I am sure that many of us use New Media in our daily life. From social networking websites to online forums, New Media is something we encounter almost everyday in the current generation of IT.
However, how many of you actually bother the security risks that the New Media presents? For this blog I shall discuss various common security issues present in the use of New Media.
If anyone of you are starting to worry after I mentioned about security issues you are going to encounter, fear not. There are also various solutions that you can easily implement, because most of them are merely simple habits. For now, let's get the ball rolling.
________________________________________________________________
Common Security Issues
This list describe the most common security issues that most of you would most possibly encounter, based on the current occurence rates. However there are more advanced security issues out there which you may also encounter, hence I must clarify that the list is not exhausive.
1. Illegal Hacking. It is a scenario whereby cyber criminals attempt to bypass all security protection of a website or a service and then intrude your online accounts. Very often it is a result of finding out security exploits and vulnerabilities of the security technology, or it can the collection of sensitive personal information such as passwords leaked by us.
2. Viruses and malwares. These threats mainly exist in malicious programming codes that are intended to infect and modify your computer. When you click on a suspicious link, it appears that nothing has happened, but sometimes you have unknowingly downloaded a virus or a malware. If you are unlucky to download a very destructive one, you will find your computer shutting down within a couple of minutes and unable to boot because your data in your hard drive has virtually been wiped away.
3. Privacy Violation. As what our dear Adeeb have mentioned in his presentation two weeks ago, we always provide our personal information into online accounts such as Facebook. If you think that the information such as your email address, your birthday and your contact number is not sensitive, again you are wrong. There are professional hackers out there who are able to collect your information to construct a database about yourself. If you have nude photos on your Facebook accounts, would you want them to be accessed easily by them?
4. Online Fraud. It is one of the most common security issues out there that is intended to steal your identity information. Online fraud comes in various methods, but the most common ones are phishing and email scams. The cyber criminal can create a similar looking website, for example paypa1.com to appear like the authentic paypal.com, or he can send you an email claiming that you have won a million dollars. They will trick you into keying your personal information, and instead of gaining a million dollars, you will find yourself losing hundreds of dollars from your online bank accounts.
 |
| An example of email scam. Picture courtesy of http://www.flickr.com/photos/26814713@N02/2738441047/ |
Case Study
On 12 January 2010, the Internet Search Engine Giant, Google, is attacked by many Chinese hackers. According to Google, the cyber attacks are highly sophisticated and it is aimed at the Gmail accounts of Chinese human rights activists. Following the attacks, Google then decided to cease offering Internet censorship service in China and shut down its operations in China with immediate effects.
A further investigation by Microsoft and McAfee had found out that the Chinese hackers made use of a critical zero-day vulnerability existed in the popular web browser, Internet Explorer. Imagine using Internet Explorer to access your Gmail account using the email server in China. How risky could that have been.
 |
| The death of Google China. Picture courtesy of http://www.flickr.com/photos/21953266@N00/4271551980/ |
Last year, George Bronk, a Californian man, hacked into more than 3200 email accounts to search for sexually explicit photos. After that, he used the photos to post into the victims' Facebook profile. At one time he even blackmailed a victim for more sexually explicit material. He was arrested in late October and then pleaded guilty.
Does this case reminds you of Gary Ng or Edison Chen?
_________________________________________________________________
Possible Solutions
Although New Media has recently step up in providing secure services following the security threats they encountered, it is best that each individual takes some responsibility in protecting themselves. The following ideas included on this post are just common suggestions that you can easily implement. Again, this list is not exhausive.
1. Set your password for your online accounts to at least eight alphanumeric characters, even better if you include symbols so that it is more difficult for cyber criminals to crack your passwords. Never have identical passwords set on more than one accounts. Do inculcate the habit of changing the password once every three months.
2. Never post your sensitive personal information unneccessary, unless the websites or service you are using can be absolutely trusted. Do take a few minutes to read the privacy policy given by a website or an online service to see how confidential they promised to keep it.
 |
| A screenshot of the privacy policy set by the ESPN Soccernet forum. |
3. If you are doing an online transaction, you can look out for the VeriSign website identification service to ensure that you are having a secure and reliable transaction.
 |
| A screenshot of the VeriSign website authentication on Ebay.com.sg |
4. According to a test done by PC Advisor UK, there is no web browser that stands out from the rest of the pack in terms of its security features and efficiency. Roger (2009) concluded that "any fully patched browser can be used relatively safely" (p 5, ¶ 4) and that he further emphasized that "you can change browsers, but your risk is the same with all of them - nearly zero - if your browser, OS, and all add-ons and plug-ins are fully patched." (p 5, ¶ 4) Hence, the most important thing in order to improve security is to patch your web browser to the latest version.
5. Do at least have a reliable anti-virus or an security suite installed. Perform a quick scan everyday and a thorough scan every two weeks to see if there is a virus, malware or a keylogger on your computer and remove them if neccessary. Like the web browsers, it is also important to patch the software as well as the definition file to the latest version.
 |
| Kaspersky Antivirus 2009 / Internet Security Suite 2009 One of the most reliable security brand out in the market. |
6. If you realise that any of your online accounts has been compromised, do change your password immediately, and then report the incident to the technical support team.
7. Beware of email scams. Do not click of the given link without verifying the originality of the link, nor enter your personal information unneccessary. For more details on protecting yourself against email scams, this reliable Microsoft website should help you in detecting possible email scams. In addition, this video should help you in protecting yourself against Internet scams.
8. And lastly, absolutely NO nude photos nor pornographic videos nor other sexually explicit materials should exist in your accounts. Never do it in the first place, because you are going to get yourself blackmailed and become an instant "hero".
________________________________________________________________
Conclusion
From this blog we have seen the importance of Internet Security in our almost daily interaction with the IT. We should never take the benefits of New Media for granted, simply because implementing the benefits comes with a price to pay. The reason why there are so many cases of people suffering major losses is mainly due to their negliglence on their part. Therefore, I hope that this post should help you in protecting your information against online threats. I have already started to strengthen my protection against online security threats, what about you?
So, prior to this post, how much is your protection against security threats? Feel free to discuss it in the comment space below.
________________________________________________________________
References
- VeriSign Singapore (http://www.verisign.com.sg/ts-sem-page/?a=CK087-0000-01-00&gclid=CLixve_i7KYCFQUb6wodB3aOHA)
- Cyber Security Tips (http://www.us-cert.gov/cas/tips/)
- Privacy and Facebook (http://adeebblogsaboutprivacyandfacebook.blogspot.com/)
- New York Times Article on Google China Attacks (http://www.nytimes.com/2010/01/13/world/asia/13beijing.html?_r=1)
- Microsoft Online Safety (http://www.microsoft.com/protect/fraud/phishing/symptoms.aspx)
- PC World Article on Man Stealing Nude Photos (http://www.pcworld.com/businesscenter/article/216734/man_stole_nude_photos_from_womens_email_accounts.html)
- PC Advisor UK (http://www.pcadvisor.co.uk/news/index.cfm?newsId=110482)
Testing testing 1, 2, 3.
ReplyDeleteI agree that the internet security is very important. However, people should also be responsible of their own accounts and should not post anything private in the internet (their nude photo) as the internet isn't as safe as it seems. Cases of fraud online are often reported in the news and they should not trust any anonymous advertisement in the first place don't you think so? - RuiYong
ReplyDeleteI have never really considered any of these issues because of how I (and I mean 'we') take the internet and new media for granted. But most of us would not really care, so long as we have good intentions and firewalls, we are safe from danger and hackers. The internet is seriously a dangerous weapon and in the wrong hands, could end up being destroyed or abused.
ReplyDeleteAnd who would post up a nude picture of one-self? (unless they are crazy or attention seekers)
Just wanted to add on, 128 bit key encryption = 16 alpahnumeric/symbol password. One 'character'=8bits. Nowadays a 128 bit key encrytion is considered the standard of passwords.
ReplyDeleteI think this post was quite informative because it shows some of the most common mistakes people make such as not patching software or having lousy passwords. I think my protection level is mediocre because my passwords are actually pretty weak.
Internet security is important. It's actually good to see that now they have this password range for us to tell us if our passwords are weak or strong for us to keep our accounts safe.
ReplyDeleteBut nevertheless, we must always be careful on whatever we click online. It might lead us to somewhere harmful.
Quite an informative post that covers some of the security pitfalls and steps to be taken to overcome them.
