On Dogs, Fish, and Bugs
Beware as in be aware
The first rule of PC security is to understand that there are bad actors out there waiting to take advantage of the unsuspecting user. It may just be time for you to become suspicious.
You are only as safe as your password
If you are keeping your passwords safely cached on that sticky note on the bottom of your keyboard, you may wish to implement best practices for password protection.
Social Networking has become a fertile environment for both the Good and the Bad. As you use your Face Book, Twitter or other social networking platform, you may be providing an opportunity for a bad actor to access your Personally Identifiable Information (PII) and/or perpetrate cyber evil. You may be an unsuspecting partner with hacker efforts to violate your systems.
Something smells fishy
Phishing is not a typo, rather a sophisticated operation that allows bad actors to steal your PII or deliver weaponized attachments that can infect your systems and steal login credentials and/or passwords. Other approaches like Spear Phishing and Whaling are rapidly developing to compromise critical business information in the Enterprise.
Warning: bad dog
As if there could be such a thing as a bad dog, now really. The fact is; you need a security protocol that is awake and aware 24/7 to sniff out malicious operations. The TLA or Three Letter Acronym for this security approach is The Three Gs; Gates, Guns and Guards. This may be represented as passwords and/or biometric applications, well thought out and finely tuned permissions and the implementation of relevant auditing protocols.
The file as viral host
That Duke Nukem 3D file you downloaded from Cracks R Us may be playing a deceptive game, while you are blasting aliens with the Rail Gun, infected code is busy stealing your important data and perhaps setting the PC equivalent of land mines in your computer. known suspects like .EXE, .BAT, .COM files can carry a malicious payload and are easily recognized and handled by the most elementary virus checker. However, you are smarter than that – why not wrap the infected executable in a self-extracting ZIP file so it will slip thru basic fire walls with ease and wreak terminal mayhem on the unsuspecting user. Don’t try this at home please. Ah, but what about good old .DOC files, how could they possibly hurt me? Try DOCM or Word documents with Macros. Good Luck.
Malware: the name says it all
Mal as in Malicious: having or showing a desire to cause harm to someone : given to, marked by, or arising from malice. Malicious attempts on your systems don’t rely on E-mail, Instant Messaging or browser access. Plug an infected USB flash drive into your laptop and it may never boot up again. Plug the same device into an Enterprise client and you may be the one getting the boot.
A cloudy day
The Cloud has enabled incredible opportunities for both good and bad experiences. By storing/sharing files in BLOB stores online, life is much easier for both end users and administration types. The power and promise of cloud sharing activities with applications like OneDrive, DropBox, SKYPE etc. have enabled unprecedented productivity gains for business environments. Just how safe this boon for communication and collaboration is altogether another question. If you were a MAL PERSON, you would most likely phish where the most phish are concentrated, say the Internet. End users have been known to circumvent Enterprise security attempts to bypass IT restrictions put in place by security specialists. Promiscuous sharing of sensitive data can simply be annoying or potentially terminal for shared systems.
WiFi networks ARE available
Open networks can easily make your login and password available to perps as well. The Junior Hacker may be setting across the room from you at the coffee shop and appear to be working on math homework, meanwhile he or she is downloading important information from your systems. Hot Spots at hotels and airports are easy targets for the MAL PERSON. It could be as easy as offering a WiFi Hot Spot with your Smart Phone and broadcasting yourself as a legitimate source.
The bottom line
By being aware of the multiple ways bad actors can jeopardize your IT life should lead to the search for and implementation of a more secure environment for both personal and business computer operations.