Information Security for E-businessmen: Just a Couple of Ideas

If you constantly deal with bank or electronic accounts, it must be your worst nightmare--to wake up and learn that you are a bankrupt. Some crook stole your personal data and all the money you have been sweating blood for years has flown to somebody else's account. Almost everybody must have heard that such a tradegy is called identity theft and millions of people in the USA alone suffer the same every year. Poor consolation for its victims, isn't it?

Unfortunately, businessmen frequently are targets for identity thieves, especially online. Lots of articles on identity theft, "how-to-avoid" tips, and scary stories about the victims circulate through the Web and other media. The authors remind people again and again that they should be cautious when giving anybody their private info as well as care for their PCs' security. But in spite of all their effort identity theft is still the most rapidly growing crime.

Software developers are doing their best, too. They can't be of much help if somebody plainly looks over your shoulder and writes your credit card number down. It's for you to take care and never reveal your personal info to anybody who asks for it. What they can do is to create new solutions to the urgent problems like data stealing. Keylogging spyware--the very programs that make lots of such crime possible--are pretty much written about lately. These programs secretly monitor everything users do on their PCs.

Keyloggers are used--by themselves or as a part of a virus or a Trojan -- much more widely than PC users think; it is an open secret that the lion's share of identity theft that happens online is because of keylogging spyware. The losses caused by stealing PINs, logins, and other valuable data, are well comparable with the damage from viruses. Actually, if a virus or a Trojan contains a built-in key logger module (and it often does), the end user finds himself in a pretty tough situation. The problem is that most anti-keylogging programs warn users when it is too late. The data have already been captured and sent. Why does it happen?

Almost all anti-spy software existing at the present moment works using the same scheme: spy program is detected and then blocked or eliminated. Detecting viruses or spy software is the crucial step of the whole process--all the protection depends on whether the anti-spy software is able to detect as many spies as possible. Signature bases which all these products depend on, is actually the "list" of signatures - small pieces of spy programs' codes. Anti-virus or anti-spy program actually scans the system and compares its codes with those in signature bases. So, in this case only the spies whose signatures already are in the base will be detected and eventually "caught". As long as anti-spy software is regularly updated and the system doesn't come across some unknown spyware product, everything is all right.

The problem is that lots of programs which could be used for stealing data are not included into signature bases right now. Some of them will never be.

There is good deal of people capable of creating something brand-new spy, unknown to anti-spyware developers. The period of time when a new spy already exists, but the updates have not been released yet, is the very time when hackers make their biggest profits.

Spy programs can be created for the specific purpose, such as industrial espionage, so they will never be represented in the base. Moreover, some monitoring programs can be used as spy programs as well, though they are not always included into signature bases. As we can see, a signature base is the weak spot of anti-spy protection; it is, so to speak, a joint in the armor. Information thieves also know about it.

Fortunately, software developers are constantly looking for new solutions. One of the new trends in anti-spyware developing is not to use signature bases as means of detecting spyware. There is three basic advantages in such an approach. First, the product gets rid of its the least reliable part; second, there is no so urgent need for updates anymore; and last, but certainly not least--the product becomes capable of blocking the destructive activity of even unknown spyware. To read more about this new approach follow the link in the signature.

When products of such a kind become widespread, there would be much more problems for hackers in future. However, there is no guarantee that no innovative spy software appears in response.

Whether we like it or not, all malware "evolves" very quickly; new schemes are being developed, and new software which online criminals create and utilize becomes more and more malicious and "selective". New keyloggers as well as keylogger-containing viruses and Trojans, appear all the time; the losses these programs may cause to a business are enormous. That is why in some businesses there is an acute need for separate anti-keylogging protection.

