Below is the Executive Summary of Mapping Digital Media: India (2012), a country report by Vibodh Parthasarathi et al. for Open Society Foundations, London.

India probably provides the most striking evidence that the changes wrought by digitization are filtered through a country’s political, administrative, and business culture. In the highly fragmented and unevenly regulated Indian media industry, decisions tend to stumble through extra-constitutional maneuvers and corridors of patronage, irregularly endorsed by formal democratic procedures and mostly driven by vested business, and often allied, political interests.

Image Courtesy: data.disneyduniya.in

The United Nations pointed out in 2010 that more Indians have access to a mobile phone than to a toilet, a fact confirmed by the latest official census.[i] There are over 800 million mobile connections, although the number of unique users (excluding inactive connections) is estimated at around 600 million; the interesting thing about their usage pattern is that news alerts via SMS messages comprise the third most popular content accessed on mobile phones.[ii] Add the fact that 60 percent of all households have cable and satellite (C&S) television, providing access to many of the 700-plus television channels licensed to broadcast, and it becomes clear that in garrulous India, mass poverty and marginalization do not result in a perfect “digital divide.” This together with then fact that the public broadcaster’s prime terrestrial channel, DD National, covers about 92 percent of the 1200 million-plus population, clearly suggests that the users of digital technologies in India include many of the 300 million still below the official poverty line.

Digitization and lower entry costs have led to a huge growth in private C&S news channels, especially in regional languages. Unlike in many countries where a multi-channel terrestrial TV landscape existed before the advent of private and trans-border C&S channels, in India a genuinely multi-channel landscape emerged only with the advent of private C&S channels. Moreover, while readership over newer platforms—mobile and internet—has also risen, the choice of news is not wider than that in the traditional media. At the same time this is one of the few countries whose newspaper industry is growing, thanks mainly to the launch of many vernacular language titles, or regional and sub-regional editions of existing newspaper chains.

While numerical choices have increased for audiences due to digitization and other factors, the race to chase margins and profits has hindered improvements in news quality. Media executives are being disingenuous when they justify such practices as “paid news” (positive coverage of companies or political parties in exchange for a fee) and “private treaties” (whereby a media house is given a share in the equity of a company in exchange for favorable news coverage).

Competitive-imitation in the practice of “breaking news” and of sensationalist aesthetics of reportage is, inter alia, contributing to deteriorating quality, accuracy and diversity of television news. On the internet and mobiles, news content mostly comprises web or app manifestations of the content of traditionally dominant news organizations. Print and television journalists are yet to fully realize the significance of being present—and presenting news—online. Although digitized and converged newsrooms have just about taken off, the idea behind them has been understood more in infrastructural, perhaps even financial, terms rather than to leverage specific, and even specialized, content and audiences.

Nevertheless, digital tools have enabled journalists to don the mantle of crusaders and even of active participants in political events. There are numerous instances where media activism has successfully forced authorities to act on issues uncovered by news reportage. Here again, however, the glut of news outlets has put pressure on journalists to be first with the news—another dimension of the “breaking news” syndrome. Hence, even in the case of investigative journalism, particularly those stories based on sting operations (secretly recorded or videoed assignations), the noticeable increase in unsubstantiated or unbalanced reportage has tarnished the image of the profession, further fuelling concerns about the ethics and values prevailing in the private sector media.

Image Courtesy: http://3.bp.blogspot.com/-1vV7Ys7LtvE/UVcNN59-DSI/AAAAAAAAIKA/UKT01wBXw94/s1600/PB+new+logo1.jpg

The government has decided to digitize terrestrial transmissions of the state-owned broadcaster, Prasar Bharati (Broadcasting Corporation of India), in a phased manner by 2017. But Prasar Bharati is a large, under-funded bureaucracy, by and large providing soft propaganda for whichever political party/coalition is in power. In the past decade, households accessing private satellite channels via cable and direct-to-home (DTH) services have grown substantially, with the share of DTH in the last five years rising exponentially. To ensure this does not incrementally dent Doordarshan (which translates as “Distant Sight”), or DD for short, which is Prasar Bharati’s television arm, a string of policy protocols have been introduced over the years—including must-carry provisions, mandatory sharing of sports feeds (very important in the world’s most cricket-crazy country), and first mover advantage in adopting technologies. While the number of television channels in existing and additional languages transmitted by Prasar Bharati will continue to grow, its significance is likely to decline as more terrestrial households are becoming C&S households. How many of these will be able to afford set-top boxes (STBs) for digital cable will be worth watching.

