Muhammadu Buhari: A Nepotist and Mujahid in Govern... » SERIES: BUHARISM AND THE FIERCE URGENCY OF NOW Acts of a President with a mustard seed-mind and a ... UK lockmakers meet the lock attack challenge » UK police are continuing to warn householders about the vulnerability of domestic entrance door lock... Executive cyberstrategy sessions unite senior ex... » Medford, NJ: Watchful Software has announced the launch of its new Global Thought Leadership Program... Matrix42 launches new package manager for Microsof... » London: Matrix42 has announced the latest release of its new Package Manager solution. Administrator... Peplink helps innovative Sao Paolo School solve ... » Peplink has announced a successful project with Colégio Next, a school in Sao Paolo, Brazil that has... Certifigate Found In the Wild on Google Play » New insights on the extent, exploitation, and mitigation of this threat Three weeks ago, Check Poin... TACKLE WORLDWIDE WATER SHORTAGES WITH DIET, SAYS ... » At the start of World Water Week - the forum tackling global water challenges - The Vegan Society ha... 2015 Presidential Election Isuues » After that historical backgrounder in Part I, I shall now examine 4 election issues, the two on ever... Analysys Mason tackles file sharing securely wit... » London (UK): Varonis Systems, Inc. has confirmed how it has helped telecoms research and consultancy... ASIS and (ISC) 2® to host Career Center at ASIS... » Alexandria, Va.: Security professionals can get answers to their most pressing career questions and ...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

Making people less trusting of the internet has to be one of the first steps towards combatting cybercrime, it has been warned.

According to business security consultant Roger Smith, internet users must undergo a fundamental change in their perception in order to improve cyber security.

Smith, a security trainer whose company, R & I ICT Consulting Services is based in Canberra, Australia, is one of the contributors to Security 3.0, a book exploring the future of the global security industry. In his chapter, Cyber security: everyone’s responsibility, Smith says:

“In normal day to day existence, we make normal emotional decisions, when meeting people, based on our five senses (sight, sound, touch, smell and taste (I try not to lick people when I meet them)). These senses give us a perception of the people we meet, an understanding if something is a little "off", or an understanding that I can trust them. On the Internet we only use one and that seems to be enough for most people. I like the look of you therefore you must be OK! Maybe I am strange but for me to trust you, it will take a lot more than what you look like.”

Smith adds: “It does make me wonder how stupid we are. The problem is, it is not stupidity. This is a fundamental change in human physiology. The other four senses are no longer used so we have to rely on other factors to increase my level of trust in you and who you are.

“In business this is done through marketing and more importantly reputation. Social media, when used correctly for business, has the capability of increasing your trust level in both me and my product. This is why we see large businesses and politicians use social media to increase the trust level of their community. Sometimes it works, others times it doesn't.

“The problem is that the bad guys also use these types of tactics to increase your trust in them. From blatant lies to false advertising they are out to get you. The criminals even use Google Ad words and search engine optimisation (SEO) to target potential victims. Looking for the newest game, song or film to download or looking for the newest celebrity screw-up, I will bet you that the top 10 search results both natural and paid for will deliver not only a version of what you are looking for but malware, spyware or a worm.”

Smith argued that, in order to be effective, individuals must begin to take responsibility for their security.

“The buck has to stop somewhere,” he said. “If everyone who connected to the Internet had the attitude that "MY protection is MY problem" we would be in a totally different world and I wouldn't have much to write about.

“We can use technology to help with the solution, we can use management to keep track and resolve the problems and we can make sure that we are as adaptable as we can be but it still comes down to the fact that everyone needs to say that it is MY problem. If it is MY problem then I am also the solution.”

Smith described cyber security as a ‘whole of business attitude’. “It is a holistic attitude towards protecting everyone and everything within the business. It needs to be driven from all areas of the business, managed and controlled by the top but implemented and embraced at the bottom.

“I have a simple saying - Cyber security is MY problem. Not just because I work in the area but because it should be the catch phrase of everyone who is using the Internet. If everyone looked at cyber security like that then we really do have a chance of controlling the problem.”

In order to beat the cyber criminals Roger Smith outlined six easy to follow steps that people should follow.

He said: “In the area of training there are 6 facets that can be used by everyone that will flow into their workplace. Some of them can and are controlled and enforced by computer policies, others are not. They are all important.

• Use complicated passwords for every password. It doesn't matter what the web site is or the reason for the password, if you use a complicated password then a brute force attack will fail.

• Use unique passwords across different areas of your personal and business life. There is a place in the cybercrime area for people who use the same password on every site. These people are just basically fodder for the cybercrime machine. If I use the same username and password on a site and it is compromised then the first thing that the bad guys do is test other sites with that combination, it is an automatic and automated process.

• Patch everything including operating systems and applications. If the computer tells you it has an update - apply it. If an application has a patch, apply it. Applications are a bigger danger as they go across multi platforms.

• Use an anti-virus program on anything that will take one. Anti-virus software is now available for most platforms. From Mac to Microsoft to android. Most look for viruses, they are also looking for malware and spyware. The more people who use an operating system or application the more chance there is that something bad has been written for it. Yes apple and IOS is a target.

• Be paranoid. Everyone is out to get you on the internet - from 12 year old script kiddies to full blown bad guys and the threat are increasing. In addition to that even the automated systems are out to get you. It is going to happen to you (99.9% chance of being a victim of cybercrime in the next 10 years) so make sure that you do a regular backup.

• Always use common sense.

o If it looks like a scam - it is

o If they want money - it's a scam

o If they want to give you something for free - it's a scam

o If it seems too good to be true - it's a scam.

o If it’s free - it is a scam, in most cases it is also infected with malware, spyware or ransom ware.

“Get these areas correct and there is a flow on effect. You, as a user, are more secure on the Internet which means that who you work for is more secure.”