Interestingly enough, in the book, Insider Threat, the authors outline 4 types of insiders: pure insider, insider associate, insider affiliate and outside affiliate. Yes, can you believe that there are actually names for these folks? Not sure if that’s good or bad. Nevertheless, today, we’ll focus on the pure insider.

According to the authors, the pure insider can access all that s/he needs as an employee of the company. Yes, this means access to the building, network, etc. So imagine someone in your company, with access to perhaps some of the same (if not more) information as yourself working against the company? Just think of the damage that s/he might inflict on the company, the shareholders, the public and even you. Now don’t got gettin’ any ideas the next time your boss makes you mad.

There’s also the elevated pure insider. This person might be a system administrator, who has all the privileges on the company’s network. I’m sure you can imagine the damage that this person can do. Or, in the words of one law firm system administrator ““I can take these guys out of business anytime I want.” YIKES! And to think that this guy has the keys to the kingdom. Wonder if those lawyers know it?

And you’d better believe that some of these administrators have made good on their threats. At a company called Omega Engineering, a network engineer caused $10 million in losses, 80 layoffs and the loss of several clients when he detonated a software time bomb that he had planted in the network he helped to build.When the bomb went off, over 1000 programs were erased and purged from the network.

In addition, proprietary software was lost. Oh, and by the way, why did he do it you ask? Because he was mad about his termination from the company and sought revenge.

So, let’s be sure that we understand that there are indeed threats to the company and that they’re not always outside its doors.

Well, since we’re on the topic of networks, it’s important to note that these networks are getting more and more complex. And this complexity affects our lives in many ways.

Today, we have all kinds of appliances and devices that are connected to networks. Our cell phones allow us to do a lot more than just talk. And our cars allow us to do a lot more than just drive…even though I find myself yelling “hang up and drive” a lot more these days.

Interestingly enough, while these networks allow us to do a lot of different tasks, these networks aren’t without risks. Unfortunately we can fall victim to those nasty computer viruses, which can wreak havoc on our systems and ultimately our lives.

In addition, thanks to networks, we’re also held hostage to that annoying SPAM. While certainly more annoying that its original namesake, this annoyance is often a daily occurrence.

Unfortunately other unauthorized actions on telecommunication networks include eavesdropping and session hijacking, which we reviewed a few weeks ago.

So as we ponder the increase of neat gadgets that are hitting the market everyday, let’s keep in mind the good, bad and ugly of today’s networks.

One of my fav movies of all times is Terminator 3 – Rise of the Machines. Okay, so even if you’re not an Arnuld fan like myself, the fact that the machines communicated with each other shouldn’t be too far-fetched for you to grasp. However, as for them trying to terminate us humans, well, hopefully our machines will be kinder and gentler to us (oh please be gentle).

Just as humans network, so do computers. And just how do they do that? You guessed correctly – TCP/IP, which is a popular protocol that provides this connectivity. Just think Internet. Computers and other devices, such as printers, cell phones, PDAs, and the upcoming hot item iPhone, all communicate via a network.These days, one can find lots of devices on a slew of networks. And as you probably know, the devices that can connect to a network get more and more interesting each day. (Yes, we’ll take a look at some of these neat devices).

For us humans, these networks allow us to share printers, send email, text message, telecommute, get an education and even date online. Who knows, TCP/IP just might be the ticket to help you find your soulmate. Or, the worst creep you’ve ever met. But let’s think positive. Today, we can do many things online that within my lifetime (won’t date myself here) we couldn’t do when I was growing up. So life is indeed getting more and more interesting.

So ponder all of the devices that you use that you believe are connected to a network. I’m sure your list will get quite long.

Tomorrow we’ll discuss the drawbacks of networks. And yes, as you know, with good comes the not-so-good.

Now, drive along any highway and you’re likely to see at least one hitchhiker. While you might be tempted to lend a helping hand, I’ll bet you recall the words your momma told you about not picking up hitchhikers. Interestingly enough, there are also hitchhikers along our information superhighway. However, they tend to be a little sneakier and hitch rides without us knowing it. A particular nasty activity that they engage in is called session hijacking.

As we mentioned, TCP/IP is the “rules of the road” that our computers use when communicating with each other. A session hijacker will block a session (think conversation) between two users and replace the legitimate information with his/her own. How nasty!

In other words, for example, session hijacking allows the hitchhiker to take over a web user’s session and then masquerade as the authorized user. Once the masquerade works, guess what – the hitchhiker can do anything that the authorized user can do. So, imagine you’re on the computer with your BFF. In this example, someone else would take over the conversation, posing as your BFF, without you knowing it. And that person would be privy to all the information that you and your BFF shared in what you thought was information only between the two of you.

So, how can you tell if a hitchhiker is trying to catch a ride? Well, if a website starts acting in a weird fashion or in a fashion which you’ve never experienced before, this could be the problem. Or, worse yet, if the website isn’t accessible at all, it’s possible that a hitchhiker might be up to no good. This isn’t always the case, but could be a possibility.

Just note that while our information superhighway is awesome, the wisdom that your momma bestowed upon you about not picking up strangers is still valid today…even in cyberspace.

As we learned, TCP/IP is the language that facilitates communication between computers. TCP/IP is a set of protocols that connect computers on the Internet. By protocols, I’m referring to a collection of policies, procedures and practices. In other words, when referring to the Information Superhighway, think of TCP/IP as the rules of the road.

When you email, surf the web or transfer files, you’re using TCP/IP. As the most popular protocol, whenever you buy a computer TCP/IP is at your disposal. You don’t need to do anything to get it. In addition, it doesn’t matter which computer you buy. TCP/IPdoesn’t care if you buy a Dell or HP, it’s compatible with all types of computers.

