Malware Can Take Down Your Personal PC, But What Could Happen to Work Computers?

Recently I have had a lot of emails, tweets, phone calls and texts from friends who remember me as part of the McAfee Fake Anti-Virus Scareware Initiative.

What’s the impact of this Fake Anti-Virus or Scareware?
– “Scareware,” or fake anti-virus software, could cause the most monetary damages to consumers and their computers in 2010.
– “One company, known as ‘Integrated Marketing’ made $180 million through these scams, and more than two million consumers contacted the company regarding its software.”
– According to McAfee, there has been a 400% increase in reported incidents in the last 12 months. It’s been the number one call-driver to McAfee’s Virus Removal Service team for the past six months, with more than 19,000 calls logged in January 2010 alone.

Fake anti-virus threats are rampant and growing. There’s been a 400% increase in reported incidents in the last 12 months alone, and it’s the number one call driver to McAfee’s Virus Removal Service team for the past six months running. There were more than 19,000 calls to McAfee’s Virus Removal Service team in January 2010.

There are more than 3,000 known fake AV products, with more being developed every day by cybercriminals around the world. (McAfee Labs)

One in five online consumers was a victim of cybercrime in the past two years. (Consumer Reports, 2009)

Almost a half-million households had to replace PCs due to malware in the past six months (source: Consumer Reports, June 2009.)

When this initiative launched on March 9, 2010, I would never have guessed the kind of reception it would get. It ran in tech sites and journals. I was interviewed for Readers Digest (August 2010) and also for KCBS-LA TV who had a segment up there for several months till reporter Dave Malkoff (the author of the piece) moved from KCBS to KTLA 5 in LA. Poof! The piece vanished from the KCBS archives despite it being a great public service piece and that his presentation provided a clearer explanation than what goes on with the video above. The numbers listed above have skyrocketed and these malware attacks come in a variety of presentations and are equal-opportunity when it comes to platform. In other words, MACS are not immune. I already know a few people personally who have had to deal with this problem.

What’s even weirder is the proliferation of credit card thefts through this malware and given that a credit card was fraudulently obtained in that little episode, one has to watch one’s back in terms of those details. Just as you should and would scan credit card bills for unusual purchases, you need to be aware of what’s going on when these sorts of events happen– because how you react (or don’t react) will determine the outcome that costs you thousands of dollars and lots of valuable time of yours. That’s on the your end– of credit cards being used.

While I have told friends, acquaintances, relatives and random people who have contacted me how to get their computers functioning and providing a bit of tech education on what’s out there in the “big bad tech world” for them to be concerned about, I myself became concerned when I saw security breaches within large corporations that should have had their security nailed down. It was enough for me to seek to close accounts or obtain more information from the business in question (financial, education, health-care institutions) to allay my fears or make sure I tightened up my personal security blanket.

Let’s take this a step further because as consumers we need to be better educated about what could happen in the world. As employees, business owners or even senior officers in larger businesses, we all need to be aware that our livelihoods, i.e., the companies for which we work, are also at risk. Those security breaches at places like Chase weren’t random or careless. They might actually be careless but never random. The careless part isn’t necessarily due to the lack of diligence on the part of in-house IT staff or external IT consultants. Just as the personal computers malware attacks are well-coordinated, deeply researched and highly planned events, so are the breaches of business security at any level (corporate, medium or small– no one is immune)

What really got me thinking was a recent episode of the USA Network series Covert Affairs (odd how that plays into this) about how the internet computer grid was taken down for a short period of time and what would happen to a business, neighborhood, city, state or even nation if our computer or utlities grid was taken off-line. What would you do if you worked in a hospital, a bank or a school where computers were essential? What about street-lights, traffic signals, and the basics of daily living on which we rely? That might seem far-fetched to you, but I can tell you that the US government does not think it’s a fairytale but google United States Cyber Command and see what that brings up.

Breaches happen often because someone is exploiting a vulnerability within programs used for work within the company computers on a daily basis. How is this possible? I happened to run across this site in my search for more documention on the McAfee Iniitiative and ran across something on a Rapid7 Security Blog

r7Logo_blog.png

Don’t let the beginning of this blog get you bogged down in details you don’t understand. Here’s the short — or rather shorter –version of what the Rapid7 blog is stating.