and proprietary information for personal gain, corporate espionage or international deception. We need to move to a modern, proactive security suite. Continue reading this post…
New trends in cybercrime show that hackers are shifting to more monetarily valuable information — unprotected intellectual property, and federal government networks. While traditional antivirus solutions struggle to keep up with today’s prolific attack software, Gartner recommends whitelisting as a complementary security defense in preventing malware attacks on corporate networks and PCs. Here are some of the top endpoint security stories for March 2011. Continue reading this post…
It’s really puzzling to me to think about how today’s IT security professionals are trying to stop cyber threats. I mean, why go through the trouble of detecting 60,000 newly discovered threats each day, not to mention endure the performance impact that scanning has on a system, when you can quickly and automatically identify the few dozen applications that you would like to run on your endpoint computers?
In this week’s release of the McAfee Threats Report: Third Quarter 2010, the security software maker claims that malware reached an all-time high, averaging 60,000 new threats each day in the third quarter. That number has nearly quadrupled since 2007. Continue reading this post…
Each week seems to present a newly discovered strain of malicious code targeting a high-profiled corporation or system vulnerability. This week is a malware program targeting Siemens WinCC SCADA systems, which hides on USB storage devices and uses a Microsoft security breach before activating a Trojan. While Siemens is taking necessary precautions to inform customers about the potential risks of the virus, its recommendation to use traditional virus scan programs from companies like Trend Micro, McAfee, and Symantec makes me wonder whether this is really an effective solution at all.
First, while Siemens says these security solutions can detect the Trojan, then why wasn’t it stopped by customers using such antivirus software in the first place? Since there has not been an example of malware targeting control systems to this point, in all likelihood even if the antivirus was fully updated the Trojan would have got there anyway.
Second, if their customers weren’t using such security solutions, then why in the world not? Continue reading this post…
One of the hottest topics in cyberspace is the “Protect Cyberspace as a National Asset Act” (PCNAA), a bill the U.S. Senate is considering that would help strengthen the mechanisms by which government and private industry protect the safety and security of the Internet. According to the article, “Plan cyberwar defenses now, before any attacks succeed,” the flaws in America’s counterterrorism strategy continue to leave our cyber-communications network vulnerable to attacks aimed at breaching our personal privacy, stealing our secrets, and even physically harming us.
While it is good news that Congress is taking proactive steps before things explode, their solution to consolidate power within the government to legally monitor and respond to cyber threats as they occur is no way to get on top of the actual problem. Instead of proactively addressing the situation with a reactive set of solutions, they need to carry these measures through with proactive solutions that prevent the situations in the first place. Continue reading this post…