Welcome!

Blog Feed Post

Personal Devices Security lessons learned from my mistakes

A broad metal chain made of torus-shaped links
Source: Wikipedia

9 years ago I wrote a post titled: The Chain is as Strong as the Weakest Link in the Chain.
Based on my experience in a Penetration Test, I argued that human beings are the weakest link. 

Many employees Security awareness is insufficient. Few employees are even motivated to breach Security.  

As far as the home computing or the consumers computing is concerned, there is even less Security Awareness than in organizations.

I am a Security and Risk Management expert, therefore I should be aware of Cyber and Security threats and I should refrain from being damage by these threats. 
I am certainly aware of them, however I failed twice by ignoring a potential threat.

This post is about lessons learned from my Security protection failures. 

I love you - I hate you
Many years ago I received an e-mail message from a friend. My friend is an IT expert, who participated in a Security Software product development.

I did not suspect that the link I Love you will install a worm in my PC. I opened the link and the worm changed my Windows Registry file. 

It duplicated itself as part of e-mail messages that was sent to all the people included in my address book.
I was aware of the problem shortly after my careless mistake. 
A young guy whose girlfriend decided to end their relationship coded a worm using Windows Visual Basic Script and spread it.
The worm was named I Love you.

Cleaning my computer from I love you

1. I warned all my e-mail connection not to open the message.

2. I checked that I have an updated backup file.

3. I found and executed a program named "I Hate you" which was documented as a cure for "I Love you". 

4. Few months later I discovered that the worm was not moved from JPEG files. Anytime I tried to open a JPEG file the worm was send by e-mail to all my connections.

5. I found another solution to the problem by searching the Web.
The new solution was not automatic. I had to clean the System and the Registry systematically step by step.


The Facebook Bear is a Worm
Recently I received few Facebook messages from a Facebook friend. 
My Facebook friend is a Computers expert. The messages were part of a discussion on Bridge, however, a link to a video was included.

I pressed the link showing a bear which surely does not play Bridge.
The video was a Facebook Worm. All my Facebook friends received immediately a message from me including the Worm.

Cleaning my computer from The Facebook Bear

1. I warned all my Facebook friends by writing on my timeline that I was infected by a worm and they should not press the hyperlink included in the message sent by the worm and not by me.

2. I closed Facebook and open it again and Facebook notified me that a Trend Micro Security program is automatically checking and cleaning my Facebook application and data. 
The program corrected the Security problem.

3. I deleted the infected message.

Analysis and Conclusions
In both cases I lowered my Security awareness because the sender was an Information Technology expert and because the sender is a friend of mine who sends many messages.

Quick identification of a Security breach was a key in solving the problem.

Lesson Learned

1. Always be alert and ready to identify Security threats.

2. Suspicious hyperlinks are suspicious hyperlinks. It does not matter who the message sender is.

3. In most cases it is possible to solve a Security problem, but quick problem identification is a must.

4. Notify all your connections about possible messages sent from your computer by worms. Tell them to ignore the message and to scratch it without reading it.

5. Do not postpone worms and viruses removal. As soon as you discover the problem stop working and try to fix the problem.

5. Full problem correction is a must.

     

Read the original blog entry...

More Stories By Avi Rosenthal

Ari has over 30 years of experience in IT across a wide variety of technology platforms, including application development, technology selection, application and infrastructure strategies, system design, middleware and transaction management technologies and security.

Positions held include CTO for one of the largest software houses in Israel as well as the CTO position for one of the largest ministries of the Israeli government.

Latest Stories
Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing bes...
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
In this presentation, Striim CTO and founder Steve Wilkes will discuss practical strategies for counteracting fraud and cyberattacks by leveraging real-time streaming analytics. In his session at @ThingsExpo, Steve Wilkes, Founder and Chief Technology Officer at Striim, will provide a detailed look into leveraging streaming data management to correlate events in real time, and identify potential breaches across IoT and non-IoT systems throughout the enterprise. Strategies for processing massive ...
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
SYS-CON Events announced today that Ayehu will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara California. Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infras...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Join us at Cloud Expo June 6-8 to find out how to securely connect your cloud app to any cloud or on-premises data source – without complex firewall changes. More users are demanding access to on-premises data from their cloud applications. It’s no longer a “nice-to-have” but an important differentiator that drives competitive advantages. It’s the new “must have” in the hybrid era. Users want capabilities that give them a unified view of the data to get closer to customers and grow business. The...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
"We focus on composable infrastructure. Composable infrastructure has been named by companies like Gartner as the evolution of the IT infrastructure where everything is now driven by software," explained Bruno Andrade, CEO and Founder of HTBase, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that Cloud Academy named "Bronze Sponsor" of 21st International Cloud Expo which will take place October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara, CA. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud com...