Skip to main content

Personal Devices Security lessons learned from my mistakes

A broad metal chain made of torus-shaped links
Source: Wikipedia

 9 years ago I wrote a post titled: The Chain is as Strong as the Weakest Link in the Chain.
Based on my experience in a Penetration Test, I argued that human beings are the weakest link. 

 Many employees Security awareness is insufficient. Few employees are even motivated to breach Security.  

 As far as the home computing or the consumers computing is concerned, there is even less Security Awareness than in organizations.

I am a Security and Risk Management expert, therefore I should be aware of Cyber and Security threats and I should refrain from being damage by these threats. 
I am certainly aware of them, however I failed twice by ignoring a potential threat.

 This post is about lessons learned from my Security protection failures. 

 I love you - I hate you
Many years ago I received an e-mail message from a friend. My friend is an IT expert, who participated in a Security Software product development.

 I did not suspect that the link I Love you will install a worm in my PC. I opened the link and the worm changed my Windows Registry file. 

 It duplicated itself as part of e-mail messages that was sent to all the people included in my address book.
I was aware of the problem shortly after my careless mistake. 
A young guy whose girlfriend decided to end their relationship coded a worm using Windows Visual Basic Script and spread it.
The worm was named I Love you.

 Cleaning my computer from I love you

 1. I warned all my e-mail connection not to open the message.

 2. I checked that I have an updated backup file.

 3. I found and executed a program named "I Hate you" which was documented as a cure for "I Love you". 

 4. Few months later I discovered that the worm was not moved from JPEG files. Anytime I tried to open a JPEG file the worm was send by e-mail to all my connections.

 5. I found another solution to the problem by searching the Web.
The new solution was not automatic. I had to clean the System and the Registry systematically step by step.


The Facebook Bear is a Worm
Recently I received few Facebook messages from a Facebook friend. 
My Facebook friend is a Computers expert. The messages were part of a discussion on Bridge, however, a link to a video was included.

 I pressed the link showing a bear which surely does not play Bridge.
The video was a Facebook Worm. All my Facebook friends received immediately a message from me including the Worm.

 Cleaning my computer from The Facebook Bear

 1. I warned all my Facebook friends by writing on my timeline that I was infected by a worm and they should not press the hyperlink included in the message sent by the worm and not by me.

 2. I closed Facebook and open it again and Facebook notified me that a Trend Micro Security program is automatically checking and cleaning my Facebook application and data. 
The program corrected the Security problem.

 3. I deleted the infected message.

 Analysis and Conclusions
In both cases I lowered my Security awareness because the sender was an Information Technology expert and because the sender is a friend of mine who sends many messages.

 Quick identification of a Security breach was a key in solving the problem.

 Lesson Learned

 1. Always be alert and ready to identify Security threats.

 2. Suspicious hyperlinks are suspicious hyperlinks. It does not matter who the message sender is.

 3. In most cases it is possible to solve a Security problem, but quick problem identification is a must.

 4. Notify all your connections about possible messages sent from your computer by worms. Tell them to ignore the message and to scratch it without reading it.

 5. Do not postpone worms and viruses removal. As soon as you discover the problem stop working and try to fix the problem.

 5. Full problem correction is a must.

     
Labels:

Comments

Post a Comment

Popular posts from this blog

The mainframe: still alive and kicking

Recently, I was interviewed by  Pcon   (unfortunately the link points to an Hebrew only site) as part of debriefing on Legacy Systems.  Pcon is an Israeli company investigating IT topics by quoting professional articles and interviewing experts. They publish the results of the investigations including practical recommendations. This post is mainly about topics raised by me during the interview, but not included in the debriefing, which will be published.    What are Legacy Systems? The term Legacy Systems refers to old application systems and/or veteran technologies still in use.  Usually, the term Legacy Systems is associated with: 1. Mainframe Hardware e.g. IBM System z and its Operating Systems or Proprietary Servers and Operating Systems such as HP Alpha and OpenVMS Operating System, IBM AS/400 and OS/400   Operating System. 2. Development and Production Environments, e.g. COBOL , Natural and DBMS systems such as Adabas  ...
16 comments
Read more

Will Business and IT Aligned?

For decades we are talking about closing the gap between business and IT , but the gap is still as wide as it was. In the beginning of the ERP era, we focused on aligning Business Processes and Core Systems, but in most enterprises we failed. SOA was the next alignment promise: defining the SOA Services in Business boundaries instead of Technical boundaries, should narrow the gap. However, despite of SOA Business Value ( Agility and Reuse )  in most enterprises,  the large Business-IT Gap remained as large as it was.  The IT Community aimed at the next alignment attempt: SOA is technical and BPM is its Business related complement.  Will the current BPM based alignment attempt succeed? I do not know, but Nick Heath's article  titled: Stop doing what the vendors tell you, CIOs told , published in  Tech Republic , suggests that the root of the problem is not Technological .   Stop Doing What the vendors Tell You Nick Heath's article is based ...
11 comments
Read more

Vendors Survival: Will Software AG Survive until 2019?

This post is another post in the Vendors Survival series following posts on Microsoft , Google , HP , Sun and EMC . On July 14 th Software AG and IDS Scheer announced that Software AG is going to take over IDS Scheer . The intended acquisition is an opportunity to add another post in my Vendors Survival posts series. A brief history of Software AG Mainframe products Software AG is larger than any German software company except SAP . It was established in the Mainframe age (in 1969). I worked with many customers, who used and some of them are still using, its two flagship products Adabas and Natural . Although these products support many platforms, their main platform is IBM Mainframe. Adabas is a database and Natural is a development environment. Like other pairs of Database and Development Environment in the mainframe environment (e.g. Ideal and Datacom , Mantis and Supra) build by the same vendor, they are tied together. As a result, although it is possible t...
8 comments
Read more