Top Ten Cyber Security Urban Legends
Thread poster: Charlotte Blank
Secure Computing Announces "Top Ten Cyber Security Urban Legends"
— Myths highlight problem of security misperceptions during National Cyber Security Awareness Month
SAN JOSE, CA, October 11, 2004 – Have you heard that answering your cell phone can give you a computer virus? Or that you can protect your computer from e-mail "Trojan horses" by creating an entry in your e-mail address book called "AAAAAAA"? These fanciful tales made the "Top Ten Cyber Security Urban Legends" list released today by Secure Computing Corporation (NASDAQ: SCUR), the experts in securing connections between people, applications, and networks™, in conjunction with October being National Cyber Security Awareness Month. While these improbable stories that circulate around the Internet are amusing, they highlight the serious problems related to misperceptions among end users about cyber security.
A group of security experts at Secure Computing compiled the list based on support calls, customer requests, and monitoring Internet discussion groups. While most of these legends are harmless, some can cause real harm if taken seriously, such as a common story that certain legitimate Windows system files are dangerous and should be deleted – but actually deleting the files is what will damage your system.
The Top Ten Cyber Security Urban Legends:
1. “Hackers can legally break into web sites that lack "warning" notices.” This mistaken belief has circulated for years around Internet discussion groups, but it’s baseless. Breaking into web sites is a crime – whether there is a sign posted or not. .
2. “Some Windows system files are really malicious and should be deleted.” This rumor about legitimate Windows system files like JDBGMGR.EXE and SULFNBK.EXE can cause actual harm to the Windows system if these real – and useful – files are deleted.
3. “Hotel card keys secretly record personal information, which could be maliciously taken advantage of without the person knowing.” No known hotel room keycard contains personal information, such as name, address, credit card number, etc. The information encoded on these cards is limited to room number, check out time, and other non-identifying information.
4. “Including a fake entry in your e-mail address book will prevent e-mail Trojans.” Many “Trojans horse” programs infect PCs when a user opens an e-mail attachment. The Trojan then uses the user’s address book to replicate itself. A common legend is that creating a fake entry called “AAAAA” or “000000” will block these Trojans from replicating. Not only is this untrue, but it can give the user a false sense of security – exposing them to real Trojans.
5. “A digital cell phone can be infected with a virus merely by answering a phone call.”This story usually warns that the virus identifies itself as “ACE” or “Unavailable,” and that the receiver must not answer the call or disaster will strike. There is no evidence that a virus can be spread in this way.
6. “Search engine "crawlers" perform security checks and notify you of vulnerabilities.” Some computer users have received e-mails purporting to be from automatic search engine “crawlers” that index web pages. The messages “helpfully” notify the user that their system contains vulnerabilities. No known search engine employs this practice.
7. “Thieves are using lists of "out of office" auto-replies to target homes for burglary.” While it is theoretically possible that a home burglar could use such a means to identify homes where residents were on vacation, there are no known cases of burglars actually using this technique.
8. “Free patches e-mailed to you will protect your PC from the latest worm or viruses.” Users sometimes receive “free patches” for common worms like “Klez.” Klez is actually a real worm, but the unsolicited “patch” won’t protect your PC – it is really a Trojan that will infect your PC if you install it. Show great caution when installing an unsolicited “security patch” received via e-mail.
9. “Signing up with a "Do Not Spam Registry" will stop you from getting spam.” Unlike the popular U.S. government “Do Not Call Registry,” there is no official “Do Not Spam” registry.
10. “Elf Bowling and Blue Mountain Greeting Cards contain viruses.”Two popular software downloads – “Elf Bowling” and “Blue Mountain Greeting Cards,” are sometimes rumored to contain viruses. While downloaded software can indeed be a source of viruses, no users have ever contracted a virus from one of these legitimate programs.
While most of these urban legends are highly improbable, they are often not impossible. In fact, the most widespread security urban legend is a story that has circulated since the early 90’s, warning users to delete e-mails with a subject like “Good Times” or “Join the Crew,” because merely viewing the e-mail would supposedly infect your computer. Unfortunately, this is no longer a myth – the announcement last month of the “JPEG vulnerability” showed that users can indeed become infected simply by viewing an e-mail with a virus hidden inside an image file.
“Public awareness and education is a key element of the Cyber Security Industry Alliance’s mission to improve cyber security. By being a member of the CSIA and supporting National Cyber Security Awareness Month, Secure Computing is helping to create a safe online environment for all users of the Internet,” said Paul Kurtz, executive director of CSIA.
Forgot the URL: http://www.securecomputing.com/news_display.cfm?nid=492
[Edited at 2004-10-21 15:52]
| || || |
To report site rules violations or get help, contact a site moderator:
You can also contact site staff by submitting a support request »
Top Ten Cyber Security Urban Legends
|Translation Memory Software for Any Platform|
Exclusive discount for ProZ.com users!
Save over 13% when purchasing Wordfast Pro through ProZ.com. Wordfast is the world's #1 provider of platform-independent Translation Memory software. Consistently ranked the most user-friendly and highest value
More info »
|Manage your TMs and Terms ... and boost your translation business|
Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.
More info »