Wednesday, August 10, 2005
Threats to computer and data security continue to increase in variety and grow in sophistication. Criminals such as identity thieves and computer hackers employ these tools along with social engineering techniques to lull unsuspecting Web surfers. The onslaught demands a coordinated, overwhelming response from industry. Without massive and intelligent retaliation from industry leaders and governments, computer hackers, identity thieves and the like will have gained the upper hand for a long time to come.
Cons exploit the trusting sides of victims by using lies and ruses to gain proprietary information. This is social engineering. Hackers and identity thieves, technically adept, are adding social engineering to their tactics at an alarming rate. Social engineering is a tool to gain access to sensitive identifying and financial information stored on what may otherwise be properly secure individual and networked computers.
Remain vigilant even if your computer system or network utilizes the very latest in security. Anybody with nerve who studies sales techniques and psychology can socially engineer others. There is nothing high-tech about it. Social engineering applies tried-and-true, time-tested conning techniques to new circumstances, the information age.
And the technical threats continue to mount as well. A July 25 press release from Websense, Inc. explores many, such as keyloggers, mobile malicious code (MMC), and others—all of which are increasing in their frequency, according to the release.
The August 2005 issue of Entrepreneur looks at another alarming ploy, the pharming technique, which essentially compromises the functioning of a domain name server (DNS). A pharming scam redirects Web surfers who type legitimate organizations' URLs. A user may have no idea she has been rerouted to a con site, which masquerades as the real thing. Those running the fake site typically steal the visitor's personal information.
We cannot allow pharmers to get away with taking hacking to a whole new level. Pharming undermines users' fundamental expectations for the online experience.
The response to online threats must be cooperative. Governments and industries such as banking and software firms should work together to combat the problem as a united front. Stakeholders at all levels, from the software firm's boardroom to the personal computer user's living room, need to aggregate threats as they learn of them. Only then will firms and individuals be able to easily obtain and deploy effective blocking software.
Companies' security measures are woefully lacking. Just watch the news any night. The latest security breach tells you this. The circumstances we find ourselves in could bring down the whole house of cards. And a house of cards it truly is. Easy money for computer-savvy thieves abounds.