Following the digitization of terrestrial transmission, however, access to Prasar Bharati’s terrestrial channels may decline, as viewers from the weakest economic strata may be unable to purchase the STBs required to access digital terrestrial television (DTT). Those who muster the resources may find it more fruitful to invest in STBs that either access Doordarshan’s DTH service (it being rent-free) or the very basic tier of private DTH services, since both provide more channels than Doordarshan’s DTT service.

Doordarshan’s competitors—the more energetic privately owned C&S broadcasters—are owned by a variety of conventional and unexpected proprietors, viz. traditional business families, first-generation media entrepreneurs, politicians or their family members, political parties, and real estate developers. Their content and news slant frequently reflect these general and sometimes specific interests. The potential of internet and mobile media to facilitate and voice alternative interests is substantial, but hitherto has been felt most in the arena of social and political activism. Indeed, digital tools have helped some marginalized groups to voice their views and concerns; various factions in Kashmir, for example, have their own websites, as do advocacy groups of Dalits (the caste once known as “untouchables”) and sexual minorities. Although their immediate efficacy is limited by abysmally low internet connectivity—and potential multiplier effect largely limited to urban areas where broadband connections are concentrated[iii]—such online efforts have tended to, in turn, increase the presence of marginal concerns in mainstream news.

The legal and regulatory environment in which all this has unfolded is labyrinthine. Despite digitization having hastened the convergence of various media platforms, there are no specific laws on ownership, cross-ownership, or concentration; nor is there an overarching regulatory framework—either for media infrastructure or news content—except for licensing norms for broadcasters and distribution, and foreign investment caps in news media. Policy is conducted mostly through ordinances and guidelines that have occasional loophole clauses pertaining to ownership. This has in part led to hefty media conglomerates such as India’s largest news media company, Bennett, Coleman & Company Limited (BCCL), whose diversified portfolio comprises The Times of India and The Economic Times (market leaders among English daily and English business daily newspapers), the Times Now news channel (with the highest viewership among the English-speaking channels), and Indiatimes.com, which has emerged as a leading website for news and other online content. Loopholes in cross-ownership guidelines have also enabled major broadcasters such as Zee and SUN to have analog and digital distribution interests through sister or other promoter-group companies in the cable and DTH business.

Image Courtesy: http://cdn.i.haymarket.net.au/Utils/ImageResizer.ashx?n=http%3A%2F%2Fi.haymarket.net.au%2FNews%2FDTH-Players.gif&w=460
[logos of tv/service providers]

News on private satellite channels is overseen, rather than regulated, by a combination of a government-created code and a self-regulatory industry body, neither of which have any real teeth. The Programming and Advertising Code evolved in 1975 by the Ministry of Information and Broadcasting (MIB) for Doordarshan and All India Radio—and with phrasing wide open to different interpretations—was extended and included in the Cable Act 1995 governing private channels. Over the last decade, MIB twice sought unsuccessfully to introduce a Broadcasting Bill in parliament to strengthen the content code, in addition to other matters of television governance. These efforts, together with crises in reporting standards, pushed the trade association of private news channels to create the News Broadcasting Standards Authority (NBSA); however, this self-regulatory body can only penalize those channels that are members of the association, such membership being purely voluntary.

There is no specific regulation of news on the internet and mobiles, since “news” is not legally defined as a separate content category, as it is in television and print. However, a 2008 amendment to the Information Technology Act, 2000, introduced after terror attacks in parts of Mumbai, established a Computer Emergency Response Team (CERT) with the power to intercept emails, block websites/web content, and force compliance by service providers, intermediaries, and data centers. A further amendment proposed to make such intermediaries liable for all content they carry has been hotly debated over the last two years.

The one sector that saw a formal regulator being established was the telecoms industry, with the creation of the Telecom Regulatory Authority of India (TRAI) in 1997. While its mandate expanded in 2004 to include broadcasting, its legal mandate has remained that akin to a mere advisor. Its recommendations are unevenly, and sometimes partially, accepted by the concerned ministries; sometimes key decisions are taken and revised by various ministries totally without regard to TRAI’s recommendations—which themselves, it must be mentioned, have not always been in the public interest. The result has been an institutional framework dogged by political favoritism, bureaucratic partisanship, legal loopholes, and corporate malpractice.

Image courtesy: http://insightvas.com/trai-issues-new-guidelines-to-curb-unsolicited-sms-and-calls/

Likewise, the two digital switchovers underway in the television industry—in terrestrial broadcasting and cable distribution—are bereft of any direct, immediate, and equitable acknowledgment of the public interest. Much like spectrum auctions in the telecoms industry, these seem to be immediately aimed at enhancing government revenues—by enabling the sale of lucrative spectrum vacated by the terrestrial broadcaster, and by hoping to increase tax collections, since digitization will enable closer monitoring of revenues across the value chain of cable distribution. However, an argument can be made that such digitalization may provide competition among and operational viability of broadcasters and, hence, ultimately serve public interest.

For instance, the commercial advantages of a transparent digital distribution value chain most immediately accrue to C&S broadcasters, namely higher subscription revenues, improved quantifying of viewers, and less manipulation by distributors. Some of these and their resulting advantages could serve the public interest, albeit indirectly and over the ensuing five to ten years, assuming broadcasters plough back a productive share of their incremental revenues into programming, especially news gathering. But the cost will be high: of the estimated US$ 4,400 million to be spent on cable digitization, MIB finds exactly half will be “going to be spent by the people of India on buying set-top boxes”.[iv]

While the freeing up of terrestrial spectrum will surely enhance the prospects of providing 4G services, the price of such services will largely limit them to the upper strata of society, as was the case during the first five to seven years of mobile telecoms in the 1990s. There is no administrative blueprint, clear-cut government plan, or legal protocol to suggest that these expensive digital switchovers, whose costs are borne by viewers, will foster either a greater diversity or plurality of voices; nor is it sure to lower entry barriers for new broadcasters, as carriage fees will not only persist but may become the crucial revenue stream for distributors, as subscription revenue shares are re-jigged in favor of broadcasters.

Image courtesy: http://www.tamil.haihoi.com

It is broadly in this area of public interest that most attention needs to be focused—be it in the area of greater accountability and autonomy of the state broadcaster, the governance of private media infrastructure, transparency and equity in licensing criteria and in mechanisms of allocating resources, and compliance with global standards of professional journalism. These values will go some way toward giving India the diversity of voices and voice-makers that properly reflect what is possibly the most pluralist social and political landscape on the planet.

There is a very interesting discussion of the protection of Federal Networks and the Fourth Amendment in “Cybersecurity, Selected Legal Issues,” Congressional Research Service (CRS) Report for Congress (3 May 2012).

The Department of Homeland Security (DHS) in conjunction with the National Security Agency (NSA) rolled out EINSTEIN, an intrusion detection system (IDS) in early iterations, and later an intrusion prevention system (IPS) at all Internet points of presence (POPs) for the government.

The system works through copying, storage, and deep packet inspection of not only the metadata for addressing information, but also the actual contents of the flow. This handling is necessary in order to identify suspicious malware signatures and behavior and alert the United States Computer Emergency Response Team (US-CERT) in order to block, quarantine, clean, and respond to the attacks and share information about these.

However, the civil liberties and privacy issue with EINSTEIN is that according to the Fourth Amendment, we are protected from unreasonable search and seizures. Thus, there are concerns about the violation of the Fourth Amendment, when DHS monitors and inspects addressing and content of all email and Internet communications to and from federal agency employees and the public–including not only from government email accounts and systems, but also from private email accounts such as Yahoo and Gmail and social media sites like Facebook and Twitter.

The justification for the use of EINSTEIN includes:

1. The government cannot reasonably get warrants in real time in order to safeguard the federal network and systems at the speed that the attacks are occurring.

2. The government places banners and user agreements on all Federal networks notifying users of monitoring, so there is no expectation of privacy in the communications.

3. The monitoring is conducted only for malicious computer activity and not for other unlawful activities—so “clean” traffic is promptly removed the system.

4. Privacy protections are ensured though review mechanisms, including Attorney General and Director of National Intelligence (DNI) reporting to Congress every six months and a sunset provision requiring monitoring reauthorization every four years.

This tension between monitoring of Federal networks and traffic and civil liberties and privacy is a re-occurring issue when it comes to cybersecurity. On one hand, we want cybersecurity, but on the other hand, we are anxious about this security infringing on our freedoms—whether freedom of expression, from search and seizure, from surveillance, or from potentially costly regulation, stifling innovation, and so forth. It is this tension that has stalled many cybersecurity bills such as the Stop Online Privacy Act (SOPA), Cyber Intelligence Sharing and Protection Act (CISPA), The Computer Security Act of 2012 and more.

In the absence of a clear way forward with legislation to regulate and enforce, or incentivize, standards and best practices for cybersecurity, particularly for critical infrastructure protection, as well as information sharing, the White House released Presidential Policy Directive/PDD-21 on Critical Infrastructure Security and Resilience to establish DHS and other federal agency roles in cybersecurity and to manage these on a risk-based model, so that critical infrastructure is identified, prioritized, assessed, and secured accordingly.

While PDD-21 is a step in the right direction, it is an ongoing challenge to mediate a balance between maintaining our values and constitutional freedoms, while at the same time securing cyberspace.

One thought is that perhaps we can model cybersecurity after the Posse Comitatus Act of 1878 that separated federal military from domestic national guard and law enforcement powers. Using this model, we can create in cyberspace a separation of cybersecurity from our borders outward by the federal government, and within the domestic private networks by our national guard and law enforcement.

Thus, we can create stronger security radiating out at the national periphery, while maintaining our important freedoms within, but always working together to identify and neutralize any and all threats to cyberspace.

(Source Photo: Andy Blumenthal)

Indian internet systems are under a spam attack that “hijacks” search engine requests leading to slow browsing and opening up of suspect websites.

A trojan virus called ‘Bamital’ has been detected in the country’s internet network, Computer Emergency Response Team (CERT-In) said in its advisory to internet users. These Bamital servers then connect to the advertisement server and redirect the search results to websites of the attackers’ choice. It has the ability to click on advertisements without user interaction.

The CERT-In has advised certain countermeasures like keeping the anti-virus and anti-spyware signatures at desktop and gateway levels up-to-date; enabling firewall and not following unsolicited web links or attachments in email messages.

(Our security arm, SecuraGeek Forums, published an article helpful to users about Virut a few years ago, here.)

This takedown effort involved researchers of Poland’s Computer Emergency Response Team (CERT), Russian CERT-GIB, and the Spamhaus Project that aimed at disrupting the operations of the Virut botnet, which involved 300,000 some infected machines.

In December, the Spamhaus Project helped to work against all the domains owned in the Virut botnet, and attempted to have them shutdown. Most of the domains, if not all, were registered under the .pl cc TLD. However, the gang behind the botnet moved all of the malicious domain names toward a new registrar called home.pl.

The botnet’s operations were limited a bit during this time, when NASK (Research and Academic Network) in Poland, began to move on the infrastructure of this botnet. The NASK operates the Poland CERT and is the national registry of the .pl domain. Therefore, its presence in this situation is very important.

“In past few days, Spamhaus has been in close contact with the sponsoring registrar (home.pl), the Polish Computer Emergency Response Team (CERT.pl) to get the domain names suspended,” Morrison blogged Jan. 19. “In cooperation with the Polish CERT and the registrar home.pl, we managed to get all the Virut domain names within the .pl ccTLD sinkholed.”

“In addition, Spamhaus reached out to the Austrian CERT and the Russian-based Company Group-IB CERT-GIB to shut down the remaining Virut domains within the .at and .ru ccTLDs,” he added. “In cooperation with Spamhaus, and due to the evidence and intelligence provided by Spamhaus, CERT-GIB was able to shut down all the Virut domains within the .ru ccTLD within a few hours.”

Symantec researchers have noted that the maintainers of Virut are also involved with the Waledac botnet. The evidence is due in part to the malware writers behind both botnets using affiliate programs to spread the threats. It’s been noted also that Virut has helped to spread malware such as TDL, Zeus, and others. Also, Symantec warned that Virut had been used to redeploy Waledac. Problem is, the Waledac botnet was seized by Microsoft in 2010. So, redeploying that botnet is opening up the fields for lots of trouble.

As this takedown has occurred, three dozen domain names have been seized in total, with no sign (to researchers) of them starting back up on a different network. Since domains are so critical in the infrastructure, it’s going to be difficult for the malware writers to orchestrate a new plan.

For the past five or so years, domains like ircgalaxy.pl, zief.pl, etc. were used by the botnet…now are seized! It’s not exactly clear how NASK will affect the future operations of Virut, but right now, things are looking good and steady!