Alexandra Gamanenko currently works at the Raytown Corporation, LLC -- an innovative software developing company company. visit its website at http://www.anti-keyloggers.com

CBS News

Secret Service boss: No Colombia security breach CBS News (AP) WASHINGTON - Secret Service Director Mark Sullivan says his officers' contact with prostitutes at a Colombian hotel last month produced no breach of national security plans for President Obama's visit to the South American country. US Secret Service chief: no security breach from scandalReuters Secret Service hearing 'an important day' for Director Mark Sullivan, lawmaker ...Washington Post (blog) all 699 news articles »

ABC News

Air jet diverts after passenger claims to have 'device' Reuters | WASHINGTON (Reuters) - A passenger who claimed to have a surgically implanted device prompted a US Airways jetliner to divert to Maine on Tuesday in a security scare that followed a recently foiled bomb plot targeting US-bound aircraft, ... Security concerns divert flight to Maine airportBusinessWeek Passenger's suspicious claim diverts jet to MaineThe Associated Press Plane diverted after security scaremsnbc.com ABC News -WSOC Charlotte all 1,212 news articles »

AFP

Security Plays Big Role Before Egypt Vote Wall Street Journal Angst over the abiding lack of security, and its impact on Egypt's withering economy, has pushed its way to the foreground of Egypt's callow political dialogue. The issue has become such a universal priority that candidates across the political ... Egypt policeman killed at polling station: securityAFP Lawlessness is main issue in Egyptian voteBoston Globe Egyptians vote for Mubarak successor in historic pollFree Malaysia Today Ahram Online all 3,082 news articles »

Senate Panel Approves Airline Security Fee Hike ABC News A Democratic-controlled Senate panel Tuesday approved a $2.50 increase in airline security fees that would double the per-passenger fee for those taking nonstop flights. The move by the Senate Appropriations Committee would increase the fee on a ... and more »

W*USA 9

The Phillies used extra security for Bryce Harper at Citizens Bank Park Washington Post (blog) By Adam Kilgore (Via Lester) During Bryce Harper's first trip to Citizens Bank Park, the Phillies' fans greeted him with boos, and the stadium greeted him with a rare measure – extra security in right field specifically to protect him. Phillies Beef Up Security for Bryce HarperNBC 10 Philadelphia (blog) Phillies used extra security guard to protect Bryce HarperCBSSports.com (blog) Phillies: We Used Extra Security When Bryce Harper Was In The FieldW*USA 9 Deadspin -Business Insider all 781 news articles »

BBC News

Nations need food security goals BBC News By Mark Kinver Environment reporter, BBC News The biggest environmental summit for a decade must make meaningful progress on global food security and sustainable agriculture, say researchers. CGIAR, the world's largest publicly funded research body, ... Brazil to enhance security during UN ConferenceChina Daily all 58 news articles »

Wombat Security Technologies Introduces New Release of PhishPatrol, its ... San Francisco Chronicle (press release) PhishPatrol detects many of the costly "spear phishing" attacks which are often missed by leading anti-virus and anti-spam filters Pittsburgh, PA (PRWEB) May 22, 2012 Wombat Security Technologies today announced the release of a new version of ... and more »

Technology, Government Security Experts to Keynote at Vanguard Security ... MarketWatch (press release) LAS VEGAS, May 23, 2012 /PRNewswire via COMTEX/ -- Vanguard Integrity Professionals today announced the full lineup of keynote presenters at Vanguard Security & Compliance 2012. Presenters include executives from IBM, CA Technologies, Cisco, ... and more »

PCI Security Standards Council Announces Program Highlights for Inaugural Asia ... MarketWatch (press release) WAKEFIELD, Mass., May 22, 2012 (BUSINESS WIRE) -- The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) ... and more »

New York Post

Port Authority to seek new airport security firm Wall Street Journal AP NEWARK, NJ — The Port Authority of New York and New Jersey said Tuesday it will seek to replace a security firm recently involved in a flap over a Newark Liberty Airport's employee's alleged fake ID. Port Authority officials met Tuesday with ... PA is booting ID thief's security firmNew York Post Port Authority Fires Security Agency After Agent Caught Stealing Dead Man's IDNew York's PIX11 / WPIX-TV all 131 news articles »