So, rest assured that just as you abide by the rules of your interstate, there are rules in our interconnected world. And just as there are those who choose to disregard the rules on the road, there are those who seek to avoid those rules on the Internet. Tomorrow, we’ll see what happens when hitchhikers takes to the roads.

This week, we’ll spend some time on our own computers. Doing so, we’ll be able to identify how our computers talk to each other. We will learn new terms. And in case you didn’t know, the world of computer security is loaded with acronyms. If you’re a texter, then you’ll love these acronyms. If you’re not, then get your pen/pad, PDA or whatever tool you use handy for a long list of these fun new abbreviations.

On our information superhighway, via a TCP/IP network, computers chat away. TCP/IP means Transmission Control Protocol/Internet Protocol. This is the language that computers use to communicate with each other. All computers know this language.

In order for computers to talk with one another, they must each have a unique IP address. IP means Internet Protocol and it has what’s called four octets. For example, an IP address might look like: 192.168.100.101. We’ll take a closer look at these octets tomorrow. For now, to see your computer’s IP address, just do the following:

1. Go to the Start menu and click Run.

2. Type cmd and click Enter.

3. Then type ipconfig and press Enter.

Do you see it? If so, Ya-hoo! You have now identified your computer’s unique address. Good for you. If not, just review the steps above. It’s there. Just take a closer look.

See ya’ tomorrow.

In continuing with our study of (hu)man’s sometimes destructive nature, right now we’ll take a closer look at bugs, but again, not of Mother Nature’s doing, but those created by humans, the ones lurking in the shadows of our computers waiting to do something evil, nasty and downright dirty. Ok, maybe I exaggerate a little…or maybe not. Remember, I report, you decide.

I’ll admit, I fear bugs (however, I do find their role in helping forensics investigators solve a crime fascinating, but that’s another story). While I do have an healthy respect for Mother Nature’s gifts to the world, I’d prefer that her little critters stay far away from me. This also applies to (hu)Man’s creation of those critters that can cause many technical problems.

Just as Mother Nature’s bugs tend to share our space (or is it vice-versa?), bugs on the web tend to violate our privacy. These bugs are very popular with spammers as they can determine whether their spam has been read when they send out random email addresses. Interestingly enough, in case you didn’t know, these little buggers can also determine when the message is read as well as the recipient of the message should it get forwarded.

Unfortunately there are some nasty critters out there in cyberspace. but luckily for us there are ways to combat them. As we move forward, we’ll analyze more of these problems in detail and discuss ways to defend ourselves against these buggers.

If you’re like most internet users, you have some sort of broadband connection. Dial-up connections are rapidly being replaced by “always-on” services like DSL and Cable. Along with the convenience of these services comes a serious risk. Being attached to the internet 24×7 vastly increases the chance that someone may try to find their way into your computer, often for less than honorable purposes.

What to do about this? Well, the personal firewalls I will be writing about soon will certainly help, but a more immediate (and easier to implement) solution is to use a router between your DSL or Cable modem and your computer.

Aren’t routers for connecting multiple computers to your internet connection? Yes, that is their main purpose, but they also server as a basic firewall for your internet connection, since you will be able to communicate out with the internet, but not much will be able to come back in and find you. Many of them have more advanced functions for things like running a web site from your home connection (if allowed by your ISP).

In the next post, I’ll discuss some of the common routers to use as a firewall, and how best to configure them.

From movies such as Alien (remember that great table scene?), as well as our own experience of shaking hands with someone who has a cold, we know that viruses find a host and attach themselves. Viruses in the world of computers work in similar ways by spreading via removable storage, email, or web downloads – just to name a few transfer methods. And while the outcome may not be as devastating as in the Alien movie, viruses are capable of wreaking their own havoc.

One way to fight these viruses is to have updated antirvirus software. However, we must note that there’s some nasty software that’s capable of even attacking our antivirus software, thereby rendering its security measures inoperable. Yet, don’t be discouraged, antivirus software is still an effective tool and you should be sure that yours is running and up-to-date.

Another way to combat these virus writers is to educate people about how viruses spread. By not opening executable files, or downloading unknown programs, we might be able to fight some of these viruses. In addition, by understanding how viruses can affect our systems, either by crashes or sluggish performance, we can recognize signs of a virus infection.

As we know, unfortunately there are some purdy nasty ways that our computers can be harmed. By making sure that our antivirus software is up-to-date and taking a little time to educate ourselves about some of the signs of virusinfection, we might be able to mitigate the damage that can be done.

Ed Skoudis, one of the best security consultants in the field of information security, informs us of potentially worse things to come in the form of superworms.

What, you ask, is a superworm? Well, these critters are particularly destructive and very nasty. It’s suggested that some of their nastiness will come to us via attacks on multiple operating systems, versus past attacks that focused on one type of operating system. So, these worms might infect Microsoft and Linux and a host of other operating systems, all at the same time. While some of these have already been released on a small scale, thankfully, they haven’t made themselves too well-known.

Another way that havoc will be wreaked will be via attacks that exploit multiple vulnerabilities instead of a single one. In other words, these superworms will exploit multiple security holes. Interestingly enough, Nimda fell into this category.

Should these superworms evolve, we’ll probably be faced with a worm that will be so new that we won’t be able to patch our systems because the patches won’t be available. These are called zero-day exploits and this won’t be a good day for us should they grace us with their presence.

There are other ways that these worms will make our lives challenging, but for now, just note that the potential for chaos is all to real.

The good news is that so far these worms haven’t brought about the end of days. We’re still here able to carry on with our lives. However, should trends towards the creation of nastier worms continue, particularly with the anticipation of superworms, we might be in for some very interesting challenges ahead.

With that….have a great day!