BestInternetSecurity.net

Information Security Resources

Cyber Wars: USA vs. China

This is a guest post from Jay McGraw, a blogger for Illinois Internet Providers that is worth a read.

What do you think?

Cyber Wars: USA vs. China

Just a short time before delivering his first State of the Union address of his second term, President Barack Obama signed an Executive Order that directly addresses the 21st century version of the Cold War: The ongoing cyber war being waged by nations such as the United States, China, Russia, and Iran.

President Obama’s latest Executive Order on the threat of cyber war aims to establish a framework of cooperation between national defense agencies and corporate America that would enable intelligence sharing from the government to business entities. This framework is not reciprocal, which means that companies will not be required to share information with the government, but the underlying issue is that cyber espionage and attacks conducted from within the People’s Republic of China on American computer networks are increasing.

A Clear and Present Cyber Danger

After President Obama signed the Executive Order on Improving Critical Infrastructure Cyber Security, he addressed the nation on the cyber war issue. He started by stating what the public already knows about identity theft, email infiltration and corporate espionage. He then mentioned the more ominous prospect of sabotage, mentioning that American air traffic control, financial networks and even utility power grids could be compromised.

Cyber war is here, at least according to a group of lawmakers and government officials who moved quickly to press the issue in Congress on the day following the State of the Union address. General Keith Alexander, the top figure at the U.S. Cyber Command and head of the National Security Agency mentioned that the government is often painfully unaware of major networks attacks until it is too late.

President Obama did not mention China as a threat, although recent news headlines have made it clear that companies such as Google, the Wall Street Journal and the Washington Post have been recent victims of attacks that originated from behind the Great Firewall. Another company that has detected cyber-attacks originating from China is Bloomberg, although those attempts were thwarted by security measures.

Losing the Cyber War

House Representative Mike Rogers (R-Mich.) told the Washington Post that the U.S. is now on the losing end of a cyber war. The Chinese Embassy in the U.S. has reacted strongly against the allegations. They called the accusations irresponsible and issued a statement that indicated the Chinese government’s interest in preventing cyber criminality within its borders.

This article was submitted by Jay McGraw, a blogger for Illinois Internet Providers. He specializes in political events, media and internet.

Further related readings

Executive Order – Improving Critical Infrastructure Cybersecurity

Cyber Wartime President Obama's Executive Order Enlists Private Businesses

US says America is losing cyber war to China; officials vow to find compromise on legislation

Cyber wars intensify

What to do if your computer is infected with computer viruses and spywares but you cannot remove it using Anti-virus programs?

Computer Virus Removal in Safe Mode

If your system has contracted virus and you’ve found that you cannot boot up the system correctly or the virus is attached to a system running program that you cannot remove, then you might need to start your computer in safe mode and run a virus scan.

By operating your computer in safe mode, you are launching your system with all non-essential processes and programs disabled. Chances are now you can remove those viruses attached to your system programs because they are idle in safe mode.

Here are the steps adapted from http://articles.winferno.com/antivirus/virus-scan-in-safe-mode/
To run a virus scan in safe mode, you must have an active anti-virus software installed on your computer.
To run a virus scan in safe mode, follow these steps:
1. Restart your computer
2. Immediately after you power on your computer, repeatedly press the [F8] key for a number of times
3. In the Windows Advanced Options Menu screen, use the arrows to select Safe Mode and press [Enter]
4. Select your current operating system and press [Enter]
5. Select the user you would like to log-in under (if applicable)
6. When your system finishes booting, click the Start button on your task bar
7. Move your cursor over All Programs and navigate to your anti-virus program
8. Click on your anti-virus program to run it and follow the anti-virus program’s normal steps to run a virus scan
9. After the virus scan is complete, Delete all detected viruses
10. Close out of your anti-virus software
11. Restart your computer (it should start in normal mode)

Remarks:
To make sure the above process gets the maximum benefits, it is even recommended to turn off System Restore in Windows BEFORE you initiate a safe mode scan:

Windows XP:
Manual steps to turn off or turn on System Restore in Windows XP
(Ref: http://support.microsoft.com/kb/310405)
Steps to turn off System Restore

1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
4. Click OK.
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:

After you have done your virus removal, remember to turn on the system restore again.

Steps to turn on System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to clear the Turn off System Restore check box. Or, click the Turn off System Restore on all drives check box.
4. Click OK.

Windows Vista:
To turn System Protection on or off for a particular disk in Windows Vista:
Ref: http://windowshelp.microsoft.com/Windows/en-US/help/f0688925-5abe-4caf-b49a-018f8cfcaf4d1033.mspx#E3

1. Open System by clicking the Start button startwindows , clicking Control Panel, clicking System and Maintenance, and then clicking System.
2. In the left pane, click System Protection shield.If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
3. To turn on System Protection for a hard disk, select the check box next to the disk, and then click OK.
– or –
To turn off System Protection for a hard disk, clear the check box next to the disk, and then click OK.

