backtop


Print 35 comment(s) - last by Pythias.. on Oct 10 at 7:41 AM

Users continue not to install antivirus software, believe they have protections they don't

Every year there's a kickoff for a campaign on cyber-security awareness in the form of National Cyber Security Awareness Month.  The campaign looks to better inform people on the hazards that may await them online.  Each year, Symantec and the National Cyber Security Alliance perform some basic assessments of users' internet behaviors and each year they get a disappointing confirmation that many Americans still just don't get some important concepts cyber security.

In the most recent study, conducted by October 2, there were some signs of progress.  Most Americans were aware that the internet presented many dangers from identity theft to computer hijacking.  Additionally most believed they were taking steps to counter these threats.

However, there appears to be a growing trend towards a false sense of security.  Of those surveyed, 80 percent claimed to have a firewall installed on their system.  However, only 42 percent actually had sufficient firewall defenses.  NCSA (National Cyber Security Alliance) and Symantec obtained the information via a combination of polling and checks performed by Symantec's PC Help by Norton. 

NCSA Executive Director Michael Kaiser described at a National Press Club conference, "We must redouble our efforts to ensure that Americans know how to use all of the tools necessary to protect their computers, themselves and their families from harm.  Too often, cyber-security has been made to seem complicated and inaccessible. Staying safe online appears daunting for users."

The National Cyber Security Awareness Month enjoys the support of many partners, government and public.  Its supporters include the DHS (Department of Homeland Security), Symantec, McAfee, Cisco Systems and Microsoft.

While Americans remain very confused on cyber security, Mr. Kaiser says that "great strides" are being made to convince these individuals to change their habits.  He credits the campaign for part of this progress.  The campaign target spyware awareness for the early focus of the four-year cyber security campaign.  The study founded that users' assessment of their spyware protection matched reality closely, with 83 percent saying they had it and 82 percent actually having it.  Still, Mr. Kaiser and others say it is alarming that almost a fifth of internet-connected Americans have no spyware protection.

Adam Rak, senior director of public affairs for Symantec, warns, "Anti-virus, anti-spyware and firewall software are the front-line basic protections that all Americans should have."

At least the survey illustrates that Americans are starting to understand the danger that exists.  Only 26 percent of those polled said that there computers were "very safe" against viruses, and only 21 percent responded that their computers were "very safe" versus hacker assaults.  DHS Assistant Secretary for Cyber Security and Communications Gregory Garcia praised the program, claiming that in 2007 it reached 133 million Americans.  Last year Canada joined the program as well.

DHS Secretary Michael Chertoff announced in a statement, "Because no single entity owns the Internet, the federal government needs the cooperation of both the private sector and everyday citizens to protect against a range of cyber-threats."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

notes
By Mike Acker on 10/7/2008 8:18:36 AM , Rating: 2
I think most analysts will generally agree that the principle vehicle for the spread of malware is Social Engineering. Social Engineering is the art of tricking the user into activating the maleware installer.

those who have done some research on the topic will further be aware that 3d party software is also a favorite vehicle: if a defect or vulnerability can be found in some add-on software that a browser activates then it may be possible to get the malware installer from that add-on package to the user's system. possibly as a root-kit that allows the bot-net to maintain updated maleware on the user's computer.

cross-domain scripting has been used to make browsers read maleware from sites other than the site the user thinks he is reading and sql injection has been used to inject maleware into what the user would think are proper and respectable places

so if you think you can run around the 'net without a quality A/V subscription installed on your system,-- well-- all I'll say is :good luck; you'll need it.




"We are going to continue to work with them to make sure they understand the reality of the Internet.  A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki