Malware On The Rise
Reuters recently published an article claiming that malware has hit an all time high. They state that McAfee, the number two security software provider, found that malware reached a new record in the first half of 2010. Malware is software code that, when introduced into a system, can hack the computer, steal passwords and identities, and reap havoc on system performance.
McAfee says that 10 million new pieces of malicious code have been catalogued. What is most noteworthy of these findings is that Mac systems are becoming increasingly vulnerable to attacks. Apple users tout that Macs are virtually “insusceptible to viruses,” however as Macs continue to increase their market share, their vulnerability is also rising.
Android Antivirus
In similar news, the first Trojan has been reported on the Android Operating System for smartphones. The malware poses as a media player and once installed on the phone, sends text messages to premium text numbers inadvertently charging the user. Hackers are usually on the receiving end of the text messages, and thus profit from the rouge SMS messages.
According to the article, posted on Mashable.com, Kaspersky Labs is in the process of developing a mobile antivirus application for Android phones, due to be released next year.
The Bottom Line
You need to take precautions. Whether you are dealing with your personal computer or your organization’s infrastructure, steps need to be made to make sure your system(s) are secured.
Basic necessities include using a firewall, password protecting your WiFi, and having an up to date antivirus system installed (including Mac systems).
Additional steps, such as security assessments and security audits can be performed to make sure your organization isn’t vulnerable to outside attacks.
Most importantly, self monitoring is the key. Be sure to stay away from sketchy websites (including those not suitable for the workplace) and making sure you only download files from people or websites you know and trust.
Search Privacy
On May 13th, Google announced that it will offer a web-encrypted search feature to increase privacy for end-users. We've asked our computer security expert, Ben Howard, to explain how Google is able to make search more secure with its new web-encrypted search option.
Ben says that Google allows the use of SSL (Secure Socket Layer) to connect a user's browser to their search engine. The new site, https://www.google.com(very important to add the "www." as https://google.com will simply redirect you to the non-SSL search engine), features SSL to help secure your search requests. SSL establishes an encrypted session with your browser by automatically exchanging keys that enable encryption. This "session" is, in effect, a virtual tunnel between your internet browser and the Google's website. By encrypting the session, or virtual tunnel, it becomes very difficult for someone other than you or Google to read the data transmitted between you and Google.
Ben explains that what this means is that only you and Google will know the contents and results of your searches. He says that this may sound benign, but the end result is your searches are now private.
Besides improved search security, Google's offering may have other implications. According to Ben, enabling SSL to encrypt search queries is certain to bear some consequences in the ongoing debate over free-speech between Google and China. The debate has the potential to spill over into the U.S. workforce as companies grapple with their own concerns of employee free-speech versus a company's right to enforce work and ethics policies.
Ben Howard is a Senior IT Associate at NSK Inc. with MCSE, Security+, CCNA Security, and NSA 4011 certifications.