Data Loss Prevention
Data loss can sometimes be merely an annoyance, such as when you have been working on something for several hours without saving and you get up for a coffee and Windows decides that it’s a great time to restart your computer *shakes fist at Windows’ team that thought the default should be auto-restarts after updates*. In more extreme cases, such as a mission critical database for a business, data loss or theft can be a much bigger deal and particularly when talking about doing things online, there are a number of common vulnerabilities that attackers can exploit to gain access to your data, whether to copy and use for their own purposes, change, or delete.
To help you assess your potential for data loss, CDW made up this document outlining the 7 major threats against your data that can lead to catastrophic data loss. They go into significantly more detail in the document itself, but the highlights are as follows:
- Malware Menace: malware that can be installed on your machine(s) unbeknownst to you that may steal your data or otherwise cause a variety of problems on your system.
- Attacks on Web Browsers / Hostile E-mail Attachments: A variety of methods are often used by attackers via these mediums to steal your data.
- SQL Injection Attacks: An easily preventable security hole that none-the-less is often overlooked, which can allow attackers to gain access to your databases.
- Configuration Management / PC Lockdown: Employees often share data they are not supposed to via non-secure mediums. Companies also often have lax policies towards granting data access to contract workers and the like, who don’t necessarily need as much access as they are given.
- Password Issues: Weak passwords on systems, or complicated passwords left lying around.
- Wireless Security: Transmitting data around wirelessly in public locations can create huge security holes allowing attackers to steal mission critical data.
- Loss of Mobile Devices: Employees often leave portable devices lying around in public places or otherwise lose them. It’s estimated that about 10% of mobile devices used by companies end up getting lost or stolen.
Developing and implementing a good data loss prevention plan can be critical to the long term success of companies. In order to get a lot more detail on the above, you can go here to download the full document: 7 Identified Threats
- The term “virus”, as referring to self replicating computer programs, was coined by Frederick Cohen who was a student at California’s School of Engineering. He wrote such a program for a class. This “virus” was a parasitic application that would seize control of the computer and replicate itself on the machine. He then specifically described his “computer virus” as: “a program that can ‘infect’ other programs by modifying them to include a possibly evolved copy of itself.” Cohen went on to be one of the first people to outline proper virus defense techniques. He also demonstrated in 1987 that no algorithm could ever detect all possible viruses.
- Though it wasn’t called such at the time, one of the first ever computer viruses was called “Creeper” and was written by Bob Thomas in 1971. He wrote this virus to demonstrate the potential of such “mobile” computer programs. The virus itself wasn’t destructive and simply printed the message “I’m the creeper, catch me if you can!” Creeper spread about on ARPANET, the precursor to the Internet. It worked by finding open connections and transferring itself to other machines. It would also attempt to remove itself from the machine that it was just on, if it could, to further be non-intrusive. The Creeper was ultimately “caught” by a program called “the reaper” which was designed to find and remove any instances of the creeper out there.
- While terms like “Computer Worm” and “Computer Virus” are fairly commonly known, one less commonly heard term is “Computer Wabbit”. This is a program that is self replicating, like a computer virus, but does not infect any host programs or files. The wabbits simply multiply themselves continually until eventually causing the system to crash from lack of resources. The term “wabbit” itself references how rabbits breed incredibly quickly and can take over an area until the environment can no longer sustain them. Pronouncing it “wabbit” is thought to be in homage to Elmer Fudd’s pronunciation of “rabbit”.
- Computer viruses/worms don’t inherently have to be bad for your system. Some viruses are designed to improve your system as they infect it. For instance, as noted previously, the Reeper, which was designed to go out and destroy all instances of the Creeper it found. Another virus designed by Cohen would spread itself on a system to all executable files. Rather than harm them though, it would simply compress them, freeing up storage space.
- One of the most expensive worms to date, causing several billion dollars of damages, was the “Love Bug” released in 2000. This bug spread itself around by sending itself to all emails in a user’s address book when the user clicked to open the “love letter” purportedly sent from someone they know. The love bug originated in the Philippines, created by a 24 year old student who was never convicted of anything because, at the time, there were no laws against what he did in the Philippines.
- Fred Cohen
- Sassar Worm
- Timeline of Computer Viruses
- Computer Virus
- Famous Worms and Viruses
|Share the Knowledge!|