Note:
Some anti-virus programs support boot time scan. If you have anti-virus program that supports this feature, you can schedule a boot-time scan instead of the manual safe-mode scanning.

Here is an article talking how to do this under Avast (a free anti-virus program)
http://www.techiecorner.com/166/avast-how-to-schedule-boot-time-scan-before-window-start/

What is Difference between Intrusion Detection System and Intrusion Prevention System?

ShivanandKadwadkar asked:


How IDS and IPS achieved

Most Popular IT Certification

How do companies implement a strategic information security program?

seanbethune asked:


In almost all cases, large corporations do a miserable job of implementing and maintaining an information security management program. How can information security justify the business investment to reduce risk and improve security across the enterprise while still maintaining business agility and minimal I.T. bureaucracy?

Caffeinated Content

Information Security or Networking Job, which one to choose?

Information Security Career
Job Seeker asked:   

Hi,
I got 2 offers, One is for Information Security Analyst and the Other one is for Networking. I am having 2 years of exp. in network Support.
I want to know whether switching my domain to Information Security is a good idea or Bad? And tell me why? 

IS – Analyst : inautix
networking : Wipro technologies

Which one to choose?

Survey reports increased IT data theft during times of recession

McAfee Inc. announced in their 2009 findings that the global recession is putting vital company information at greater risk than ever before. As the global recession continues, desperate job seekers are stealing valuable corporate data, which may be seen as desirable by potential future employers.

When times are difficult, employees that are laid off are more likely to steal valuable and sensitive company information, and even delete them. Even business partners who split during these tough times are likely to steal valuable company information and may even delete them as a form of sabotage

While precautions can be taken to protect their data and prevent potential opportunistic thefts and sabotage, sometimes valuable company information is stolen or deletedWith more instances of IT data theft, firms specializing in computer forensic services such as investigation of data theft and recovering deleted data are highly in demand

In this time of looming economic recession, companies are advised to exercise immense caution when dismissing who have access to valuable company information.  In McAfee’s 2009 findings, security experts warned that the global recession could place vital company information at greater risk than ever.  Employees that are laid off are likely to steal valuable company information when given the opportunity, especially when it may help them secure positions with their future employers.

In the first such case brought before the courts of Singapore last year in 2008, seven ex-Citibank employees were sued with breaching client confidentiality when they moved over to UBS and took along sensitive customer information with them. Eventually, the Singapore government charged these seven under its Computer Misuse and Banking Acts when an email containing personal data that was misappropriated surfaced.

In an annual survey conducted at Infosecurity 2008 -  Europe’s largest IT security event, 88% of IT administrators indicated that, if laid off tomorrow, they would steal valuable and sensitive company information including CEO’s passwords, customer databases, R&D plans, financial reports, and company’s list of passwords to unlock access to most of the information on the company’s network.

“Companies in Singapore are still not aware that when employees are told to leave the company, they often still have access to valuable and sensitive information using their passwords. This means they have the opportunity to vindictively steal data for competitive gains or even maliciously delete data to wreck havoc on your operations”, says Felix Chang – managing director of Adroit Data Recovery Centre, a company that also specializes in computer forensics.

Dismissed employees are just one side of the story. During times of economic downturn, companies also have to contend with partners and directors who resign or leave due to differences or board conflicts. Such scenarios present the perfect opportunity for data theft and sabotage. The departing party could very well steal the entire customer database, or even delete entire blocks of data to wreck havoc as a parting gift. In this digital age, all it takes is one click of a button to do destroy years of valuable information, as opposed to the classic method of manually burning papers and files. 

With more instances of IT data theft, firms specializing in computer forensic services such as investigation of data theft and recovering deleted data are highly in demand. Companies such as Adroit Data Recovery Centre (ADRC) offers specialized techniques to uncover evidences related to data theft, or intentional deletion of sensitive or confidential information.

In the event that you suspect potential data theft or malicious data deletion, companies are advised NOT to do anything to the suspected hardware, and immediately contact a computer forensics specialist for assistance. Here are some golden rules that companies should observe:

Do not power on the computer

This will change the last boot up time, which may result in evidence loss. Moreover, many items in the cache may be eliminated.

Do not modify files or even browse through them

Although the action may seem harmless, you are actually changing the timestamp of the files as you browse through them, resulting in evidence loss.

Contact a computer forensics specialist

Without following proper procedures, evidences acquired may not be permissible in Court. It is therefore important to ensure that forensic investigation is carried out by forensic specialists with proper training and experience.

For more information on computer forensics services or to request for a free consultation, you may visit http://www.adrc.com/forensic_investigation.html

Article Source:http://www.articlesbase.com/computer-forensics-articles/survey-reports-increased-it-data-theft-during-times-of-recession-863232.html

Network Security: Firewalls

What is the purpose of a Firewall?

Firewalls are absolutely vital for keeping network security in force. The firewall stops and controls the traffic that comes between your network and the different sites you go to. A firewall is a constituent of a company’s network protection, and it acts to keep in force the network security policy. It can log inter-network activity with efficiency. It can also reduce a network’s vulnerability. Whenever an organization is connected to the Internet but is not using a firewall, any host on the network has direct access to all resources on the internet. If you don’t have a firewall, every host online can attack every host in your network.

What is a Firewall Incapable of Doing?

Firewalls can’t always detect malicious data. For the most part they cannot offer any protection against an attack from inside, although they may log network activity should the criminal use the Internet gateway. A connection that doesn’t go through a firewall cannot be protected by a firewall. To put it another way, if you connect directly to the internet via modem, there is no way the network firewall can protect you. Some firewalls cannot protect from viruses. Firewalls also cannot totally protect against previously unknown attacks; while a simple firewall provides little protection against computer viruses.

Firewall User Authentication or Verification

You establish a claimed identity’s validity via user authentication. The use of a password and user name can provide this authentication; however, it is not really strong authentication. When you use a public connection, for example if you have a connection to the Internet that is not encrypted, your user name and password can easily be copied by other people and replayed. Powerful user authentication makes use of cryptography, for example SSL certificates. A certificate of this sort can prevent “replay attacks” from occurring. A replay attack happens when a user name and password are captured and used again to gain unauthorized access.

Firewall-to-firewall encryption

A connection that is encrypted is sometimes called a VPN, or Virtual Private Network. Cryptography makes this more or less private. Of course it isn’t really private. The information may be private but it is sent on a public network — the Internet. While VPNs were available before firewalls were, they became more common when they began running on firewalls. Today, most firewall vendors offer a VPN option.

Additional Purposes of Firewalls

  • Increasingly, firewalls are being used for purposes of content filtration. Virus scanning is a common addition to firewalls in this area as well. Though this may be a waste of resources, because filtering for viruses needs to be carried out by every computer since information might be transmitted to these computers via routes besides through the firewall itself – for example, via separate disks.
  • URL Screening: Firewall regulated accessibility to the internet as well as content filtering of both files and messages appears to be a practical extension of a firewall. The drawback of utilizing a firewall for URL or content filtering is minimized performance.
  • To restrict the size of network space that any single user can occupy, or restrict the amount of the network’s bandwidth that may be utilized for given purposes.

Stephen Grisham, Sr. is a copy writer for InfoServe Media, LLC. InfoServe Media is a Houston, TX web design and web hosting company. Want to create your website yourself? InfoServe Media also offers a way to create a web site yourself with a very powerful and easy to use site builder. They also provide domain registration, search engine optimization (SEO) and more.

Article Source:http://www.articlesbase.com/security-articles/network-security-firewalls-810920.html

Free Antivirus Vs Full Product Antivirus Programs. Are They Safe To Use?

I have always been interested in trying new software for just about every application

you can imagine. I have also always been a big fan of free programs. There are a lot of free programs with varied applications but for now we will focus on only antivirus programs.

I have tried them all over the years and finally settled on two in particular. I can’t give the

names here but I still have a couple on my site. Have they let me down in the past, sure.

I have been through all stages of infection from a one run fix with my antivirus program

to a full wipe, reformat, and reinstall of the operating system. The latter will cost you time,

effort, the loss of your computer function, and probably a few gray hairs too! You see, if your computer becomes infected and you don’t address it right away, or maybe you didn’t

notice, bad things can happen. Without getting into too much technical detail a computer virus left unchecked will wreak havoc on your computer. The situation never gets better, only worse. The symptoms are only annoying at first but if not removed it can cause enough damage to render your computer inoperable, and if it gets into the boot files you can’t even turn it on. So you must weigh the cost factor of buying an antivirus program against the possible consequences you might face in the future.

    You might ask what the difference is between a free version and a full version. A free antivirus program is like a stripped down version of that company’s flagship version. You don’t have all the function and in many cases you don’t get the real time protection that can block a virus from getting on your computer.  I know you are thinking that the programs are getting better all the time but so are the virus programs. From personal experience I can tell you that the percentage of computers that are brought to me to repair for virus removal has increased dramatically. Right now it is especially bad. MY BEST

ADVICE to those of you with AVERAGE computer skills is to protect yourself as best you can. The money you save today could cost you ten times as much down the road.

    Let me give you an example. I built my son a computer when he was five. He just turned

nine and two months ago his computer had a terrible virus. He only GOES to SITES like cartoon network to play the games, or does a search for his favorite baseball player. I know

because we keep his computer in the dining room where we can see everything. Don’t YOU

TOO? Anyway, by the time he told me it was running slow, ( my fault for not checking ), the registry was so damaged that I had use his backup program to restore his computer.

This is OFF TOPIC but you should all have some kind of backup program. The lesson here is that you never know when a virus can strike so you should be as protected as possible.

                                                                       Alan Hohenbrink

My website provides software and guidance to the average computer user to utilize the tools necessary to deal with a computer virus. http://www.maumeevalleycomputer.com http://www.maumeevalleycomputer.com/id82.html

Article Source:http://www.articlesbase.com/security-articles/free-antivirus-vs-full-product-antivirus-programs-are-they-safe-to-use-798518.html

Escorcher — Adware And Spyware Rolled Into One

I’m going to share an unpleasant experience with you today. I downloaded and installed what I thought was a free antivirus, but turned out to be an adware and spyware program. To make sure we are clear about what I’m talking about I’m going to take a moment and share with you the definitions of adware and spyware as I was able to piece together through my research. Adware is a program written with the express intention of pushing advertisements on you. In most cases this takes the form of pop-ups, but can also take the form of pop-unders, floating advertisements, browser redirection, and search redirection. Spyware is a program that collects information on you. This information can range from web browsing habits to bank and credit card information. This information is then passed on to an outside source.

Escorcher told me some files were infected with the Parite virus and suggested removal of these files. Luckily I didn’t remove them. Escorcher will say this about some valid uninfected Windows files, and if you take its suggestion and remove these files your Windows will stop working. I also started getting pop-ups while I surfed the Web.

I did some research online and found out that Escorcher is what they refer to as a rogue program. This means it’s a fake program, not really the antivirus it claims to be. It turns out that it is adware and spyware. The pop-ups were generated by Escorcher and it collected my IP address and web browsing habits and passed it on to advertisers.

When I found this out I knew I had to remove Escorcher. I tried to uninstall it via add/remove programs, but that didn’t work. I searched the Web for an answer and found out that I needed an anti-spyware program. I also found the disturbing fact that most anti-spyware only removes 80-90% of an infection, leaving you still infected. I did some digging and found there are anti-spyware programs out there that give 100% removal guarantees, but you have to look for them.

Carl runs a site devoted to helping you rid your computer from all sorts of spyware and malware at http://www.spyzooka.com/

Article Source:http://www.articlesbase.com/security-articles/escorcher-adware-and-spyware-rolled-into-one-798553.html

Is Xpassmanager Adware?

Adware is never something that you want on your computer. It often gets confused with cookies. Xpassmanager isn’t a cookie; it’s the worst kind of adware you can get. If someone tells you that adware can be useful, they must be internet marketers. If you think that you have accidentally gotten the Xpassmanager file on your computer, then keep reading.

Xpassmanager is an aggressive piece of advertising software that monitors your computer for browsing habits. They gather 3rd party advertisers who use this surveillance as a window of opportunity to customize their advertising tactics according to your browsing habits. Not only does it track where you go online, but all of the passwords and private information that you use to access accounts online may be recorded and used by the 3rd party advertisers. If you fall victim to identity theft or credit card fraud, it’s virtually untraceable where the information was leaked.

Xpassmanager is downloaded through questionable sites. We all know to be wary of porn sites and pirated software like warez. Did you know that more often than not adware is loaded from peer to peer file sharing communities (P2P). The other one that gets you is seemingly innocent “free software”. The people that make the free software have to find some way to pay for their expenses, so they allow advertisers to ride their coattails during the download. The free software has no way of telling if the advertisement contains malware.

Once you have unknowingly downloaded Xpassmanager, the signs of infection come on slowly. First, your computer may seem slow. Then, you notice some pop-ups that your security settings don’t get. Next, you notice that your security settings have been disabled. If you keep letting it go, the pop-ups don’t stop, and you get more unwanted gifts. Expect browser hijacking, add-ons, and unwanted toolbars.

So, you may be wondering why your anti-spyware didn’t work. These days it seems everyone has jumped on the anti-spyware program bandwagon, but they may only have 100,000 definitions in their bank. This simply isn’t enough to take care of any problems.

Xpassmanager is updated often, so you will need an anti-spyware program that is on top of things. Try a program that offers a 24 hour, 100% removal guarantee.

Carl runs a site devoted to helping you rid your computer from all sorts of spyware and malware at http://www.spyzooka.com/

Article Source:http://www.articlesbase.com/security-articles/is-xpassmanager-adware-798391.html