What’s the weakest link in your email security? Your firewall? Your anti-virus software? The operating systems on your users’ computers? How about the users themselves?

Over the last decade great strides have been made in securing systems against attacks by cyber miscreants. We’ve gone from the Golden Age of Hacking–where few computers had firewalls, multiple operating system services were turned on and patching was haphazard at best–to an era where firewalls are turned on by default, services are kept to a minimum, memory locations are protected and patching procedures have been standardized.

At the turn of the century, if you took a computer out of the box and connected it to the Internet, it would be compromised in a matter of hours. Take a computer running Windows 7 out of the box today, marry it with cyberspace and that computer may never be hacked. That’s because, according to Lance Spitzner, director of the SANS Institute‘s Securing the Human Program, “by default, the firewall is on, it is running few if any services, and it is using a variety of new and enhanced memory protection mechanisms.”

“In addition,” he added, “Microsoft has invested tremendously in a robust Security Development Life Cycle (SDLC).

Continue reading 3 tips for building an effective email security awareness program

There’s a very interesting report on CNet about how the FBI used spyware to nab a variety of cybercriminals who committed crimes via email. Here’s an excerpt:

One suspect used Microsoft’s Hotmail to send bomb and anthrax threats to an undercover government investigator; another demanded a payment of $10,000 a month to stop cutting cables; a third was an alleged European hitman who was soliciting for business from a Hushmail.com account.

The FBI spyware, called CIPAV, came to light in July 2007 through court documents that showed how the bureau used it to nab a teenager who was emailing bomb threats to a high school near Olympia, Wash. (CIPAV stands for Computer and Internet Protocol Address Verifier.)

An affadavit written by FBI Special Agent Norman Sanders at the time said that CIPAV is able to send “network-level messages” containing the target computer’s IP address, Ethernet MAC address, environment variables, the last-visited Web site, and other registry-type information including the name of the registered owner of the computer and the operating system’s serial number. 

The report points out that although anti-virus programs should conceivably detect such spyware, not one of the major companies that make such software would admit to helping the FBI in getting their spyware through such filters. Pretty interesting. While it appears to be used only for good at the present time you do have to wonder what might happen if CIPAV were to fall into the wrong hands. It just goes to show that our emails and presence on the net aren’t nearly as anonymous as we’d like them to be.

The Georgia Tech Information Security Center (GTISC) released its “Emerging Cyber Threats Report for 2009″, which reported on the top five information security threats for the coming year. The results were notably different from last year’s top five, which were: Web 2.0 and client-side attacks, targeted messaging attacks, botnets, threats targeting mobile convergence, and threats to RFID systems. According to the report, the biggest threats for next year are: malware, botnets, cyber warfare, threats to VoIP and mobile devices, and the evolving cyber crime economy. The report notes that all emerging threats and attacks are data-driven.

Continue reading Cyber threats in 2009