I am sure that many of us use New Media in our daily life. From social networking websites to online forums, New Media is something we encounter almost everyday in the current generation of IT.
However, how many of you actually bother the security risks that the New Media presents? For this blog I shall discuss various common security issues present in the use of New Media.
If anyone of you are starting to worry after I mentioned about security issues you are going to encounter, fear not. There are also various solutions that you can easily implement, because most of them are merely simple habits. For now, let's get the ball rolling.
________________________________________________________________
Common Security Issues
This list describe the most common security issues that most of you would most possibly encounter, based on the current occurence rates. However there are more advanced security issues out there which you may also encounter, hence I must clarify that the list is not exhausive.
1. Illegal Hacking. It is a scenario whereby cyber criminals attempt to bypass all security protection of a website or a service and then intrude your online accounts. Very often it is a result of finding out security exploits and vulnerabilities of the security technology, or it can the collection of sensitive personal information such as passwords leaked by us.
2. Viruses and malwares. These threats mainly exist in malicious programming codes that are intended to infect and modify your computer. When you click on a suspicious link, it appears that nothing has happened, but sometimes you have unknowingly downloaded a virus or a malware. If you are unlucky to download a very destructive one, you will find your computer shutting down within a couple of minutes and unable to boot because your data in your hard drive has virtually been wiped away.
3. Privacy Violation. As what our dear Adeeb have mentioned in his presentation two weeks ago, we always provide our personal information into online accounts such as Facebook. If you think that the information such as your email address, your birthday and your contact number is not sensitive, again you are wrong. There are professional hackers out there who are able to collect your information to construct a database about yourself. If you have nude photos on your Facebook accounts, would you want them to be accessed easily by them?
4. Online Fraud. It is one of the most common security issues out there that is intended to steal your identity information. Online fraud comes in various methods, but the most common ones are phishing and email scams. The cyber criminal can create a similar looking website, for example paypa1.com to appear like the authentic paypal.com, or he can send you an email claiming that you have won a million dollars. They will trick you into keying your personal information, and instead of gaining a million dollars, you will find yourself losing hundreds of dollars from your online bank accounts.
 |
| An example of email scam. Picture courtesy of http://www.flickr.com/photos/26814713@N02/2738441047/ |
Case Study
On 12 January 2010, the Internet Search Engine Giant, Google, is attacked by many Chinese hackers. According to Google, the cyber attacks are highly sophisticated and it is aimed at the Gmail accounts of Chinese human rights activists. Following the attacks, Google then decided to cease offering Internet censorship service in China and shut down its operations in China with immediate effects.
A further investigation by Microsoft and McAfee had found out that the Chinese hackers made use of a critical zero-day vulnerability existed in the popular web browser, Internet Explorer. Imagine using Internet Explorer to access your Gmail account using the email server in China. How risky could that have been.
 |
| The death of Google China. Picture courtesy of http://www.flickr.com/photos/21953266@N00/4271551980/ |
Last year, George Bronk, a Californian man, hacked into more than 3200 email accounts to search for sexually explicit photos. After that, he used the photos to post into the victims' Facebook profile. At one time he even blackmailed a victim for more sexually explicit material. He was arrested in late October and then pleaded guilty.
Does this case reminds you of Gary Ng or Edison Chen?
_________________________________________________________________
Possible Solutions
Although New Media has recently step up in providing secure services following the security threats they encountered, it is best that each individual takes some responsibility in protecting themselves. The following ideas included on this post are just common suggestions that you can easily implement. Again, this list is not exhausive.
1. Set your password for your online accounts to at least eight alphanumeric characters, even better if you include symbols so that it is more difficult for cyber criminals to crack your passwords. Never have identical passwords set on more than one accounts. Do inculcate the habit of changing the password once every three months.
2. Never post your sensitive personal information unneccessary, unless the websites or service you are using can be absolutely trusted. Do take a few minutes to read the privacy policy given by a website or an online service to see how confidential they promised to keep it.
 |
| A screenshot of the privacy policy set by the ESPN Soccernet forum. |
3. If you are doing an online transaction, you can look out for the VeriSign website identification service to ensure that you are having a secure and reliable transaction.
 |
| A screenshot of the VeriSign website authentication on Ebay.com.sg |
4. According to a test done by PC Advisor UK, there is no web browser that stands out from the rest of the pack in terms of its security features and efficiency. Roger (2009) concluded that "any fully patched browser can be used relatively safely" (p 5, ¶ 4) and that he further emphasized that "you can change browsers, but your risk is the same with all of them - nearly zero - if your browser, OS, and all add-ons and plug-ins are fully patched." (p 5, ¶ 4) Hence, the most important thing in order to improve security is to patch your web browser to the latest version.
5. Do at least have a reliable anti-virus or an security suite installed. Perform a quick scan everyday and a thorough scan every two weeks to see if there is a virus, malware or a keylogger on your computer and remove them if neccessary. Like the web browsers, it is also important to patch the software as well as the definition file to the latest version.
 |
| Kaspersky Antivirus 2009 / Internet Security Suite 2009 One of the most reliable security brand out in the market. |
6. If you realise that any of your online accounts has been compromised, do change your password immediately, and then report the incident to the technical support team.
7. Beware of email scams. Do not click of the given link without verifying the originality of the link, nor enter your personal information unneccessary. For more details on protecting yourself against email scams, this reliable Microsoft website should help you in detecting possible email scams. In addition, this video should help you in protecting yourself against Internet scams.
8. And lastly, absolutely NO nude photos nor pornographic videos nor other sexually explicit materials should exist in your accounts. Never do it in the first place, because you are going to get yourself blackmailed and become an instant "hero".
________________________________________________________________
Conclusion
From this blog we have seen the importance of Internet Security in our almost daily interaction with the IT. We should never take the benefits of New Media for granted, simply because implementing the benefits comes with a price to pay. The reason why there are so many cases of people suffering major losses is mainly due to their negliglence on their part. Therefore, I hope that this post should help you in protecting your information against online threats. I have already started to strengthen my protection against online security threats, what about you?
So, prior to this post, how much is your protection against security threats? Feel free to discuss it in the comment space below.
________________________________________________________________
References
- VeriSign Singapore (http://www.verisign.com.sg/ts-sem-page/?a=CK087-0000-01-00&gclid=CLixve_i7KYCFQUb6wodB3aOHA)
- Cyber Security Tips (http://www.us-cert.gov/cas/tips/)
- Privacy and Facebook (http://adeebblogsaboutprivacyandfacebook.blogspot.com/)
- New York Times Article on Google China Attacks (http://www.nytimes.com/2010/01/13/world/asia/13beijing.html?_r=1)
- Microsoft Online Safety (http://www.microsoft.com/protect/fraud/phishing/symptoms.aspx)
- PC World Article on Man Stealing Nude Photos (http://www.pcworld.com/businesscenter/article/216734/man_stole_nude_photos_from_womens_email_accounts.html)
- PC Advisor UK (http://www.pcadvisor.co.uk/news/index.cfm?newsId=110482)
