October 25, 2006
Today's Hackers: Firewalls just aren't cutting it anymore
Everyone has heard of hackers, identity theft, and other various security breaches; therefore the majority of people have taken the standard steps of firewalls, secured wireless networks, and basic encryption techniques. Is this enough? Not anymore. The article How to hacker-proof your business informed me of a multitude of different hacking methods -- most of which I was unaware of.
The article featured prevention tips on all forms of hacking (from digitally penetrating a database to physically digging around in dumpsters). The more traditional, computer-savvy types of hacking can be easily intercepted by one simple step: ENCRYPTION. However, the focus of the article was more on fending off the new, avant-garde methods of hacking; "the glory days of the lone hacker toiling away in his bedroom are a thing of the past." Some of the methods I found most interesting were aquiring citizens' social security numbers by reading the HTML of a county court website, and employees being tricked into revealing log-on and password information by accidentally attempting to access an "evil twin" network. The list goes on with a variety of creative tactics of which the majority are targeted at businesses.
Prevention is key. Most breaches are easily preventable and far more cost efficient that trying to recover after the damage is done. The most important and obvious advice is use common sense and caution. A USB key-drive can easily be slipped into a pocket and information gone forever, so in addition to backing up to data, go the extra mile and get an encrypted one. Password complexity is another interesting point. Firms are forcing employees to make complicated passwords with various symbols and capitalization which must be changed quite frequently; this can lead to people writing the password down on a sticky note and keeping it right near the computer. Now lets think, what exactly is the purpose of this overly comlicated password if it's in perfect sight?
These are factors so simple that they just get over-looked in the big picture. Keeping an eye on simple things like these can prevent thousands of dollars spent on recovering from a breach-- not to even mention the potential loss of customers due to the breach. The simple measures this article presents seem to be the most beneficial. I understand firewalls and encryption are necessary, but who is to say that since people can come up with such powerful encryption techniques, people cannot come up with equally powerful ones to break them?
Posted by akmanie at October 25, 2006 03:31 PM