Moving at the Speed of Creativity by Wesley Fryer

Evolving online security threats deserve more attention

The networked computing environment which regularly brings new powerful, collaborative tools to the fingertips of users around the globe continues to morph and reveal more insidious, creative ways hackers, criminals and spies are using these tools for malicious purposes. Mikko Hypponen from F-Secure’s new 9.5 minute video on YouTube about “Targeted Attacks” provides a good overview of how malware and network attacks are changing today:

If you are accessing the web from a network that blocks YouTube, you can alternatively download and view this video as a QuickTime file from NewNet66, which was my original source for this video.

At the conclusion of the video, Mikko summarizes by describing three eras of network threats:
– 1986 to 2003: Hobbyist attacks
– 2003 to present: Criminal attacks (malware for $)
– 2006 to present: Spy attacks (targeted at specific organizations)

It is sad and sobering to see such creative potential made to serve nefarious ends. 🙁

Although network security is not my primary professional or personal interest, it certainly is an important topic and one on which I try to keep relatively current. Last June in my post “Ransomware digital extortion” I referenced the “Security Now” podcast as a good source of background information on how malware threats continue to evolve online. I also referenced a more recent “Security Now” podcast in my March 8th post, “Now how am I going to get bored?” Both of the Security Now podcasts I referenced (Episode #47 “Internet Weaponry” from 06 Jul 2006 and #Episode #82 “Cyber Warfare” from 08 Mar 2007) are real eye openers about how malware is not just a nuisance that makes Windows-based computers they affect run slowly. Malware also represents a tool of international organized crime rings engaged in extortion, piracy, and other illegal activities. “Regular” computer users, including the teachers and students in our schools, often play a damaging role in these activities by failing to adequately protect home computers from malware threats, by opening email attachments and visiting web links which deliver malware “payloads” and by bringing inflected files (often via USB flash drives) into the school computing environment.

Why do these issues matter to teachers and administrators? First of all, school networks are big targets of these attackers seeking to find compromised systems to use as open email relays to send out spam messages and hosts for illegal file sharing P2P network connections. Improperly configured firewalls can “let the bad guys in” to wreak havoc on systems and exploit available bandwidth for not only non-educational but outright illegal purposes. Malware which finds its way into the school network by various means can compromise information saved on that computer and elsewhere on the school network, and even bring the network to a creeping crawl when systems are compromised and controlled by hackers on the outside.

A second reason to be concerned is that the behavior of network users (students, teachers, secretaries, and anyone else who virtually touches the school network) is more important than ever. The missteps of one user can negatively impact many, many more. Our need to provide continuing education to each other about safe computing practices is VERY urgent. Issues at stake include student privacy, the protection of personal information, damage to school computer systems and networks, and the PR image of the school district. Who wants to be in the headlines of local and regional newspapers, as the latest victim of international crime rings and illegal file swappers?

As part of the “updates” shared by school leaders with teachers and support personnel during regular staff meetings, updates about security threats and why PASSWORD security is so important should be shared regularly. Yes, it is a hassle to have to use a secure password and be required to change it on a regular basis, but these inconveniences are necessary in today’s hostile computing environment. Have you noticed how many online banking services are ramping up their security protections for users? This isn’t a coincidence. The networked computing environment is more hostile. Companies are taking notice and taking action, and so should schools.

The U.S. Federal Trade Commission has published a 28 page PDF guide titled, “Protecting Personal Information: A Guide For Business.” This guide is equally applicable to schools. The five steps the FTC recommends for protecting information and network resources are logical but not necessarily “easy” for teachers and students: In most cases they require CHANGES in patterns of behavior:

– Take stock. Know what personal information you have in your files and on your computers.
– Scale down. Keep only what you need for your business.
– Lock it. Protect the information you keep.
– Pitch it. Properly dispose of what you no longer need.
– Plan ahead. Create a plan to respond to security incidents.

As is the case in many other contexts, it is much better to be proactive rather than reactive when it comes to network security threats. It’s easier to just “keep on keeping on” with the way we’ve been used to “doing business” at school with our email systems and other technologies, but the price of making that decision is getting ever higher.

It seems to me that the clever and creative threats posed by these “targeted attacks” make the utility of using online collaboration tools like Coventi Pages, Google Documents and wiki environments like PBWiki and Wikispaces even greater. If targeted attacks (as Mikko describes them) typically use MS Office attachments to launch their attacks, using online collaborative tools instead of locally-saved files that can “deliver” malware payloads to computers on a local network seems like a safer approach. In addition to being safer, these online collaborative tools offer powerful functionality not available with traditional productivity files. Web 2.0 resources may therefore not only be more powerful to use, but also potentially safer from a network security standpoint.

Technorati Tags: ,

If you enjoyed this post and found it useful, subscribe to Wes’ free newsletter. Check out Wes’ video tutorial library, “Playing with Media.” Information about more ways to learn with Dr. Wesley Fryer are available on

On this day..