ReplyDeleteOnline security is really a growing concern, but many still tend to take it for granted. You mentioned the need to constantly change passwords and not to use the same one for various sites - I wonder if many people do that!
Some good use of scannable writing strategies, and some useful references though you could incorporate them all more seamlessly in the post.
Do share your further research findings with us - what is the % of online security breaches in the world? In Singapore? Any comments on wikileaks?
Through this blog i was able to get a lot of details regarding the security patterns and risks in new media. Most of us who use internet
ReplyDeletedo not have a wide knowledge about its security threats.The details about the online frauds is interesting and very usefull.
The blogger has given some solutions to save ourselves from these security risks and that sounds greate.
@Zenoex aka RuiYong: Yes, individual responsibility is one of the most crucial factors towards a better, secure New Media. Regarding fraud, it is best that every individual check out the background of the creators of the so-called advertisements to verify its credibility and reliability.
ReplyDelete@GamerGeek: Because you have already mentioned that Internet and technologies can be abused, hence it is best that everyone bear their own responsibilities for their own actions, instead of relying on technologies to keep themselves safe.
I think people need to be careful as the Internet is a dangerous place. The points you've put forward are glaringly applicable in our contexts. I feel that the content we put up on the internet should be thought about carefully first.
ReplyDeleteThe number of threats in the internet are uncountable thus internet security is very important and should be improved to provide us with more protection. Because of the improvement of new media, any third party can grab our details and photos from any website, especially social network website. It is impossible for us not to post any photos nowadays, but the we have to know that there is possibility that our photos can be stolen by third party for other inappropriate uses.
ReplyDeleteBy Yan Peng
@Adeeb: Yes, any mistakes we made provide all cyber criminals with any chance of taking advantage of us, hence the need for our responsibilities for our own actions
ReplyDeleteJust to add on, I don't think that the 128-bit encryption size has to do with the size of the password. I think that the 128-bit refers to the complexity of the encryption key algorithm that is responsible for encrypting any password of any length. Correct me if I am wrong.
@newmediascapes aka Ms Serena Low: It is not hard for us to remember different passwords for different accounts, but regarding the need for constantly changing of passwords, I think otherwise.
ReplyDeleteI do have statistics in 2009 regarding security threats, according to a couple of official reports. However, I am unable to find information for current security threats, maybe due to lack of important security statistics related to New Media.
@Issac: You have made a very good point. The password strength meter works by determining the complexity of passwords, (Whether you include cap letters, symbols etc). However it is up to the users to determine how strong the password should be set.
ReplyDeleteThe users do not have to set such extreme strong passwords just because I mentioned the need for good passwords. Such extremely strong passwords will risk them forgetting the passwords easily.
I usually go for at least eight-character passwords, just alphanumeric. The strength is considered mid-range according to most password strength meter, but the number of combination of such passwords is still huge that even current technologies will still have to take years to crack the passwords.
@idoltwitters aka Yan Peng: I agree with Sherwin's comment. We should consider the nature of content of the photos and the other information, before we put up onto the Internet. You should know yourself which photos can be uploaded, and which photos should not. Always remember, we have a part to play in order to ensure our safety in using the Internet.
ReplyDeletefrom this post I've learnt more about internet security and its dark side, I think many of us out there uses the same username and password for various sites because sites like twitter, facebook and many others have their usernames as email address and password as the same password as the email. Is it dangerous to have it that way? because if people get hold of your password, they can access all the sites
ReplyDeleteI do get junk mails alot.All of them are scam mails. and one EXACTLY like the google one posted. I do look out for security features here and there to not fall into that trap especially when Im doing transactions over net. Pls be wary when doing transactions,once the hackers get to know your credit card numbers and the verification code,you're very much 'gg-ed'.
ReplyDeleteSeems like the internet is much more dangerous than most people would expect it to be. But some of the measures are quite obvious ,like not giving away personal information anyhow. But nowadays, the internet is so big, and despite all the measures taken it is still possible to get affected if you are really unlucky enough
ReplyDelete@Rozaidi: You can also report any suspicious links or websites to the authority.
ReplyDelete@Wei Jie: Good point. There are advanced solutions out there for advanced security exploits. And since all measures are not 100% effective, hence we individuals still have to aware of the risk of using the New Media.