2.2 How to keep up to date
Attackers are constantly finding new vulnerabilities and ways of attacking computer systems. Therefore, it is important to keep yourself informed and up to date with threats that are relevant to your situation.
There are many sources of news about cyber security. Many of them are extremely technical and are designed for security specialists to communicate their findings with one another, for software developers to improve their programs or academic publications. There are also plenty of free resources, written by journalists, security professionals and enthusiastic amateurs, where you can learn more even if you are new to the field.
The links provided below are a selection from those that are available. You are not expected to look at all of them in detail.
The best places to get started are the major media outlets, most of whom employ technology journalists. These sites will give you readable information intended for as wide an audience as possible. Many of them are updated several times a day, but they will only consider ‘newsworthy’ events such as a major hack or virus outbreak, and some will only cover news in a particular country – so you may need to look at a variety of sites:
Many sites devoted to technology will cover aspects of security on a regular basis. Most of the sites below cover other topics, so you might need to use their search functions to find relevant information.
Information security companies
There are a large number of companies selling security software to home users and to businesses. Almost all of them maintain regularly updated websites explaining new and emerging security threats and how they can be overcome.
Much of this information is technical and aimed at administrators responsible for large computer systems, but the introductory material is often quite easily understood. These sites can be the best to use when a new security issue is identified.
- Krebs On Security Brian Krebs is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals. His interest grew after a computer worm locked him out of his own computer in 2001.
- Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon’s.
- Bruce Schneier is an internationally renowned security technologist who writes a monthly newsletter, called ‘Crypt-o-gram’. He provides commentary and insights into critical security issues of the day. The content of this blog can be accessed in multiple forms, including a podcast and an email newsletter.
- Troy Hunt provides analyses of different system breaches and useful hints on how to avoid being attacked.
Before you can identify your enemies you need to know who you can trust. First you need to think about, and constantly evaluate who and what you trust, and to what degree you trust them. You cannot rigorously check every possible contact or item of software yourself, so you build up a network of trusted contacts or sources of information. For each of your trusted contacts or sources you need to evaluate the degree to which you trust them. What is their level of expertise? And to what degree do you trust them? If you compare sources of information, to what degree is one simply copying from the other? You need sources that have the expertise and independently evaulate the information you are interested in.
For example, you build trust in a bank because it has branches on many high streets, it is recognised and regulated by The Financial Conduct Authority in the UK and your money is protected by laws in the UK and the EU up to EUR100,000 when in a regulated bank. Based on this trust you may use the bank's website, or an app provided by that bank.
You may share information about yourself with people and organisations that you trust - but even so you need to evaluate what information they might need to have and what they might do with that information.
You throw away that security if you post information about yourself to any stranger who might come across it. So think carefully before placing any information online that may be passed on by a friend, who then passes it on to someone else and so on. Also think carefully about information that might be included in web pages, photos or videos posted online and available to many strangers.
Here are a couple of examples of information you shouldn’t trust:
- Profiles on dating websites: there may be a genuine person behind that profile, but on the other hand it might be a criminal or scammer. Scammers may continue to exchange information for a year or more, drawing you in, using fake information and images from someone else's blog, even exchanging intimate pictures, until there is a very plausible request for money for the plane fare to visit you, or blackmail you over your intimate pictures. You have no basis for trust! Only what they have told you.
- An advert for anti-malware software at a bargain price: the link takes you to a website that claims it is totally brilliant, with lots of reviews on that site saying how good it is. It may also claim that it has been ranked number 1 by various other sites. But note that you have no basis for trust. A criminal can easily create such a website with that information, a shopping cart payment system to take your money and provide software for you to download. At best the software may be useless. At worst it will install malware on your computer and attempt to take repeated payments from your account.
When searching for information on how to keep yourself secure you need to evaluate your trust in the sources of information, and you should start from our highly trusted sources.
Activity 3 Knowing your enemies
Carry out some research about different cyber security threats and the types of groups who pose the threat.
Using the information sources above find out about:
- a threat to your information, computers and other devices that arise from malware
- a threat to your communications (such as spam and denial of service (DoS) or distributed denial of service (DDoS) attacks, often launched using botnets).
For each threat, try to identify the type of individuals or organisations that are posing the threat. Which of the following types would best describe them?
- Cybercriminal: those carrying out cyber attacks for personal financial gain.
- Spies: those engaged in espionage activities on behalf of either commercial organisations or national governments.
- Hacktivists: those who carry out cyber attacks as a form of protest against organisations or governments.
- Insider attacker: disgruntled or dishonest staff who attack their organisation’s computer systems.
If you identify a different type of attacker, how would you describe it?
Spend 10–15 minutes researching, then spend five minutes noting down your findings in the space below.