Below are sections of an article that recently appeared on the Electronic Frontier Foundation Website (thanks to EFF for making their content available under a Creative Commons license). Whilst we may not all be fascinated by security vulnerabilities in SCADA systems (although it is topical with the unbelievable story of Iran and their attack by Stuxnet), often the most basic and simple of activities can protect against the majority of IT security vulnerabilities (as is noted in the article). Here are a few simple things you can do to protect yourself better against malware, viruses and attackers:
– Install, use and keep updated a suite of computer security software; Microsoft Security Essentials is free and very good as is AVG software.
– Keep all your software patched to the latest security patches.
– Use secure and unique passwords; don’t even think about using common words or numbers as passwords.
– Switch off your computer (or disconnect from the Internet) when not in use for extended periods (e.g. overnight).
– ONLY use secure sites when transmitting any personal or financial information Online; e.g. ensure that you see https:// at the start of the URL when paying for goods or banking Online.
Here are selected extracts of the article by the EFF:
‘The US government is deliberating about how to approach the “cyber” security problem. But the solution the government needs to network security isn’t sweeping authority over the Internet — it’s common-sense security practices they’ve heretofore failed to implement.’
‘Joe St. Sauver’s academic presentation agrees that SCADA security today lags 5 – 10 years behind business security. Of course, we already know that business security tends to lag behind attacker capabilities by some number of years.’
‘The purpose here is not to scare people. As Maynor and Graham note, “There is neither cause to panic nor cause to ignore the issue.” The way out of the security mess is reason, not paranoia. Instead, these examples show that even the most important systems suffer surprisingly basic problems — with basic fixes.’
‘… Simple things like keeping systems updated and keeping critical systems air-gapped would provide more day-to-day safety to the nation.’
Leave a Reply