Tuesday, July 22, 2014

Friends of my friends are...

Friendship. Who can doubt about friendship? Masters of poetry as Jorge Luis Borges have written devoted words to it (http://goo.gl/g5jtMH), and musical geniuses like Freddie Mercury sang about it, eg epic 'Friends will be Friends' shown in this post. Allances merge in friendship, it gives credibility and is the bargaining chip in such a universal network like Facebook.

It's known by friends themselves, it's known by the business and it's known too... by cybercriminals. If you want to set a trap for someone, it is best that he get it from a friend, someone he trusts, someone who would give its money for, even its life for. And that's what Facebook scams are engaged, taking advantage of the concept of "friendship" joining this network contacts. The latest example is the alleged video of a half-naked woman, which redirects to a YouTube clone website, all along with a high degree of sophistication in terms of social engineering. The fake page prompted to upgrade the version of Flash Player... and the rest is a breeze. No fault of your friend: he fell into the trap before you, because another friend "said him" that he must see that video.
That's one of the many pathways for cybercriminals in business: social engineering. University Center Technology and Digital Arts (U-Tad, Spain), have compiled a list of ten common reasons why a security breach occurs in a company. Among these reasons, as we know, is the use of personal devices (BYOD) without appropriate security policies, as they represent an open access door to corporate networks. And, of course, let "light-fingers" have dominion over what is not theirs.

So you have to treat employees as enemies, banning their devices at work? Not necessarily: better to implement the appropriate measures. Net Security team have just released a whitepaper entitled 'BYOD Security that works'. It manages, among others, the idea of ensuring the data, rather than trying to control each and every one of the devices present in a workplace.

Once "bad guys" are inside the company, it is a matter of time for our data to end up in other hands. It will happen shortly. Or maybe data will be exposed in public. That's what a new search engine called Indexeus is devoted to. In a dubious disclaimer, their developer say that he only seeks to "raise awareness" about business security. Perhaps, there may be more "friendly" methods which create equal or greater awareness.

In any case, security and malware go hand in hand. The country that generates most information on cybersecurity is also the biggest malware hoster. According to a recent study, more than half of the world malware is hosted on servers in the United States, and it is increasing at a rate of 12% annual growth. Another interesting fact is that the HTML and Windows executables are responsible for 8 out of 10 attacks on devices.

Therefore, we are surrounded by friends, but also by enemies. And in that scenario the big G of Internet does not miss a trick to curry favor with its users. Its new security settings give a choice to the user: will you allow access to third-party applications without secure login technology, or will you disable access to your Google account? Google asks, and the user chooses. As is done with real friends. As Borges and his poem of friendship: "I do not judge the decisions you make in life / I limit myself to support you, to stimulate you and help you if you ask me."

And if you're a friend of security we ask you to vote, share and comment on our posts. At the right you will find the links to our social networks, and in this post the selected links for Tuesday. Indeed... You know? The International Friendship Day is about to happen: just next 30th July.


Post a Comment