Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Tuesday, 02 October 2007 14:22

Survey: consumers don't understand online security

By
A new survey by the NCSA and McAfee shows just how vulnerable most computer owners are, as the majority who believe themselves protected by security software actually discover they are instead woefully underprotected!

The NCSA, or National Cyber Security Allance at StaySafeOnline.Org, and global IT security player McAfee have joined forces to release a startling report (PDF) on the state of security on US consumers’ computers.

Called the McAfee/NCSA Online Safety Study, the report opens with “Think Your Home Computer Is Safe? Think Again”.

The report shows that people believe the security of their computer and Internet connection is important, but that people aren’t doing anywhere near enough to ensure that they continue to stay protected, by ensuring automatic updates occur for the OS, installed software and the relevant security programs, that updates are paid for each year to be running the very latest version, and by investigating new security programs that appear on the market and using them in addition to everything else if warranted.

The full results are included in the link above, and the report itself makes for very interesting reading, but there is some standout info that must be shared.

The report starts out by saying that 87% of survey respondents believed they had anti-virus software, 73% believed they had a firewall and 70% thought they had anti-spyware software.

When the survery respondents had their computers scanned by the NCSA, the results indicated that 94% had anti-virus, only 55% had antispyware and 81% had a firewall - but only 64% had their firewall enabled!

Even worse - only 51% of anti-virus owners had their software totally up-to-date - the rest had outdated 'antivirus definitions' and other updates by month or more, resulting in very little real protection against the latest threats.

The report says that "less than one in four Americans are fully proteted against viruses and malware".

And that’s where spyware, viruses, phishing and even pop-ups are still tripping people up. Awareness of phishing attacks or spyware is high but knowing how to protect themselves, remove infections or detect phishing attacks as they occur is low.

The report shows that people believe they are using computers infected with viruses or spyware but continue using them anyway – even for things such as online banking or shopping – and of course there are clearly plenty who are doing these activities and more on computers their owners don’t know are compromised!

Clearly, McAfee would be hoping that some of the people reading this report will either update their existing McAfee software electronically to the latest version or rush out to buy it in stores, but whatever the choice today’s tech-savvy – and not so tech-savvy consumers will end up making over which Internet security solutions to buy and/or download, the report is correct in saying that “most Americans are in dire need of a reality check”, although naturally we’d expand that to computer users worldwide.

So, what should consumers be doing to stay secure, especially from spyware, phishing, malware and identity theft? What paid and free programs are available? Please read onto page 2 to find out!


What consumers could benefit from is a clear guide to computer security software– and hardware – that can offer the best protection. This should be promoted widely, in the style of the Common Sense Media website on child safety online . Perhaps all computers should come pre-installed with all the security software needed to protect users today.

Today’s PC needs more than just an off-the-shelf Internet security package. Easily found in retail stores and even sold online, you have your pick of Symantec’s Norton Internet Security 2008 or Norton 360, McAfee’s Internet Security Suite, no doubt to come in a 2008 version, and also 2008 versions of Trend Micro’s, ZoneAlarm’s and CA’s Internet Security suites to choose from.

All offer a firewall, anti-virus, anti-spyware, network security and, from memory, a junk mail filter if desired. Some, such as Norton 360, offer online storage for backup as well, and other packages have their own unique selling points.

All of the software, from the OS to the office suite and everything else should be regularly checked for updates, or set to update automatically if possible. The latest drivers for hardware should also be checked for and used. And regular backups should be taken - including through the use of external hard drives, automatic backup and mirroring technology and more - it's all available at major retail stores for anyone to purchase and install.

Additionally, using an online backup service is very useful in maintaining an additional off-site backup - a number of services are avaialble online, and as mentioned previously is now coming as standard with some commercial Internet security suites, with the option to buy more storage at a yearly price.

Free security software solutions include AVG’s Anti-Virus , and others like Avast online – just do a search for free antivirus, while ZoneAlarm’s free firewall is certainly better than the one that comes with Windows XP or Vista.

After that, anti-spyware protection is best afforded by Safer Networking's new Spybot Search and Destroy 1.5 – now upgraded to be easier to use, and easier to keep updated and immunized. It’s an essential tool against spyware that helps prevent spyware from getting onto your computer in the first place, and getting it off it if does.

Lavasoft’s AdAware is also a well known anti-spyware tool that’s also worth having and using in addition to Spybot.

It’s also worth installing Microsoft’s free Windows Defender, although Spybot is much more advanced.

