Letters/Editor

How Secure is Your Computer System?

by Norman Halls, contributor

Thinking your computer is safe from any outside interference, is wishful thinking. Your internet connection could be tapped in by your neighbor. Wi-Fi connection in public space could make you a target for hackers. The public use of Wi-Fi in the airport or bookstore are generally unencrypted. There are tremendous risks in reading your email or doing any transactions with your bank. The Wi-Fi signal range of any given access point varies significantly. So, the hacker may not be at the next table, the hackers could be a good distance away.

“Less than a year ago, the NotPetya cyber attack cost organizations like Merck & Co., FedEx, the port of Rotterdam and a whole host of others billions of dollars in total. Today geopolitical tensions are increasing and with them, the threat of more, and more-devastating, cyber attacks. That was the warning issued by Roel Schouwenberg during his keynote address May 10 at the 2018 IndustryWeek Manufacturing & Technology Conference & Expo. Schouwenberg is the director of intelligence and research at Celsus Advisory Group, and one of the first individuals to perform deep research on Stuxnet, a sophisticated computer worm discovered in 2010.”  Wrote Jill Jusko of IndustryWeek

“Universities and their professors are awarded thousands of patents each year, some with vast potential value, in fields as disparate as prescription drugs, computer chips, fuel cells, aircraft and medical devices. America’s research universities, among the most open and robust centers of information exchange in the world, are increasingly coming under cyberattack, most of it thought to be from China, with millions of hacking attempts weekly. Campuses are being forced to tighten security, constrict their culture of openness and try to determine what has been stolen. University officials concede that some of the hacking attempts have succeeded.” Richard Perez-Pena NY Times

Regardless of whether an attack is targeted or un-targeted, or the attacker is using commodity or bespoke tools, cyber-attacks have a number of stages in common. An attack, particularly if it is carried out by a persistent adversary, may consist of repeated stages. The attacker is effectively probing your defenses for weaknesses that, if exploitable, will take them closer to their ultimate goal. Understanding these stages will help you to better defend yourself.

“An attack, particularly if carried out by a skilled adversary, may consist of repeated stages. Understanding the types of attack, and the stages involved, will help you to better defend yourself.” NCSC site.  Similarly, when a criminal is trying to hack an organization, they won’t re-invent the wheel unless they absolutely have to: They’ll draw upon a common arsenal of attacks that are known to be highly effective, such as malware, phishing, or cross-site scripting (XSS). Whether you’re trying to make sense of the latest data breach headline in the news or analyzing an incident in your own organization, it helps to understand the different ways an attacker might try to cause harm.

National Cybersecurity and Communications Integration Center (NCCIC) has reported that they partnered with the critical infrastructure community to establish a voluntary program to encourage use of the Framework for Improving Critical Infrastructure Cybersecurity to strengthen critical infrastructure cybersecurity. The Critical Infrastructure Cyber Community C³ (pronounced “C Cubed”) Voluntary Program is the coordination point within the federal government for critical infrastructure owners and operators interested in improving their cyber risk management processes. The C³ Voluntary Program aims to support industry in increasing its cyber resilience; increase awareness and use of the Framework for Improving Critical Infrastructure Cybersecurity; and encourage organizations to manage cybersecurity as part of an all hazards approach to enterprise risk management.

The number of breaches and cyber-attacks in April 2018 – 72,611,721 reported. The cybersecurity challenge we are facing is to understand the application for effective training of cybersecurity practices. Make sure you have the understanding of the software and hardware that is designed for your system.

On September 20, 2018 the Westfield Chamber of Commerce and Norhals Group, LLC is presenting a seminar on “Cybersecurity for Cloud Based Solutions” at Tekoa Country Club, Westfield, MA. Contact the Chamber at 413-568-1618 to register.

To Top