Click link below picture

.17278

A hacker accused of having ties to Russian security services and cybercrime organizations was bitten by his own bug when the Republic of Georgia’s national cybersecurity team unleashed his own malware on him. It had the same effect in reverse, allowing his webcam to be activated and documents to be accessed on his hard drive.

.

.

.Click link below for story:

http://www.technewsworld.com/story/Russian-Hacker-Gets-a-Taste-of-His-Own-Malware-76519.html

.

_____________________________________________________

Georgia claims that Russia is still attacking them, but now in the cyber realm, and they offer as proof, video snapshots of an alleged Russian hacker that was caught in a counter-hack sting!

Since the Russia-Georgia war in 2008, Georgia has claimed that Russian hackers were infiltrating their computer systems.

The Georgian Computer Emergency Response Team (CERT) has released a 27 page document(Pdf) explaining a Russian Botnet that was detected.

The report also includes a counter-hacking operation that netted a hacker that they claim has ties to the Russian government!

Once infected, according to the report, Russian malware used key word searches for sensitive words inside documents on Georgian machines.

The malware ran from a control panel and uploaded stolen information to command and control servers. The malware was also able to steal certificates, and configuration files, execute remote commands, scan for other targets on the network and most importantly in this case -  record audio and video.

The attacks focused on Georgian government sites, critical infrastructure, banks and other non-government organizations. The attacker was able to record live video, and update and modify the malware code from the Command & Control panel.

The Georgian CERT team began dissecting and analyzing the malicious attack. When backtracked, one of the domains used in the attack was owned by the Russian Ministry of Internal Affairs, Department of Logistics, which is located right next to the Russian FSB.

Going a step further, they infected one of their own machines with the Botnet and put a tempting file on the computer named “Georgian-Nato Agreement”. This file, according to the report, was infected with the SAME MALWARE that the botnet was using, except this time it connected to Georgian controlled systems!

Unbelievably a suspected Russian hacker fell for it, stealing the file and becoming infected with their own malware. They not only got screenshots of the hacker through his own webcam, but also were able to recover his e-mails, location and even watched him create new modules for the Botnet!

Of course I am sure Russia will deny the allegations, and I doubt the hacker will be arrested, especially if he has ties with the Russian government. But Georgia has some pretty convincing proof.

European Network and Information Security Agency (ENISA) CERT exercise material and two pilot exercises held in Moldova and Japan via YouTube.com. ENISA is the EU’s response to cyber security issues of the European Union.

A package of user data which included usernames and passwords for the Stay Smart Online website was lost sometime after 11 April, due to a package being lost in the post.

Just a thought: News like this can hurt the folks involved, please be aware the screw-ups happen. I’d say after a health does of “what in hell” the people involved might learn a huge amount about how the simplest mistakes can bring down all the best intentions. AusCert is a not-for-profit group that (very likely) has the interests of the internet community at its heart.

However, a sane person could not make up this screw-up…

You see, the DBCDE was in the process of switching contractors that handled the alert system and needed the information transferred from the one to the other. Someone, somewhere, made the brilliant decision to burn usernames, email addresses, hashed passwords, and password reminders to a DVD for easy transport. Can’t trust the tubes of the web, after all, as there be hackers out yonder. The contractor, AusCERT (information security experts), then sent it via the Australia Post.

Pardon me while I pick up my jaw. Beyond the worry is not a small amount of irony, not so much because of Stay Smart’s tagline but because AusCert should know better.

Stay Smart Online — The Australian Government’s cybersecurity website provides information for Australian internet users on the simple steps they can take to protect their personal and financial information online.

AusCert — is the premier Computer Emergency Response Team (CERT) in Australia and a leading CERT in the Asia/Pacific region. AusCERT operates within a worldwide network of information security experts to provide computer incident prevention, response and mitigation strategies for members and assistance to affected parties in Australia.

I mean no disrespect when I say I hope the damn DVD was encrypted. The list of users were those who wished to be subscribed to the government’s privacy breach alert system. Ahem.

ZD Net reported: Despite the incident, DBCDE has stated that it believes the information has not been found or misused, and that there is no privacy risk, stating that it had only emailed users to remain consistent with best practice for privacy matters.

The mess-up aside, the Stay Smart website itself is actually darn good. The site’s blog is useful and contains content from a range of authors and appears to be written in earnest to help non-technical people better understand the implications of an online life.

