Forum Moderators: phranque
According to the Computing Technology Industry Association's (CompTIA) second annual survey on IT security, attacks through the browser -- typically conducted by attackers by enticing users to malicious Web sites by e-mailing or IMing links -- showed the biggest percentage jump of any of the 15 threat categories posed to the nearly 900 IT professionals polled.
"Almost 60 percent of the companies, educational facilities, and government agencies polled said they'd been hit by a severe breach in 2003, “severe” defined as one that caused real harm, resulted in the loss of confidential information, or interrupted operations. "
However it may just be that companies are realising that infections and crashes or user caused interruptions to operations do cost them so they are logging them more.
Its amaxing to me how much time is lost by users themselves not knowing their tools.
I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop, and because I NEVER OPEN ANYTHING IN THE WAY OF AN ATTACHMENT OR CLICK ON LINKS IN EMAILS. Period.
I don't believe I miss anything really great. I DO miss worms and virii, thank you.
I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop
That's fine for you, but let's not forget that a lot of institutions forbid employees installing any type of software without going through the 'proper channels'.
I'm blown away not only by the HUGE spike in spam I've received in the past few weeks but also by all the Virus Laden emails as well (despite all the filters I've in place)
What's more interesting is how many of the latter come from major institutions and local gov't agencies.
Can someone elighten me on this?
I mention this only because some may not know this, at least in my organization I have to tell many users repeatedly that, "no, you aren't infected just because you got a bounce from someone saying you sent them a virus". Possibly, but not likely.
Not that major institutions and gov't agencies don't send a lot of spam and such. Having talked to many senior IT peeps at some of these major institutions, I would guess it's because it is much harder to control an environment of 1,000 systems as opposed to 10. Not to mention all the "unclean" laptops coming and going.
One friend that is head of IT security at such a place said their biggest problem in '03 was infected systems brought in by management that was excluded from mandatory disinfection before plugging in.
It's gotten to the point now that I get real emails from real companies and I am starting to ignore them because I think it's only phishing..
It does not make sense in anyway shape or form that Soccer moms and Plumbers should become computer scientists in order to participate in the new economy.
In France they even ship with the English language (only ) versions installed ...I get about 5 call outs per week just because the things started up in scan mode on newly bought boxes and the owners think they are infected when they see the word virus on the config screen ..!
try as you might you just cant get people to understand that security on a computer is as important as knowing how to drive before you go on the freeway ..
<<addon after seeing the post above me >>
Some knowledge is a duty ...mom and pop etc can do one hell of a lot of unwitting damage in a DDOS against for instance a hospital using a server run by someone who isn't given the budget to stay on top of the evil script kiddies ....
It's because of this that I've now changed my Norton Settings to scan every single early morning as opposed to the weekly scan I had previously.
Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.
Oh, they had no idea they had to update the Virus protection either.
Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.
This is even more true with XP and dialup. I have no option BUT dialup, and any time I have to reinstall XP it takes me literally the better part of a weekend to update it.... *sigh*
It's simply astonishing how many otherwise educated people will open the attachment out of blind curiosity. What on earth do they think the attachment is?
What on earth do they think the attachment is?
I don't think you want to know....
in discussion with other folk, a simple solution is proposed:
ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.
The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)
Hooroo
JP
ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)
*laughing/applause* Yup. That would be it!
as I pointed out earlier in this thread the problem is not that the boxes are not sold with out AV etc ..The problem is the CRAP that is installed in the name of AV ....Its this that makes the majority of users think that they can open anything because their "Norton ","panda" or whatever says its safe ...
Any AV is only worth what you pay and the licencse for a preinstalled Norton or similar is less than A couple of dollars ....What do you expect for that ...HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ....of course that was spoofed aswell .....but ...when I take a copy of the offending mails with attachments and run them at another machine which has these supposed AV's installed 25 get through anyway without ringing a bell ....!
As for phishing ..the best way to aviod it is to tell every newbie that you meet that if the mail asks you to reply to a server that is't "https" ..that it's a scam....
And BTW how many of us that know better have done the "good deed" and made a simple page available on our own site explaining in lay terms basic security and what to watch out for?
Er... no where in the article does it mention Windows or IE.
But Whippinpost, nobody reads the articles, do they?! ;) I remember a post a few months back by Brett which proved this point.
However, it has to be said that I haven't heard of a phishing scam attacking anything other than IE.
>>HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ...
OK, I edited out that the vendors should also explain to the purchaser what the AV and firewall is for, but hardware retailers are notorious for not recognising the value adding that 10 minutes of preventative tutoring can gain in brand building and customer loyality, and that's another topic entirely for the sales and marketing forums! :)
My point is, it's up to us to help educate the newbie about the kinds of nefarious skulkers lurking out there now for the unwary and clueless.
We've obviously been getting through to our customers and online network, about having at least an up to date AV app. and a firewall to reduce the chances they'll get done. For our part, we also have a mail header downloader to filter emails before downloading proper, and of course, we don't use Outlook.
Haven't had an obvious spam/virii email from local contacts in yonks, and can only think of 3 spam headers in the last week or so which looked loaded, but then, we've also got a server side 3rd party filter as well, so I don't even *see* most of the crud these days.
Quadruaple redundancy ... WHOO HOO!
Cheers
JP
security on a computer is as important as knowing how to drive before you go on the freewayIt is more like having to learn how to overhaul the engine before leaving your garage!
