Working the Web - Is There a Cyber Attack in Your Future?

Windows Firewall (Photo credit: Wikipedia)

by Carl Weiss

When your head hits the pillow at night, do you fall asleep feeling secure that your online data, your identity and your financials are safe?  Do you feel bulletproof behind your Windows Firewall and Norton Antivirus?  Are you in the habit of downloading freeware on your PC and free apps on your Smartphone?  Do you use public wifi hotspots such as coffee shops, restaurants, hotels and airports? 

If your answer to any of the above was “Yes” then I have news for you.   It isn’t a matter of if you are going to be hacked, cracked or cyber attacked.  It’s just a matter of when.  Because the habits exposed above are an invitation for hackers and cyber criminals to gain access to your most sensitive information, hijack your computer and Smartphone and in short turn your life into a living hell where your identity, your financial data and intellectual property can be bought and sold like a commodity.

computer security (Photo credit: justonlysteve)

Does this scenario sound far fetched?  Let me provide you with a news flash.  During the past several months a shocking number of financial institutions, government agencies and the world’s largest domain registration service have all been hacked or denied service in one form or another.  Worse yet, all of these mammoth edifices have layer upon layer of protection that was designed to thwart even the most concerted attack.  Yet their security proved unable to stop hackers from entering and controlling their systems.

October 8 – Cybercrime Group Recruits Botnets for Coordinated Attack on 30 US Banks – by Ken Presti of crn.com

An organized cybercrime group is in the process of recruiting the operators of illegal botnets to participate in a coordinated attack on 30 American banks, according to security vendor RSA.  The attack, which is apparently planned for an undisclosed date this fall, would likely be the largest coordinated cyber attack in history, involving as many as 100 botmasters and their respective botnets.

According to RSA, the group will be leveraging a proprietary Gozi-like Trojan, which RSA calls "Gozi Prinimalka." The word "Prinimalka," which is derived from the Russian word meaning "to receive," appears as a folder name in every URL path to the gang's servers.

Microslave -- You're NOT Going Anywhere TODAY!
...item 2.. Man Arrested After Selling Stolen Electronics
Online (August 27, 2011) ... (Photo credit: marsmet552)

Apparently this was the same group that in 2008 stole more than $5 million from bank accounts in the US.  Botnets are networks of robotized computers owned by businesses or individuals that have been hacked and turned to cybercrime by remote control.  Many times the hacker tool of choice is not to spend hours or days trying to guess passwords, but simply to piggyback a piece of malware onto a freeware package that most people are all too eager to download.  Some exploit known back doors to operating systems and public networks.  Once inside a laptop, PC, tablet or Smartphone, the malware or spyware can gain access to and in some cases take control of infected machines.  Unless this malicious software is detected and eliminated, then the person or persons who designed the malware can rifle through your files, detect and extract credit card information, and if desired, use your machine to abet their nefarious activities. 

We Have Met the Enemy and They are Us

Sad to say, but the biggest cyber security issues for individuals and business owners comes from the poor online discipline.  Former White House CIO and cyber security expert Theresa Payton pointed out in a recent televised interview that “In one instance we had a client that was convinced they were being bugged by a competitor.  We quickly determined that their employees were checking in on Foursquare everywhere they went.  Even worse, they revealed online who they were with and what they were doing.  So I told management that nobody needed to bug their offices.  All the competition had to do was follow them around on Foursquare.”

This problem is not relegated to the US.  Andy Prow, New Zealand managing director of Aura Information Security sums it up, "There is a growing need for privacy. More people are putting more information about themselves online - Facebook and other profiles -- but on the flip side we are becoming far more conscious that we only want our personal information given out if we give it, and we do not want it stolen.”

Is Your Smartphone Smarter Than You?

Unlike personal computers and laptops, most smartphones have little in the way of security.  According to a recent survey, 70 percent of users don’t password protect their Smartp

Audiovox SMT5600 with the new Qtek Smartphone (Photo credit: Josh Bancroft)

hones.  Many smartphone users have little or no antivirus software or malware eradication software installed on their phones.  And unlike PC’s and laptops, it’s all too easy to misplace or lose a smartphone, which if left unsecured has a 90% likelihood of being rifled through before being returned.

While no one, not even the government or big business are immune from cyber attacks, the mos
t pressing need is for individuals to take the matter seriously and to take appropriate countermeasures to defend themselves.  Below are the top 5 things you need to do protect yourself:

1.      One layer of cyber security is not sufficient to detect malicious software.  You need to have at least three layers of security to harden your system.  As well as using a primary antivirus package such as TrendMicro, Norton,  or McAfee, you should also add a secondary layer of malware detection such as IOBit’s Advanced system Care 9, and/or Malwarebytes Anti Malware. 

            2.      Install password and antivirus protection on your smartphone.  AVG antivirus, Lookout      Security, Dr. Web Antivirus and other security and anti-malware programs are available for iPhone and Android. 

            3.      Online you should always look a gift horse in the mouth.  Never plug in a flash drive or install a free software program with which you are unfamiliar.  If you are looking for software that you can rely on as being malware free, check out the ratings on CNet or Tucows. Paying for a program in most cases eliminates the adware that often come with the free programs. Buying that app you like can help protect your smartphone.

       4.      Do not respond to online come-ons or email addresses to which you are unfamiliar.  Phishing is all too common to be ignored.  And it is much more insidious than you think.  I had to explain to a colleague the other day that the reason she was getting tons of emails but no follow up calls from a Craigslist ad she recently ran was due to the high probability that her ads were being responded to by people phishing for active email addresses that can be sold to spammers.  She has since insisted that interested parties phone her for more information.

      5.      Use common sense when posting on social networks like Facebook, LinkedIn, FourSquare and Flickr.  Remember while it may only take you a few moments to post online, your words and images will be available for years to come.  Therefore it is likely that they could be called up by employers, officials, spammers, stalkers and identity thieves.

While the age of information warfare is not as daunting a threat as thermonuclear annihilation, it can be crippling to a business or governments.  In 2011,  Iranian officials found out to their chagrin how vulnerable they were to cyber attack when their computers became compromised by the Stuxnet virus. Like many individuals they found out the hard way that online security is not something you can take lightly.

If you would like to find more articles like this type in your key phrase in the search box at the top left of this blog. If you found this article useful, share it with your friends, families and co-works. If you have a comment related to this article, leave it in the comment sections below.  If you would like a free copy of our book, "Internet Marketing Tips for the 21st Century", fill out the form below.




Since 1995, Carl Weiss has been helping clients succeed online.  He owns and operates several online marketing businesses, including Working the Web to Win and Jacksonville Video Production. He also co-hosts the weekly radio show, "Working the Web to Win," every Tuesday at 4 p.m. Eastern on BlogTalkRadio.com.

• Cyber Gang Seeks Botmasters to Wage Massive Wave of Trojan Attacks Against U.S. Banks (blogs.rsa.com)
• Russian Cyber Gang Is Preparing A Massive Wave of Trojan Attacks Against U.S. Banks (thetechnologycafe.com)
• Russian cyber gang said to be organizing a 'mega heist' of US banks (qz.com)
• Cyber Gang Planning Massive Trojan War On US Banks (techweekeurope.co.uk)
• Alert: Highly Sophisticated Large Scale Cyberheist Targets Customer Funds at Major U.S. Banks (shtfplan.com)