Kudos to the govt and the creators for getting the site together. If not for this mess I would not have heart about it, and this mistake only further enhances my opinion that you need to be highly critical of who you trust, and very aware that even the government can have the odd mistake.

Reported and found via Geekosystem (and ZDNet via Slashdot).

Related articles

• AusCERT’s most embarrassing blunder (theage.com.au)
• Oz govt loses Stay Smart Online user details via Australia Post (zdnet.com)
• Oz gov cyber-safety unit mislays user information (go.theregister.com)
• Australian Gov’t Loses Privacy Alert Subscription Information In the Mail (yro.slashdot.org)

Yesterday Iran’s Computer Emergency Response Team released a warning about a new modular malware that resembled Stuxnet and Duqu. Dubbed “Flame”, the new cyberweapon is causing quite a stir in the media with it’s “advanced features and complexity”.

But looking at the malware’s features disclosed by Iran’s CERT team, it doesn’t seem very game stopping:

• Distribution via removable medias
• Distribution through local networks
• Network sniffing, detecting network resources and collecting lists of vulnerable passwords
• Scanning the disk of infected system looking for specific extensions and contents
• Creating series of user’s screen captures when some specific processes or windows are active
• Using the infected system’s attached microphone to record the environment sounds
• Transferring saved data to control servers
• Using more than 10 domains as C&C servers
• Establishment of secure connection with C&C servers through SSH and HTTPS protocols
• Bypassing tens of known antiviruses, anti malware and other security software
• Capable of infecting Windows Xp, Vista and 7 operating systems
• Infecting large scale local networks

All of these “threats” have been seen before. I especially liked the “bypassing tens of known anti-viruses…” line.

But there are several features that do set “Flame” apart from the pack. First of all the malware is very large, a whopping 20MB. Also, it contains several files and seems to be able to attack using swappable modules. But there is more.

According to an article on The Register, Flame has the following features:

• It has been active for at least 2 years, but possibly 5-8 years
• Contains exploits for known and fixed vulnerabilities
• Uses open source libraries
• Uses a SQLlite database
• Uses some Scripts written in Lua (of Angry Birds fame)

All the big name security companies that have analyzed it seem to agree that with it’s complexity, it was most likely written by a Nation State and not individuals or small groups.

The malware could have been created by Israel (and possibly the US) as many of the countries that have detected infection would be logical targets for them.

As according to Symantec:

“Initial telemetry indicates that the targets of this threat are located primarily in Palestinian West Bank, Hungary, Iran, and Lebanon. Other targets include Russia, Austria, Hong Kong, and the United Arab Emirates. The industry sectors or affiliations of individuals targeted are currently unclear.”

I am not sure of it’s “CyberWeapon” title, as it seems to be an information gatherer. Definitely worth keeping an eye on, but as with “APT” and “Stuxnet”, I am sure the media will beat this topic to death.

Introduction

The United Arab Emirates Computer Emergency Response Team (aeCERT) is the cyber security coordination center in the UAE. It is established by the Telecommunications Regulatory Authority (TRA) as an initiative to facilitate the detection, prevention and response of cyber security incidents on the Internet.

Vision

Be the leading trusted secure cyber coordination center in the region.

Mission

• To sustain a resilient and vigilant ICT infrastructure against a broader set of cyber security threats.
• To build a secure and safe cyber culture in the United Arab Emirates.

Goals

• Enhance the cyber security law and assist in the creation of new laws.
• Enhance information security awareness across the UAE.
• Build national expertise in information security, incident management and computer forensics.
• Provide a central trusted point of contact for cyber security incident reporting in the UAE.
• Establish a national center to disseminate information about threats, vulnerabilities, and cyber security incidents.
• Foster the establishment of and provide assistance to sector-based Computer Security Incidents Response Teams (CSIRTs).
• Coordinate with domestic and international CSIRTs and related organizations.
• Become an active member of recognized security organizations and forums.

Image via Wikipedia

Most people lack computer user education, plain and simple. Most people turn on their computer, sigh when they have to enter their password (if they have one at all) and start using their computer to read email, cruise through their favorite website, do some online shopping and perhaps banking. They might watch videos, read some humorous things and share them, perhaps use other ways to have a shared experience online or stay all to themselves. They might have a virus checker, a security suite of sorts, but many don’t.  Every three years or so they have to buy a new computer because their older computer is just ‘so slow’…

Much of this ignores what cybersecurity professionals advise you to do.

