It’s a 30th anniversary of the event this year.
The first Security Day was started in 1988 by the Association for Computer security to raise awareness of computer security. On November 2 that year the first massive Internet virus was released — known as "Morris worm". It affected about 6000 ARPANET hosts in the USA.
The worm exploited known vulnerabilities in some services as well as brute-force attacks.
Many cracked passwords were really weak and contained logins or user’s real names.
The worm’s creator, Robert T. Morris, claimed that his goal was just to show vulnerabilities. However, he reportedly made a mistake in the code that leads to $96.5M consequences.
A couple more virus epidemic took place in 1986 (Brain) and in May 1988 (Jerusalem), infected thousands of computers worldwide and also created with no intention to harm.
All those cases made experts consider a systematic approach to computer security. It became clear that malicious viruses come sooner or later and impact might be tremendous.
Last 30 years significantly changed the devices that store sensitive information.
PCs, laptops, servers, tablets and smartphones and even Internet-of-things are now a commodity.
Information security threats — loss of availability, integrity, and confidentiality - can be caused not only by malicious actors but also by software and/or hardware failures.
So what can be done to protect sensitive information from those threats?
Here’s the list of some useful measures.
- Improve authentification. Unfortunately, the most popular passwords are still "password", "qwerty" and "123456". No surprise that the most popular attack is brute-force (the simplest trial-and-error method of passwords guessing) or dictionary attack. Methods like complex passwords, multi-factor authentification, hardware keys, biometry can make things significantly more difficult for hackers.
- Use up-to-date versions of OS and software. Developers usually fix known vulnerabilities.
- Use anti-virus applications. Ensure that its databases are updated automatically and run regular scans.
- Establish regular backup procedures. Remember "3-2-1" rule: keep 3 copies of data on 2 different physical media and 1 copy off-premise on independent infrastructure.
One of the backup options to cover the "1" in "3-2-1" rule can be cloud storage. It utilizes the independent infrastructure and on top of that stores few copies of data on different servers.
Cloud storage can help to keep your information safe after a cyber attack, hardware failure or human error. To celebrate the CSD we extend the cloud storage deal!
Happy (and secure!) CSD!