Tag Archive for: Advice

Why computer security advice is more confusing than it should be — ScienceDaily

/in


If you find the computer security guidelines you get at work confusing and not very useful, you’re not alone. A new study highlights a key problem with how these guidelines are created, and outlines simple steps that would improve them — and probably make your computer safer.

At issue are the computer security guidelines that organizations like businesses and government agencies provide their employees. These guidelines are generally designed to help employees protect personal and employer data and minimize risks associated with threats such as malware and phishing scams.

“As a computer security researcher, I’ve noticed that some of the computer security advice I read online is confusing, misleading or just plain wrong,” says Brad Reaves, corresponding author of the new study and an assistant professor of computer science at North Carolina State University. “In some cases, I don’t know where the advice is coming from or what it’s based on. That was the impetus for this research. Who’s writing these guidelines? What are they basing their advice on? What’s their process? Is there any way we could do better?”

For the study, researchers conducted 21 in-depth interviews with professionals who are responsible for writing computer security guidelines for organizations including large corporations, universities and government agencies.

“The key takeaway here is that the people writing these guidelines try to give as much information as possible,” Reaves says. “That’s great, in theory. But the writers don’t prioritize the advice that’s most important. Or, more specifically, they don’t deprioritize the points that are significantly less important. And because there is so much security advice to include, the guidelines can be overwhelming — and the most important points get lost in the shuffle.”

The researchers found that one reason security guidelines can be so overwhelming is that guideline writers tend to incorporate every possible item from a wide variety of authoritative sources.

“In other words, the guideline writers are compiling security information, rather than curating security information for their readers,” Reaves says.

Drawing on what they learned…

Source…

RSAC speaker offers ransomware victims unconventional advice

/in


An RSA Conference speaker argued that despite the stigma associated with paying ransomware gangs, it’s sometimes better to negotiate with terrorists.

In his session at the 2023 RSA Conference on Monday, Brandon Clark, CEO of Triton Tech Consulting in Denver, proposed a ransomware response process that works to squeeze out emotive instincts that are often tangled in the decision-making.

“It is absolutely critical that you do take as much of the emotion out of this as possible by looking at some of this ahead of time,” said Clark during the session, titled “Negotiating with Terrorists: The High Stakes Game of Ransomware Response.”

Clark suggested that ransomware victims often make detrimental decisions based upon emotional and moral instincts. He prefaced his response plan with a reference to the 1973 hostage crisis at the Saudi Arabian Embassy.

In that incident, three Western diplomats among 10 others were taken hostage at the embassy by the Black September group. Former President Richard Nixon refused to negotiate with the terrorists and publicly announced the U.S. would not pay the demanded ransom. The terrorists later killed the Western hostages while the remaining hostages were released and returned to their home in Sudan, which had negotiated with the group.

Clark related this piece of history to the life-threatening events that follow a ransomware attack on a hospital or an air traffic controller or other critical infrastructure targets. He stated that aversion to negotiate with terrorists was a polarizing mindset, “entrenched in our mental framework,” that has induced poor decision-making.

“If I’m not able to understand a patient’s history, if I can’t see what their allergic to and they’re given medication that sends them into anaphylactic shock, I would argue that’s probably worse and more evil than me paying $50,000 to get our systems back and running,” said Clark.

There’s also a financial component to the equation. Clark used the 2018 ransomware attack on the city of Atlanta as “a great example of what not to do,” because the city government refused to pay a $50,000 ransom and ended up paying more than $3 million in remediation and recovery costs.

“It doesn’t…

Source…

Addressing cybersecurity challenges: What’s the best anti-virus advice?

/in


Hacks have increased through the pandemic and the war in Ukraine – © AFP/File Noel Celis

A cybersecurity expert has explained to Digital Journal about the six signs that indicate if you have a computer virus. The advice then expands on how to remove the virus from your device.

In 2022, there were over 1.3 billion malware programmes in existence and 10 percent of these were computer viruses, according to research from the AV-Test Institute. A computer virus may spread from one device to another, take over your software and steal information that can be held at ransom.

Spam emails, instant messaging, file-sharing devices, fake antivirus downloads, unpatched software and infected hardware are the ways in which viruses can infect your computer.

The new advice comes from VPN Overview and it reveals six common symptoms of having a computer virus and how to remove it.

Slow performance

Observing computer performance is one of the first tell-tale signs in terms of whether there is a virus at play. Malicious code typically hijacks computing power and may lead to unbearably slow performance.

Freeze-ups and crashing

There are multiple reasons why a laptop might be crashing. It may be time to restart it, close down one of the many windows you have open or buy a new one – but it could also be a sign your computer has a virus.

Missing files

Malware has been known to delete important data. Once it has infiltrated your device, you may receive multiple pop-ups and notice your files are missing. Do not ignore this – it is a tell-tale sign of a virus that should be taken seriously.

New files appear

In addition to missing files, you may also notice new files mysteriously appearing. Viruses can replace your files with encrypted ones, although these are likely malicious and will only further harm your device if you click on them.

Problems with hardware

Viruses have been known to cause system changes that affect external hardware and accessories. If you can’t get that USB drive and wireless mouse to connect properly or work as it should, for example, it could be a sign of a virus.

Computer operating by itself

Computers are complex machines, but they shouldn’t be executing demands without your…

Source…

Cyber Security Today, March 31, 2023 – World Backup Day advice, new malware targeting Linux and more

/in


World Backup Day advice, new malware targeting Linux and more

Welcome to Cyber Security Today. It’s Friday, March 31st, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Today is World Backup Day. I have a long story on ITWorldCanada.com which is tailored for IT department leaders in mid-to-large firms, so on this podcast I want to address IT leaders in small businesses. The good news is backup and recovery should be easier because your environment will be simpler compared to a multi-million dollar retailer. Still, some of the same rules apply: First, decide what data needs to be backed up, giving priority to sensitive information and how often it needs to be backed up. Second, make sure data is backed up off-site as well as on-site. And for extra protection, it should be encrypted. Third, make sure the off-site backup can’t be compromised by a hacker. One of the biggest failures of IT is to protect off-site backup from being encrypted, ruining any chance of data restoration. Fourth, document your backup procedures so when staff leave the knowledge doesn’t go with them. And last, have IT staff regularly practice restoring a backup. You’ll need that experience in a crisis.

Attention Linux administrators: New malware targeting Linux servers has been discovered. Researchers at the French firm Exatrack call it Melofee, and believe it was created by a group based in China. It drops a rootkit and a server implant. The implant can update itself, create a new socket for interaction, search for system information, read and write files and more. The implant hasn’t been widely seen, suggesting the attacker uses it only to go after high value targets.

University researchers say there’s a fundamental flaw in the Wi-Fi protocol that could affect devices running Linux, FreeBSD, Android and iOS. In a summary of the report, the Hacker News notes that the flaw could be used to hijack TCP connections or intercept client and web traffic. The power-save mechanisms in endpoint devices could trick access points into leaking data frames in plaintext.

Cisco Systems said attacks could be successful against its Wireless…

Source…