This is Computer Security Awareness Month and here are a few things we could all use.

DHS protects the government and critical infrastructure. DHS also owns the US CERT, who is supposed to be the ultimate Computer Emergency Response Team. They watch out for everybody not covered by NSA and the US Cyber Command.

DHS is working with the National Cyber Security Alliance, who have an excellent website for home users. They also have a fairly comprehensive list covering a wide variety of devices many of us have in our homes, here.

These are all website that I recommend you visit and learn a few things.

I have a few pet peeves I’d like to share with you. If you are really computer savvy you can stop here, otherwise enjoy a few words of wisdom, please?

The first is about spear phishing.  Please, it’s spelled correctly. When you receive an email from what appears to be a friend and it contains a link and a short message that seems strangely out of character, freeze.  More than likely this is someone faking that they are your friend, this is known as spoofing. Everything, including the name of the sender, appears correct but it only takes a few seconds for an experienced user to pretend to be you or your friend (and there’s nothing you can do about it). If you dig deep into the data behind the email you’ll see it’s not really from your friend, but most people don’t do that. What is happening is the link might take you to a website that contains malicious code that installs a virus or another kind of infection on your computer, sometimes without you authorizing it.  This is a very common attack today.  The lesson to learn here is never clink on a link in any email unless you know and truly trust the sender, and then only if the message seems totally legitimate.

The last point I’d like to make is about Social Engineering.  Technically spear phishing is a form of Social Engineering, but bear with me.  The former King of Social Engineering was Kevin Mitnick, he went to jail for five years for being the excellent hacker he is. But what really set him apart from mere mortals was Social Engineering combined with his hacking. He did his research, he would study, he would probe, and then he would do whatever it took to get a password, to get a free account, to get root access, to get into a facility and physically touch the system he was trying to break into.  He dug through dumpsters to get names, phone numbers, account information and generally know details that only an insider would know. He might call you on the phone and pose as IT support and have you assist him, gaining access to a trusted system, totally fooling you.  His book, “The Art of Deception: Controlling the Human Element of Security“, is an excellent book.  He covers much of how he broke into a wide variety of computer networks and shows the effectiveness of social engineering. Please don’t get lured into a trap either online, on the phone or in person without confirming someone’s identity.  Whenever anyone calls me on the phone and asks me for any information, I ask for their phone number and I call them back.  Sorry, no phone number, no information. I also don’t trust caller ID, it also can be spoofed.

Please, browse through these sites, add to your expertise and don’t forget: It’s all of our responsibilities to protect our computers.

Related articles

• National Cyber Security Awareness Month October 2011 – 5 simple things you can do now to improve your online security (showard76.wordpress.com)
• October is National Cyber Security Awareness Month! (sklartechnology.com)
• US: Cyber attacks on utilities, industries rise (sfgate.com)
• Government simulates cyber attack for training (msnbc.msn.com)
• Companies ‘confident’ in their cyber security measures (premierlinedirect.co.uk)

Aplikasi palsu tersebut dengan cerdik dideskripsikan sebagai anti virus terpercaya, lengkap dengan pop up peringatan bahwa sistem pengguna terinfeksi. Percaya saja bahwa anti virus itu asli, sebagian pengguna kemudian membelinya secara online lalu menginstallnya. Namun sial, anti virus palsu itu tidak dapat difungsikan.

“Kehilangan uang untuk sebuah program palsu sudah cukup buruk. Namun para korban masih berpotensi terkena kerugian lebih banyak lagi,” papar Macky Cruz dari biro keamanan Trend Micro.

Macky Cruz menandaskan bahwa bisa saja para penjahat cyber juga mendapat informasi kartu kredit yang dipakai konsumen saat bertransaksi. Mereka pun bisa menyikat uang korban dengan leluasa.

Salah satu aplikasi keamanan palsu baru yang ditemukan Tred Micro bernama WinAntispyware 2008. Sedangkan pihak Sunbelt Software juga menemukan aplikasi palsu bernama Windows AntiVirus, Windows AntiVirus 2008, AntiVirus Lab 2009 dan Antispyware Pro XP.

Terkait fenomena ini, lembaga  Computer Emergency Response Team (CERT), Amerika Serikat, pun menyarankan agar pemakai internet hanya menginstal software keamanan komputer dari vendor terpercaya saja.