Thursday - Jun 7, 2012
While the topic of computer and Internet security is always in fashion, I couldn’t help but notice the wealth of related headlines so far this week. It seems as long as we have computer systems, there will always be someone out there to take advantage of their security (or lack thereof), and this week appears to be no exception.
1. Social media network LinkedIn dealing with security breach
News broke yesterday that possibly up to 6.5 million “hashed and encrypted” passwords were nabbed from LinkedIn. For those who aren’t sure what “hashed” and “encrypted” means, the oversimplified explanation is the password data of users had some kind of security on it, making it more difficult for would-be bad guys to do something with it. (For more on hashing and encryption, check out this HowStuffWorks page.) However, this certainly doesn’t stop them from trying to unencrypt/crack the passwords.
LinkedIn representatives later responded, saying some members’ passwords were indeed compromised. Additionally, they made some useful suggestions for anyone worried about their account’s future security. I recommend reading their suggestions as they can easily apply to any account that requires a password. And of course, if you have a LinkedIn account, it’s probably not a bad idea to change your password now if you haven’t already.
2. Facebook teaming up with Google to warn users if they’re infected by DNSChanger malware
In 2007 a rather nasty computer security threat was found in the form of a piece of malware that would divert users to not-so-friendly websites. The U.S. FBI has since arrested and charged the criminals responsible. However, the problem is not fully solved because the malware has what essentially can be considered a shut-down clock: if you’re still infected on July 9, you’ll have problems accessing the Internet.
Tuesday Facebook announced it had joined with Google and other entities to help users identify a DNSChanger infection and help them remove it. For readers who want to skip over the details and discover if they’re at risk, head over to DCWG, read the introduction, and then try testing your system by clicking a few of the URLs in the site’s table. As that article notes, many service providers are also helping their users resolve issues related to DNSChanger. If you’ve tested your system and believe you’re infected, it’s possible your service provider may be able to help you if you’re not comfortable resolving the problem on your own.
3. Computer security firm Kaspersky Lab goes alarmist with recent revelation of Flame malware
At the end of May, Kaspersky Lab announced the discovery of Flame, “one of the biggest and most sophisticated viruses of our age” they claimed. Reportedly it can capture keystroke, voice, visual, and other data once inside a system. And while the malware has mostly been spotted in the Middle East, it could possibly make appearances elsewhere in due time. More work will likely need to be put into analyzing it before more is known, though.
What’s interesting is how days later, Kaspersky himself began making alarming claims about how he’s “afraid it will be the end of the world as we know it” regarding cyber security. It’s hard not to look at such comments as trying to fan the flames of fear, but apparently he knows a thing or two about cyber security.
Regardless of whether you believe him or not, it’s difficult to deny that malware is becoming more sophisticated. With that sophistication comes the need for even more vigilance on Internet users’ parts to avoid such threats. If you’re still looking for more tips, check out LearnTheNet’s Stay Safe guide or tech consultant Ian Anderson Gray’s recent article about this topic.
Photo via elhombredenegro, Flickr Creative Commons