When it comes to detecting phishing attacks and protecting your username and password, along with other private details, when engaging in any online transaction, be it with a bank or other financial institution, any e-business or e-government transaction and more, you usually have to be smart enough to recognize attacks, even if using services such as McAfee’s SiteAdvisor , or the anti-phishing toolbars in Symantec software, Internet Explorer and Firefox (among others).

So, what about phishing and identity theft? Well, aside from a new game that teaches how to detect suspect links in phishing emails, a company called TrustDefender is offering a security solution that still seems to be unique among all the security solutions out there, and is worth checking out - the full details are on page 3. Please read on for the conclusion!


First, the game, called ‘Anti-Phishing Phil’ , which has come about thanks to Carnegie Mellon University. Students have created a game to teach people about the dangers of phishing attacks by email and how to recognize suspect links in emails received from companies and individuals online. It's the first game of its type, and while effective, is primitive. It should prove to be just the start of greater initiatives to not only make people aware of the problem but give them the tools and training they need to learn how to become cyber street smart and protect themselvles.

And now TrustDefender. They are offering what appears to still be a unique security solution. Indeed, if anyone knows of anything similar or better I’d appreciate it if you could leave a comment with the details so I can check it out!

TrustDefender promises a range of capabilities. One is to uncover phishing attacks in real time, stopping you from being accidentally tricked, while also letting you be sure of the ownership of a website.

TrustDefender’s makers say the software shows you the authenticity of the sites you are visiting, letting you be sure that the bank you are connecting to really is the bank – and not a phishing site, and that the entire service is connected to a Trust Network that allows users to rank sites on security. A well known site will be well rated and have lots of feedback – a new site has no rating and little, if any feedback at all, and will stand out like a sore thumb.

TrustDefender’s offering is also unique in that the software offers banks, financial institutions, auction sites, and any other site that requires you to log in with a username and password the ability to not only verify that you are who you say you are when you connect, but also what the security status of your PC is, when using “TrustDefender Enterprise” at the business end during each transaction with every customer.

Better still, TrustDefender's trump card is the promise that the software neutralizes any already installed and running malware, spyware, viruses, rootkits or other crimeware on every customer’s Windows XP computer (the current version does work with Vista but a proper Vista-compatible version is on the way) while they conduct their financial or other transactions, preventing these programs from stealing your information mid transaction, while also alterting customers to their presence, so they can get their existing or some new Internet security software to permanently remove it from their computer.

TrustDefender says that this means customers can still safely connect to any online service even with an infected or compromised computer in safety, as their technology neutralizes the viruses and other threats for each session. TrustDefender say their also allows banks and other organizations to instantly apply different risk profiles if a previously uninfected user who normally makes small transactions suddenly has a rootkit and spyware and wants to make a $10,000 transaction.

Currently companies don’t know what the security status of their customers’ PCs are. TrustDefender say they can do this in real time. I’ve seen other companies claim ‘end-point security’, which includes software such as ‘Sanctuary’, previously known as SecureWave, but that takes a different approach and is complementary to TrustDefender rather than competitive.

Traditional security companies are still relying on blacklists, heuristics and other forms of detection technology to prevent known and unknown attacks, but TrustDefender’s approach is the most innovative so far in protecting your information from theft and attack even if your computer is infected by malware your existing Internet security software doesn’t yet know about or can’t yet remove.

So, the picture is clear: people know the need for security, but just need help in getting the software onto their computers and keeping it updated, while checking out what other security solutions become available and using more security software if required.

It’d be nice if there was one magic bullet piece of software that did it all. Mac owners would laugh and say to buy a Mac. But all computers need protection of some kind, even Macs need anti-spam software at the very least and come with an inbuilt firewall as part of Mac OS X which should always be turned on!

Check the security status of your PC, and those in your household, and make sure everyone is checked for spyware and is running the most up-to-date protective programs, whether free or paid – chances are, someone in your household is out of date and potentially already infected.

Subscribe to ITWIRE UPDATE Newsletter here

Active Vs. Passive DWDM Solutions

An active approach to your growing optical transport network & connectivity needs.

Building dark fibre network infrastructure using WDM technology used to be considered a complex challenge that only carriers have the means to implement.

This has led many enterprises to build passive networks, which are inferior in quality and ultimately limit their future growth.

Why are passive solutions considered inferior? And what makes active solutions great?

Read more about these two solutions, and how PacketLight fits into all this.

CLICK HERE!

WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge

Don't miss the only 5G and edge performance-focused event in the industry!

Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.

With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.

REGISTER HERE!

BACK TO HOME PAGE
Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments