22 March 2018
Robert Siciliano

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

745Posts 2,104,650Views 62Comments

PC Worlds Top 10 Security Nightmares of the Decade

02 January 2010  |  3319 views  |  0

The last decade we have seen technological breakthroughs unlike any other. In response we have seen a tremendous rise in fraud.  The reason? The speed of the conveniences technology have far outpaced the security of technology.

PC World puts out their list:

Cyberwar: In February 2000, a Canadian teenager named Mafiaboy used automated floods of incomplete Internet traffic to cause several sites–including Amazon, CNN, Dell, eBay, and Yahoo–to grind to a halt, in what is called a distributed denial of attack.

Malware: Viruses and worms have always been around, but in the summer of 2001 one aggressive worm threatened to shut down the official White House Website.

MySpace, Facebook, and Twitter Attacks: At the beginning of the decade, security experts at businesses had to struggle with employees’ use of instant messaging from AOL, Webmail from Yahoo, and peer-to-peer networks. These applications poked holes in corporate firewalls, opening various ports that created new vectors for malware.

Organized Viruses and Organized Crime: After the Melissa virus struck in 1999, e-mail-borne viruses peaked the following year with ILOVEYOU, which clogged e-mail servers worldwide within 5 hours. (See “The World’s Worst Viruses” for more about a clutch of the decade’s early offenders.)

Botnets: With the financial backing of organized crime syndicates came widespread and clever innovations in malware.

Albert Gonzalez: It wasn’t organized crime but rather a confederacy of criminals that caused some of the largest data breaches over the last few years–attacks that victimized Dave & Busters, Hannaford Brothers, Heartland Payment Systems, and TJX, to name just a few.

Gone Phishing: More effective than spam, yet short of a full-blown data breach, is phishing. The idea here is that a creatively designed e-mail can lure you into visiting a believable-looking site designed solely to steal your personal information.

Old Protocol, New Problem: Behind the Internet are protocols, some of which today perform functions far beyond what they were originally designed to do. Perhaps the most well-known of the overextended protocols is the Domain Name System (DNS), which, as IOActive researcher Dan Kaminisky explained in 2008, could be vulnerable to various forms of attack, including DNS cache poisoning.

Microsoft Patch Tuesdays: A decade ago, Microsoft released its patches only as needed. Sometimes that was late on a Friday afternoon, which meant that bad guys had all weekend to reverse-engineer the patch and exploit the vulnerability before system administrators showed up for work on Monday.

Paid Vulnerability Disclosure: Independent researchers have debated for years whether to go public with a newly found flaw or to stay with the vendor until a patch is created.

Protect your identity. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

Invest in identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Robert

Use a Password Manager Or You WILL Get Hacked

19 March 2018  |  2964 views  |  0 comments | recomends Recommends 0 TagsSecurity

14 Social Media Disasters Ready to Strike

03 March 2018  |  4614 views  |  0 comments | recomends Recommends 0 TagsSecurity

Understanding and Stopping Criminal Identity Theft

23 February 2018  |  6303 views  |  0 comments | recomends Recommends 0 TagsSecurity

Top 10 Signs of a Malware Infection on Your Computer

08 February 2018  |  5018 views  |  0 comments | recomends Recommends 0 TagsSecurity

Top 10 Tips for Securing Your Mobile Devices and Sensitive Client Data

11 January 2018  |  4547 views  |  0 comments | recomends Recommends 0 TagsSecurity

Robert's profile

job title Security Analyst
location Boston
member since 2010
Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations throughout the United States, Canada and internationally on identity theft protection and personal security....

Robert's expertise

Member since 2009
739 posts62 comments

Who's commenting on Robert's posts