[ SHOWGSD-L ] OT Malware Myths

• From: "SolanaGSD" <SolanaGSD@xxxxxxxxxxx>
• To: <showgsd-l@xxxxxxxxxxxxx>
• Date: Mon, 10 Oct 2011 20:08:35 -0400

Content-Type: text/plain;
        charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Here is something out IT guy at work sent us all a few months ago. 

 

Deborah Gebhard

Solana GSD, Mich

http://www.bonanza.com/booths/ChHaley 

 

From: joe ashton 
Sent: Wednesday, July 06, 2011 9:07 AM
Subject: Malware Myths

 

A few of you have been hit by some nasty malware recently. Here is a blurb
about how this occurs.

I do not agree with the fellows assessment of free antivirus scanners,
however, as I have been safe from malware and use nothing but free utilities
and I do regularly investigate malicious sites.

 



IT Security & Network Security News & Reviews: 11 Internet Security Myths
That Delude Computer Users



By Fahmida Y. Rashid <http://www.eweek.com/cp/bio/Fahmida-Y.-Rashid/>  on
2011-06-28 

Many surveys have highlighted the fact that end users are not
security-conscious and do not think about the implications of their online
activities, making them vulnerable to attack by cyber-criminals. A recent
survey of nearly 16,000 users in 11 countries by G Data Software uncovered a
startling fact: Users are thinking about security, but what they know is
light years out-of-date or completely wrong. "The majority of Internet
users, regardless of age, sex or nationality, are aware that there are
threats on the Internet," G Data's researchers wrote in the report. However,
a lot of what they think they know may have been true in the nineties and in
the first decade of the new millennium but has not been true for the past
several years, the researchers said. As a result, end users are relying on
"very out-of-date facts" to protect themselves, the researchers noted. Only
a small percentage understands the nature of current online threats or how
to effectively protect them from computer malware, the report found. "A high
level of awareness here can surely do no harm," they wrote. Below, eWEEK
identified the top 11 myths about online security and paired them with
up-to-date facts pulled from the "How do users assess threats on the
Internet?" report. 

 

Myth 1: I Will Know When I Am Infected (93 Percent)

Almost all Internet users around the world are convinced they will know when
their computer is compromised, when in actuality, modern malware is stealthy
and hard to detect.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths01
.jpg

 

 

Myth 2: Free Security Software Is as Good as Paid (83 Percent)

Most users feel there are no specific differences between paid security
software and free antivirus applications, not realizing they don't get Web
filtering, anti-spam or behavior-based analysis with the free tools.

//From Joe: I do not agree with this one. McAfee and Symantec are the two
biggest paid protectors and they both really suck. Avast free antivirus has
all the elements of protection that they claim do not exist, including URL
validation.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths02
.jpg

 

 

Myth 3: Malware Comes From Email Attachments (54 Percent)

A little over half of users still believe that email attachments are the
primary distribution mechanism for malware. While it's still a problem, the
biggest problems nowadays are emails with links to malicious Websites.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths03
.jpg

 

 

Myth 4: Just Going to a Website Can't Infect You (48 Percent)

Almost half of Internet users believe it is necessary to actually do
something on a rogue Website to be infected, when many attacks can trigger
drive-by downloads just by loading the page.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths04
.jpg

 

 

Myth 5: Malware Comes From Illegal File Sharing Sites (48 Percent)

While a large volume of malware is distributed by torrent sites and other
peer-to-peer networks, they aren't the the only sites that contain malware.
The majority of malware comes from normal-looking Websites.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths05
.jpg

 

 

 

Myth 6: General Audience Sites Are Safer Than Adult Content (37 Percent)

Users tend to think that adult content sites are rife with cyber-criminal
activity even though they are usually better designed and much more secure
than hobby and leisure sites. The industry tends to protect their customers
better.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths06
.jpg

 

 

 

 

 

 

 

 

Myth 7: Firewalls Stop Drive-by Downloads (26 percent)

While firewalls are important for security, it can't detect a drive-by
download because it's concealed among normal Web traffic. A firewall also
can't detect malware trying to phone home.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths07
.jpg

 

 

 

 

 

 

 

 

 

Myth 8: Stay Safe by Not Visiting Risky Sites (13 Percent)

Users often blame the victim for getting infected by going to "risky" sites.
Cyber-criminals don't limit their attacks to certain sites, but compromise
whatever yields the most victims, even highly trusted sites.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths08
.jpg

 

 

 

 

 

 

 

 

 

Myth 9: Don't Open Files (22 Percent)

Many users think you have to open an infected file to be compromised. That's
true in most cases, but attackers can also exploit existing security holes
to remotely execute a file without the user's intervention.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths09
.jpg

 

 

 

 

 

 

 

 

 

Myth 10: Infected USB Sticks Are Most Prevalent (13 Percent)

While it was true at one point, now that autorun is not the default setting
on most modern systems, this is no longer the most common method of
infection. Websites are. 

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths10
.jpg

 

 

 

 

 

Myth 11: Consumers Are Safe (8 Percent)

Thankfully not many users believe this myth. While criminals are interested
in corporate networks, all users are fair game and consumer computers
contain credit card numbers and make great zombies.

http://www.eweek.com/images/stories/slideshows/073911_security_myths/myths11
.jpg

 

 

 

 

Joe Ashton

IT Dept Mgr

Discount Paper Products

800-752-7655 x133

46750 Humboldt Dr

Novi, MI 48377

http://www.discountpaper.org

 




============================================================================
POST is Copyrighted 2011.  All material remains the property of the original 
author and of GSD Communication, Inc. NO REPRODUCTIONS or FORWARDS of any kind 
are permitted without prior permission of the original author AND of the 
Showgsd-l Management. ALL RIGHTS RESERVED. 

Each Author is responsible for the content of his/her post.  This group and its 
administrators are not responsible for the comments or opinions expressed in 
any post.

ALL PERSONS ARE ON NOTICE THAT THE FORWARDING, REPRODUCTION OR USE IN ANY 
MANNER OF ANY MATERIAL WHICH APPEARS ON SHOWGSD-L WITHOUT THE EXPRESS 
PERMISSION OF ALL PARTIES TO THE POST AND THE LIST MANAGEMENT IS EXPRESSLY 
FORBIDDEN, AND IS A VIOLATION OF LAW. VIOLATORS OF THIS PROHIBITION WILL BE 
PROSECUTED. 

For assistance, please contact the List Management at admin@xxxxxxxxxxx

VISIT OUR WEBSITE - http://showgsd.org  
SUBSCRIPTION:http://showgsd.org/mail.html
NATIONAL BLOG - http://gsdnational.blogspot.com/
============================================================================

Other related posts:

• » [ SHOWGSD-L ] OT Malware Myths - SolanaGSD

1. Home
2. showgsd-l
3. Archive
4. 10-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---