Navigating the New Cybercrime Threatscape, Part 4
Education is a main component for a successful defense against malware. There's really no shortage of resources available for those who know where to look, regardless of whether you're looking learn how to better protect your own home systems or your business' network.
Part 1 of this series discusses the history of cybercrime. Part 2 looks into common varieties of malware currently found in the wild. Part 3 explores strategies for increasing your resistance to cybercrime.
Regardless of the agreements or disagreements on how individuals, companies and governments are to combat cybercrime, one fact stands true: Doing nothing is the worst posture to assume. Cyberrisk is as limitless as human determination, ingenuity and ignorance. As such, it is crucial we take the right measures to protect ourselves online. In the final part of this four-part series, we'll examine how you can best equip yourself with resources to a safer online existence.
Education is essential when protecting yourself from the evolving threatscape. Luckily, there's an abundance of resources, from Web sites and online initiatives to workshops where you can learn about self-protection from those who would steal, deny access or destroy confidential information.
Stay Safe Online is the National Cyber Security Alliance's (NCSA) Web site. NCSA's mission is to empower and support digital citizens to use the Internet securely and safely, protecting themselves and the cyber infrastructure. The Web site features helpful information for all types of users. For the home users, the site offers a self-assessment quiz where users can evaluate their safety online. Additionally, there are sections on protecting your computer, safe and secure practices, protecting children online and how to report and handle problems.
Stay Safe Online also offers a K-12 section filled with information for educators to use within the classroom. The K-12 section includes lesson plans and materials, a baseline national study for K-12, posters and video contests and information for education administrators and policy makers.
Additionally, the Stay Safe Online site features a small-business section. Problems with security can drastically affect a business and their employees. The business can be put at risk by harboring illegal content such as pirated MP3s. Employees can be a victim of a phishing attack or some other type of targeted attack where they either divulge confidential information unwittingly or they are infected and have illegal material which could end up getting them fired through no real fault of their own.
Bite Out of Crime
Another great resource is The Internet Crime Complaint Center (IC3) which serves as a means to receive Internet related criminal complaints to federal, state, local or international law enforcement and/or regulatory agencies for any investigation they deem to be inappropriate. Complaints are streamlined effectively if the complainant provides accurate and thorough information. IC3 requests the following information when filing a complaint:
- Mailing address
- Telephone number
- The name, address, telephone number, and Web address, if available, of the individual or organization you believe defrauded you.
- Specific details on how, why, and when you believe you were defrauded.
- Any other relevant information you believe is necessary to support your complaint.
Awareness and education are effective weapons against cybercrime. By educating yourself, you will better understand how to reduce the risk of becoming a victim of cybercrime. The Web sites outlined above provide a snapshot of online resources available to proactively protect yourself against cybercrime.
In an effort to teach and protect their local communities, many organizations are spearheading campaigns and initiatives that teach citizens about technologies and tools that help reduce and/or prevent cybercrime.
One such organization is The Anti-Spyware Coalition. The Anti-Spyware Coalition (ASC) is an organization comprised of some of the world's most prominent antispyware providers and key public interest groups committed to combating the rise of unwanted spyware clogging computers and endangering Internet communications. The ASC draws on the combined expertise of its members to help consumers better defend their computers against unwanted technologies, improve communication about what constitutes spyware and how antispyware companies combat it, and offer proposals for strengthening anti-spyware technology globally.
The ASC hosts several workshops throughout the year to discuss an array of perspectives on the problem of controlling spyware and other potentially unwanted technologies. For example, on May 19, 2009, the ASC hosted it's fifth public workshop in Washington, D.C. Attendees included leading experts on cybersecurity and experts from various groups with deep investments in a safe and cooperative Internet -- with a core focus on creating a chain of trust online and how good actors can cooperate in order to protect users.
As cybercriminals become bolder, a growing number of viruses and worms are unleashed with malicious intent, self protection capabilities, and a wide range of attack techniques; it's vital to understand and absorb the resources available to protect yourself from cybercrime. The Internet has become an essential part of our lives. Some of the things we use it for are to surf the Web, shop, pay bills, and conduct business. Taking precautions while online will reduce your risk of becoming a victim of cybercrime. Just as you wouldn't leave your front door open for someone to potentially enter your home and steal your belongings, you don't want to leave your computer open to those who want to retrieve confidential information on your personal computer.
While the above information should provide some guidance in navigating the various resources out there, below, please find a comprehensive (although not exhaustive) list of additional resources for both businesses and consumers:
- A comprehensive cybercrime and cybersecurity awareness program: Securing Our eCity
- Internet Crimes Complaint Center
- National Cyber Security Alliance (NCSA)
- United States Computer Emergency Readiness Team (US-CERT)
- Multi-state Information Sharing and Analysis Center
- Federal Trade Commission's (FTC) Protecting Personal Information: A Guide for Small Businesses
- National Security Agency (NSA) Security configuration Guidelines
- Anti-phishing Working Group
- Anti-Spyware Coalition
Jeff Debrosse is the North American research director at ESET