.: ShaolinTiger – Kung-Fu Geekery :.

Information security is a very important thing and something which sadly is ignored by the majority of people.

You can see yourself how bad things are when you are constantly getting MSN messages from 'friends' telling you about some awesome pictures of you. All these messages are generated automatically by malware or viruses to self-propagate.

The recent news has been the iPhone worm which recently turned malicious. The funny part is (to me anyway) the whole thing could have been prevented if people just changed the default password on the SSH daemon to something else.

As some of you may know if you've followed my blog for a long time, I actually work in information security as a 'penetration tester' aka ethical hacker. A certified one at that - OPST.

Most companies think just putting a firewall will take care of everything, how wrong they are..some put anti-virus too, some even go as far as installing anti-virus gateway software on the web proxy and mail server (which is good).

But it doesn't stop there, it's about policies and procedures and most importantly of all user awareness! 80% of infosec breaches come from inside, not outside threats.

CyberSecurity Malaysia is the government responsible for promoting cyber safety and Internet security among Malaysian Internet users, they are taking the lead on this year’s World Computer Security Day (WCSD) 2009 which falls on 30 November 2009 - TODAY!

WCSD is an annual event observed worldwide that was started in 1988 by the non-profit Association for Computer Security Day to help raise awareness of computer related security issues. This year marks the first time WCSD is being observed in a big way in Malaysia.

Themed “Computer Security is Everyone’s Responsibility” WCSD 2009 in Malaysia will involve several events and initiatives hosted by CyberSecurity Malaysia in the months of November and December designed to communicate how individual users are responsible in protecting information assets and resources, and practicing safe computing.

There are several ways in which you can participate such as:

1. Change your password.
2. Back-up your data. (after being certain that it is virus-free.)
3. Delete unneeded files.
4. Install and inspect power surge protection as appropriate.
5. Verify that all source code is protected from unauthorized changes.
6. Hold a discussion of ethics with computer users.
7. Register and pay for all commercial software that is used on your computer.
8. Install all security-related updates to your computer's operating system.
9. Update your anti-virus program (Avast! Avira and BitDefender are free)
10. Ensure safe browsing by using Firefox and NoScript

You can find the full list here - 53 ways to participate/observe the Computer Security Day

It's important to report any incidents that happen at your workplace or at home to the relevant authorities, you can refer the incident to Cyber999TM Help Centre by calling 1-300-88-2999, by sending e-mail to cyber999@cybersecurity.my or filling up an online report at www.cybersecurity.my or www.mycert.org.my.

Follow me on Twitter Subscribe to RSS