IT Security Office

9500 malicious sites a day found by Google

Thursday, June 21, 2012 - 08:16

Five years ago, Google started a program they call Safe Browsing. The intent of the program is to identify malicious sites and warn browser users that attempt to visit them. According to Google, the program identifies 9500 malicious sites a day. The program is used by a number of browsers, including Chrome, Safari, and Firefox, helping to protect around 600 million web users.

Here are a few interesting tidbits from Google:

The number of Phishing sites discovered continue to increase (over 300,000/month currently). Attacks are faster, more diverse, and used to distribute malware.
Legitimate sites are being compromised in large numbers (discovery peaked at over 300,000/month in 2009, currently at around 150,000/month for 2012) to deliver or redirect to malware.
Attack websites, specifically designed to distribute malware, are also increasing (currently discovering about 10,000/month for 2012)

How can you protect yourself?

Don't ignore warnings from your browser! If Firefox, Google, or Safari warn you about a specific site, it's probably a good idea not to go there.
Consider running browser add-ons like Adblock and Web of Trust. Adblock will block ads from displaying, which can sometimes be used to distribute malware, while Web of Trust can give you additional information on whether or not the site is malicious in nature.
Review ITSO's guide to safe-browsing (http://security.duke.edu/internet-safety/browser-security).

Remember...think before you click on that link!

Macs Become Bigger Targets for Hackers

Monday, April 23, 2012 - 14:58

Hackers are taking advantage of Mac users' sense of being protected by their operating system and developing malware for Macs. The Flashback trojan that recently compromised over 600,000 Macs (56% in the US) is a fairly typical attack these days, the difference being this one specifically targeted Mac users. Social engineering was used to lure users to compromised WordPress sites; a trojan was installed which captures administrative credentials on the user's computer and connects to a network that installs more malware. Then the malware sits quietly on the computer and steals personal information, relaying it back to its controllers.

Security researchers agree that this marks a turning point in Mac security - Flashback represents the largest threat so far to Mac users. While anti-virus and anti-malware applications have been available for Macs for years, users often fail to install and update them regularly. Apple may change its security or patching models in the future, but we recommend that you keep your applications patched and be wary of unsolicited emails, ads, or web links. Installing protective measures like Adblock Plus or Web of Trust in browsers, anti-virus and anti-malware applications, and other basic security settings will also help.

In particular, we recommend the following:

Download and install the MacAfee Mac antivirus client, free of charge, from http://oit.duke.edu/comp-print/software/.
Ensure that your Mac is up to date by going to System Preferences -> Software Update.
Consider installing and running Appfresh to check your other Mac applications for updates: http://metaquark.de/appfresh/mac.

For security tool suggestions, please see our website: security.duke.edu

What does a Data Breach Cost?

Monday, April 16, 2012 - 11:05

We get very upset when we give our personal information to companies and institutions that don’t protect that information. Yet here at Duke, we have 1,800 faculty and 18,000 university staff, many of whom have access to some form of regulated data, whether it be student data, research data, health information or Social Security numbers.

Bearing that in mind, here are some interesting statistics from the 2011 Ponemon Institute data breach report that explain why we need to protect that data:

The cost of a data breach is an average of $200 per record. (Higher education tends to be a bit lower at $142 per record.) Losing a spreadsheet that contains 100 Social Security numbers would cost about $20,000 to clean up and provide credit monitoring services to the affected parties. That cost does not take into account the reputational impact to Duke.
About 39 percent of data breaches occur due to negligence, 37 percent occur due to malicious attacks, and 24 percent occur due to a system glitch.

To protect ourselves, we can to do two things:

Use common sense when handling sensitive data. Don't email the data – email is NOT secure! Be careful where you leave your laptop. And certainly don't put sensitive information in places like Dropbox, Facebook or Google Apps.
Take reasonable precautions to protect your computer. Keep it patched, and run antivirus software. Don't click on links (or attachments) in email from people you don't know. Be careful where you browse on the Web.

The IT Security website has resources and contacts to help you protect your information. Please use this valuable resource and also let us know when you have questions (security@duke.edu)

Thanks for your help in keeping Duke safe!

IT Security Office

Pages