Skip to content

Protect your computer or face the consequences

by Neal O'Farrell on June 29th, 2010

Nobody wants to blame the victim, but when it comes to the growing problem of cybercrime and in particular banking Trojans, maybe it’s time to take the kid gloves off.

I’ve argued for years that the end user is one of the weakest links in security. They typically know the least about security, don’t have experts looking over their shoulder, and in many cases create security risks not just for themselves but for complete strangers and even the nation.

Unprotected or poorly protected personal computers are a major headache and one of the most popular back doors for everything from organized crime gangs to cyber terrorists. They can be used to plant banking Trojans to attack the individual user’s own bank account. They can be used to spread malware to other computers. And they can be harnessed by enemy governments in large scale attacks against US interests.

So what do we do about it? In a recent story in Network World, security experts commented that banks are increasingly concerned that the customer computer is increasingly the weak link in the chain of trust.

In response to the problem, some banks have started offering browser and PC security services that will protect the customer’s computer, and especially their login to their bank accounts. They may even run scans of customer computers to weed out any hidden malware.

In Australia, the House of Representatives is going one step further, proposing laws that would require ISP’s to act as the security gateway for internet users, and not only block users that don’t have up-too-date security on the computer, but also remotely scan the user’s computer for malware and also block internet access if they find anything they don’t like

Might seem a little extreme, and there are lots of challenges, but I don’t think it’s such a bad idea. There are still many users accessing the internet whose poor security habits put other users and the nation at risk to cyber threats. I still come across many users who don’t have any virus protection on their computers, don’t’ see any reason why they should, and have no clue about the risk they expose themselves and others to.

The challenge, as usual, is in the implementation of such draconian measures. But if careless users won’t take responsibility for their computer and behavior, and the risks they expose others too, then maybe we should look at other ways to enforce proper online etiquette.

Lessons learned?

• Might be time to do an honest evaluation of your own security habits, and maybe face the fact that you’re not the upstanding cyber citizen you thought you were.

• Don’t be the weak link. Layer every computer you use with as much security as you can, so at least you can rest easier that you’ve done your part. Just don’t drop your guard afterwards and get complacent.

Banking’s big dilemma: How to stop cyberheists via customer PCs

From → Uncategorized