introduction

Over the summer, I started thinking about why people think about security the way they do, and what might be causing people to make elementary mistakes when securing their computers. I’m not talking about the choice of products or the measures they take to keep their computers secure, but rather what is fundamentally flawed in the way they think about security. As I found out during conversations with people as I travelled around Europe, most users’ security knowledge is far from what I, as a so-called ’security expert’, might consider adequate. As I delved deeper into the subject, I discovered that quite a large number of users have completely wrong ideas and misconceptions about how to tackle security issues. These conversations prompted me to write this article in an attempt to correct the most common myths and misconceptions.

Myth #1: I will be perfectly safe if I get the best security software and keep it up-to-date, - that’s all I need to do

It’s true that use of reliable software to shore up your computer’s defenses is vital, but before that comes careful and intelligent use of your computer to prevent security incidents in the first place. It is a truism that the weakest element in the security chain is the computer user himself. In my view, relying on security software alone is like relying on car’s crash test results to ensure that you’ll be unscathed after a major wreck. But I think we would all agree that it’s better to drive safely, wear a seatbelt, and obey the speed limit. The same applies to security: you need all the safety systems, but if you don’t adhere to basic standards of safe conduct, you put your computer at unnecessary risk. So think before you open unknown files or email attachments, or react to spam and phishing attempts - these are most likely designed to undermine your security. Also, don’t forget to install latest Windows and programs updates to keep you safe from known vulnerabilities found in vendors’ products. Remember, no matter how strong your preferred security program is, it will have one of the following weaknesses:

1. Your anti-virus can’t recognize every virus in existence and is consequently not equipped to provide complete protection. A variety of factors contribute to this, including reliance on virus signatures and heuristics â€" based instruments â€" that struggle with the detection of different and ever-changing virus behaviors.
2. Your firewall or HIPS may have one or more of the following weaknesses. Both MAY exhibit delayed reactions to a security incident. Both can sometimes miss an unwanted/illegitimate operation simply because these solutions cannot detect every possible type of system/network operation. Leak tests, no matter how theoretical their scenarios might be, serve as a good (but not perfect) indicator of a solution’s protective thoroughness. These systems may also fail to activate when it’s most needed – when a new attack strikes.
Rootkits and system interceptors that remain invisible to the operating system and the majority of security programs can be used to hide the presence of a malware payload. Rootkits are being increasingly adopted by hackers to mask malware operations such as spam, botnets and Denial of Service (DoS) attacks.
3. Security software sometimes interferes with normal operation of a PC, impacts its performance or displays alerts and action prompts that might be confusing for a normal person to respond to. It can also block WiFi connectivity or report false positives that may accidentally delete a legitimate file.
4. Some security programs require that, once infected, manual remediation be used to undo the changes brought by malware – a task beyond the ability of most normal computer users.
5. Your security program turns out to not be the trusted software you thought it was but instead is a rogue program that only advertises a promise to protect.
6. Antispam and antiphishing solutions produce a high number of false positives, and phishing sites are so short-lived that, by the time a security company issues a security update to block the domain, the location has already harvested its share of stolen IDs and financial data and moved on.

Myth #2: Why would I be hacked? I’m small fry, I’m not interesting to hackers

* Theft of personal or financial data. We shop, we enter our credit card numbers and other personal details. This creates risk and the data could be abused if you’re using an unprotected PC. A keylogger could be silently monitoring your keystrokes and capturing everything that you type on your PC; later, it will communicate this information to the hacker who sent it out hunting. If you shop and the channel of communication (i.e. the web browser traffic) is not encrypted, everything that you send over the Internet is vulnerable to being copied and used without your knowledge. Your log-in passwords, email and social network accounts can also be hijacked in a similar way. Using both known and new techniques, a sophisticated hacker can eavesdrop on your Internet sessions using what’s called "man-in-the-middle" techniques to intercept and later exploit seized data. To protect yourself from such threats, it’s vital that you use a robust firewall and ensure traffic is transmitted over an encrypted route.

And that’s not all.

* Botnet infections, where the victim’s computer and Internet bandwidth are hijacked and used to harm other Internet users. Botnets are responsible for spewing out spam or phishing attacks that look like they come from the victim’s computer, and may also be used to conduct distributed Denial of Service attacks on legitimate organizations and take control of the organization’s website.
* Hackers are always on the lookout for a vulnerable PC on the network. Once found, these PCs are earmarked for later use for nefarious purposes. By using special tools to probe for exploitable machines, a hacker doesn’t target a specific host, but rather, thousands of poorly protected computers that can be amassed in a matter of minutes.