IT security Information for everybody
“Writing a book about cyber threats in a comprehensible and comprehensive way is not an easy task, but the book ‘Cybergevaar ‘ succeeds in this”, certifies the book’s first review, conducted by a well-known Belgian IT magazine, Datanews. The book “Cybergevaar” tries to provide a very readable and very accessible overview of almost every information security related problem and malware. It reaches out to the general audience and does not only target the technically savvy reader but provides information for everybody.
“Cybergevaar” starts with an overview of the history of malware and looks into the many profiles of malware writers and hackers. One of the chapters touches the topic underground economy and is using a lot of examples to explain the involvements. It is based on a whitepaper written by G Data SecurityLabs. Furthermore, new developments in the fields of cyber attacks, sabotage and espionage are discussed and looked into from different angles. The daily threats and the myths about malware are described in a detailed way. Among this, the chapter about general security tips and tricks is interesting for everybody. The book also provides a special chapter with thorough advice for companies.
While exploring the book, the reader can find several exciting security anecdotes and entertaining situations one possibly has never heard of before. Additional clarifications are provided throughout the entire book by use of attractive illustrations and easy-to-understand graphs. High-level opinions of people with experience and interest in the ICT security industry are included: Professionals such as Natalya Kasperskaya (InfoWatch), Ralf Benzmüller (G Data), Peter Kruse (CSIS Security Group), Bob Burls (Independent IT Security Consultant) are amongst the contributors. The book also seeks to elaborate on how governments and the media can play a role in the ‘education’ of users. Moreover, it gives an inside look into the computer security industry and organizations like AMTSO and EICAR. And, of course, ‘Cybergevaar’ does not miss the opportunity to highlight how the problem and its solutions may develop in the future, with a special chapter in the form of a short story – ‘Radical Ransom’ – set in the year 2033.
“Cybergevaar” by Eddy Willems, Lannoo, 213 pages, is now available in Belgian and Dutch bookstores and online shops. Plans to publish this book in other languages, such as German and English, are currently being discussed.
You can also order your version of the book via this webpage: www.lannooshop.com/gdata
Lots of companies and home users “have their head in the clouds” moving their services, servers and data to the cloud without realizing they are using the cloud since a decade already and they have never given any thought about security of using services from the cloud. Even now, with financial incentives, they do not consider or look at the security implications at all.
Where does a network stop these days? Where does the business network stop? This is not easily definable anymore. Today, networks lacks clear crisp boundaries and it becomes more and more difficult to define what the real inside and outside of the corporate network is. It even becomes more and more difficult for normal users to protect themselves and to detect the real risks behind every part of the network.
Malware writers are entrepreneurs who are always looking for the best return on investment. The Android operating system, combined with the Google Wallet Service, will offer a record-setting ROI if current policies continue. Let’s look at why.
According to Gartner and IDC, Android is the market leader in mobile operating systems, so it is logical that cyber criminals will target the platform. Android malware can easily be spread through apps, which makes it an attractive target. Not only did the beginning of 2011 see the emergence of this trend, but soon Android will take the lead as the most targeted mobile operating systems in terms of malware.
A lot of problems result from the fact that apps can be distributed via different online shops and channels. And nobody, except for security experts, is looking for malware inside the apps.
The first proof of the official Android Market being interesting for cybercriminals was reported in March 2011, called DroidDream, a family of malware which uses a pair of exploits to gain root access on vulnerable Android devices. A large number of Android applications was reported to be infected and all were pulled from the Android Market after it was reported to Google. All of the applications were versions of legitimate programs that were Trojan-ised and rebuilt by the malware authors, loaded with malicious code. DroidDream sends a collection of information like IMEI, IMSI, OS version, etc. to the attacker and then attempts to download additional software and payloads.