Sunday, June 05, 2005

Is There Any Hope for Computer Security or are We Doomed??

Part 1

This article is the first in a series of articles looking at where we stand with computer security today and what we need to be doing in the near future to address this problem. I’m going to look at computer security and present both my security concerns and some answers on how to achieve a reasonable level of security for your system.

The need for this series of articles became evident to me when I started to write the current security measures that I use to protect my computer systems while keeping my personal information and my client’s business data safe.

It soon became evident to me that what I was going to propose to the average computer user was going to seem to be way over the top. I felt that without some explanation most readers would feel that my suggestions were to expensive, require too many programs, and take more time than necessary. It’s my hope that with this series of articles I will show you why all of these measures are both prudent and necessary.

Here a Computer, There a Computer, Everywhere a Computer.

As a society of computer users we have come to depend on our computers for so many things that we’ve become trapped as innocent pawns in the consent and ever changing battle between the thieves, hackers, crackers, and spam ware artists vs. the computer security industry.

Computers are already in our phones, our cars, our TV’s, and surprisingly enough our refrigerators. They control our power girds, clean our water, handle our sewage and even diagnose our medical problems. We are facing a world in which computers are in everything we use and control most of what we do. So computer security will become even more important in the future than anyone can imagine.

That means that on the one hand we can’t exist with out using our computers for everything from our kid’s homework to our online banking. While on the other hand we live in constant fear that we are at risk for everything from identity theft to having our bank accounts cleaned out. It’s the preverbal being caught between a rock and a hard place.

The first thing to note is that currently we’re losing ground in this battle. If we all don’t take major steps to address the current security problems that exist email and many other features we’ve came to rely on are going to become unusable. Our data both business and personal must be protected from loss and misuse if our society is to realize the great promise of our technology. We must win this battle at any cost and we can’t afford to sit on the sideline and hope that things will work out. Like it or not we have been drafted and we’re all in the fight.

So what fuels this war of the geeks and the freaks?

The sad fact of the matter is that for most of the perpetrators it’s really only a game. They are just in it for bragging rights and to feed their massive egos. Like a video game the damage and destruction they cause is of no more concern to them than the vandal writing on a restroom wall. We saw a good example of this with the recent verbal baiting and taunting between virus writers. For this group there is hope that education can eventually help to reduce their numbers.

For the rest it’s just an easy and profitable form of theft. When you find a way to steal large sums of money with only a small chance of getting caught it’s certain to attract the attention of criminals and opportunists. Recent trends and schemes show that even organized crime is getting into the act. Lots of money to be made with little risk sure sounds like a criminals dream. The only thing that this group will understand is quick, harsh punishment but even that won’t completely prevent it.

But whither they are deceiving us with phfishing schemes, stealing our passwords and personal information with key loggers, or just destroying our hard drives with viruses it is becoming harder and harder to stay ahead of those who would attack our computer systems whatever their motivation.

We will only solve the computer security problem by education, legislation, and hard work.

First, we must join in the battle and through education and by staying constantly vigilant we can reduce the risk both to ourselves and everyone else.

Second, we must be willing to devote resources to solving the problem. Yes it does cost money and it will take time to keep our systems clean and protected. But it will be well worth it if we keep the free and open use of out computers without risking our safety and privacy.

Third we must recruit others to the fight. Far too many people feel that this is someone else’s problem. It’s not going to be the computer industry, nor is it going to be the government, but us as computer users that will solve this problem. Remember no legislation or magic software program will take the place education, vigilance, hard work, and common sense.

As the cartoon pogo (sorry if this dates me since it comes from the 60’s) said, “We have met the enemy and they are us!”

So What are the Major Risks to Our Computer Security?

Email and its lack of protection as both a source of Spam and Viruses.
Trojans and key loggers.
Spyware and Adware.
Bot systems and denial of service issues.
Staying alert since NEW risks are always being created.

So join me next in a detailed look at these risks and what we can do to reduce them.

No comments: