Wednesday, March 10, 2010

Beware: Cyber-danger Ahead!

Recent events have prompted me to review the state of our company's network security.  Apparently, the FDIC insures individual bank accounts up to $250,000, but there is no such insurance in place for businesses.  Therefore computer malware authors are targeting small businesses who use their computers to bank online.  There are some powerful computer viruses circulating that reside quietly on computer until someone logs in to a bank account, and then those viruses spring into action to make fraudulent transfers that are causing some businesses to fail.

How does a computer get infected with a virus?  A few years ago, the most common method was to be tricked into opening a malicious email attachment.  This method is still common, but many people are becoming more savvy to this kind of attack.  Nowadays, the most common method of virus infection is to be tricked into visiting a maliciously crafted website, which then exploits weaknesses in your browser to infect your computer with malware.  Since PDF files and Flash games are also a part of our browsing experience, a computer can also get attacked when a user opens a maliciously crafted PDF file or plays a comprised game online.

However, most of the time we simply click on a link, thinking that is it safe, when actually it is not.  The following story is noteworthy:

http://www.usatoday.com/tech/news/computersecurity/2010-03-04-1Anetsecurity04_CV_N.htm

Here are some measures I am considering putting in place:

1.       An OpenBSD proxy server

2.       Spam Control with a stock OpenBSD install (click to page 44)