Monthly Archive December 2018

Privacy Statement

Home

Facebook’s 2018 Security Breach

Most people who use social media know about Facebook’s 2018 security breach.  An “app” by Cambridge Analytica (a vulnerability in legitimate quiz app) was blamed.  Facebook, the company, allegedly had given access to the confidential information its members to Cambridge Analytica.   

The number of records that were exposed was originally reported as being in the range of 50 million individuals.  Facebook later revealed that the number was more likely in the range of 87 million. That’s a whopper of a breach.

The breach described above was said to be just the tip of the iceberg.  Vulnerabilities in other apps could have allowed other data losses. We learned that the breach was likely Facebook accounts that were accessed and used on smart phones. 

Facebook, in all likelihood, really is unaware of the total number of records that were exposed.

The cybercriminals who perpetrated the breach, to the best of our knowledge, weren’t ever caught. They reportedly exploited numerous bugs in various applications that involved the use of Facebook access codes, numerous software publishers’ platforms and phishing schemes requiring the willing cooperation of users.

We find the fact that multiple federal agencies were investigating the breach.  Reportedly the SEC and FTC became involved in reviewing the incident.  So is the U.S. Congress.  Even the European community was pursuing its own examination.

The message to everyone is:  be careful what information you give to whom and think more than twice before you respond to requests for information that seem out-of-line or unusual.    

Useful Security Products

How Do You Protect Yourself Against Malware?

What is Malware?

Malware is computer code intentionally designed by cyber criminals, to intrude and interfere with the operations of computers and other connected devices (e.g. controllers, smartphones, network servers, etc.).  The word is actually a contraction of two words, “malicious” and “software”.

Malware aims to steal, destroy or change information.  It’s software that is designed to be intrusive and hurtful by altering the confidentiality, integrity and availability of information.  Malware is an overarching term that includes all types of troublesome software such as viruses, worms, Trojan Horses, spyware, adware and ransomware.

How Does Malware Operate?

 

The Cyber Security Resource Center of the NIST (National Institute of Standard and Technology) describes how a typical malware-kit attack would operate.

The toolkit sends spam to users, attempting to trick them into visiting a particular website.

Users visit the website, which has malicious content provided by the toolkit.

The website infects the users’ computers with Trojan horses (provided by the toolkit) by exploiting vulnerabilities in the computers’ operating systems.

The Trojan horses install attacker tools, such as keystroke loggers and rootkits (Guide to Malware Incident Prevention and Handling for Desktops and Laptops, NIST/CSRC Special Publication 800- 83)

One commenter (with the last name of Lacrumb) on a Microsoft website commented: The best security system sits between the chair and the keyboard.  Watch where you visit and when you download un-click all of those extra things that they want you to download.  The gentleman is very wise because today many of the attacker vectors unleashed by cyber criminals start with ‘tricking’ the user to click on a particular prompt, open an attachment or visit an unknown website.

Malware, worse yet, is also capable of being customized.  That characteristic can cause significant problems when an attack can target a particular company or individual.  Malware is becoming harder and harder to detect and block.  Signature-based discovery methods really aren’t that adequate.  The discovery and blocking of malware involves a defense in depth approach, using several different methods and hoping that one or both discover odd hardware or system behavior (e.g. files from product engineering being downloaded, etc.)

How Can You Determine if You Have a Malware Infection?

 

There are a number of ways you might be able to detect if unwanted software is running on your computer.

Included are:

a.)  Your computer begins to behave in an odd manner (the icons contained on you screen change).

b.)  The computer slows down.

c.)  Unsolicited ads and “pop-ups” start appearing.

d.)  Changes appear on your screen (e.g. new icons in your menu bar).

e.)  You are taken to places on the Internet that you didn’t request.

How Does Malware Happen?

Computer users, oddly enough, enable malware attacks.  The methods and means utilized by cyber criminals to launch a malware strike are varied.  An innocent user could open an email attachment that installs malware.

Is There Effective Malware Protection Software?

The answer is both “yes” and “no”.  You can purchase anti-malware programs.  However, there is a misconception that it’s based upon some type of publically available database of malicious software that can be accessed to spot and block malware attacks.  Cylance, in its 2017 Threat Report accurately states, “The fact of the matter is that public repositories of signatures are by no means comprehensive, complete, up-to-date or a reliable record of all the malware that could impact an organization (or individual).

 

What’s the Best Anti-Malware Software?

 

Using anti-malware software doesn’t guarantee 100% protection.  There is a tremendous number of dangerous software threats and they are known for evolving and becoming harder to detect.  An excellent software package deployed today may become less effective tomorrow.

Computer users need to pay attention to the literature and recommendations from sources you trust when you choose anti-malware software.

We recommend that you purchase and use a security software suite that is regularly updated.  Other desirable features of the anti-malware software you should purchase include the automatic updates, backup and more.

PC World Magazine, a leading publication in the computer industry, published a list of the best of the breed anti-malware in November of 2018.  The magazine has been a respected source for information on computing since the beginning of the personal computer revolution.

We are confident in recommending either one of the anti-malware packages below based upon features and price:

a.)  The Best overall antivirus suite is Norton Security Premium.  You can click on the image below to learn more about the product:

 

c.)  The Best budget antivirus suite – AVG Internet Security.  Please click on the image below to learn more about the product:

Best antivirus for beginners – Trend Micro Maximum Security.  Please click on the image below to learn more about the product:

Summary:

One of the most profound statements concerning protection against malware is the one we mentioned earlier.  Yes, buying and using anti-malware software is important, however, consider the implications of the statement we cited earlier:  The best security system sits between the chair and the keyboard.  Watch where you visit and when you download, un-click all of those extra things that they want you to download.