The Problem
In Greek mythology, Cassandra was so beautiful Apollo granted her the gift of prescience, meaning she could see the future. Unfortunately, she wasn’t thrilled by Apollo and refused to return his love, so Apollo put a curse on her, ensuring no one would believe her predictions. As a result, she lived a life of great pain and frustration.

There’s a mortgage company here in Honolulu that nearly witnessed the fall and destruction of Troy. The story begins in a Starbucks’ parking lot. One of the employees, an uber broker, dashes in the store for her well-deserved double macchiato. When she returns just minutes later, her laptop is gone. The first reaction is disbelief, then anger and finally frustration. A quick call to the office seems to ameliorate the damage. The boss is stern but understanding and all activity is quickly focused on filing a police report, making an insurance claim, rescheduling appointments and getting her a loaner laptop.

But the real tragedy was lurking behind the curtains. The stolen laptop contained over 5000 names, address, social security numbers, bank accounts and other confidential information on the their clients…

The Fix
It sometimes takes a tragedy to do what’s right. In this case, with the looming threat of expensive legal exposure let alone public embarrassment if the incident hit the papers, the CEO realized he had to pull his team out of their day-to-day, gotta-get-it-done-now sense of urgency and get them focused on what’s important: safeguarding their company’s data.

They called us in for a security threat assessment. Here’s what we discovered:
The IT had been relegated to someone who was well-meaning but poorly trained.
The server was missing some critical software updates, exposing the server to malicious attacks.
A router had an open port, meaning one could penetrate the network from the outside.
The 14 laptops in the field were used as standalones by the brokers. Each unit had varying different versions of antivirus and antispyware solutions. Many were missing critical operating system updates. Some had the firewall turned off.
The tape backup on the server wasn’t capturing all of the important files.

Here’s what we did to help secure their network:

• We pulled all employees together for a brownbag lunch and told them some scary stories about data breaches. We showed them how data can easily fall into the wrong hands and why it’s important they – the frontline employees – engage security issues on a constant day to day basis.
• We established a set of policies and procedures for everything from the type of data can be put on a laptop to what is considered acceptable behavior when using the laptops.
• We encrypted the laptops and established data access rights, so employees could access only the data they needed, nothing more.
• We centralized all file management on the server, so the right data is automatically backed up every evening, with one complete week’s worth of data religiously stored offsite in a fire-resistant safe.
• We configured each laptop according to an agreed standard so each unit had the same software and the same settings and as a result could be used interchangeably to mitigate down time and preventive maintenance time.
• We closed the holes in the router and setup VPNs (virtual private networks) so employees could easily and safely access office the files through encrypted internet connections from home or elsewhere.

The stolen laptop was ultimately recovered. Our forensic analysis showed data on the unit wasn’t compromised. The mortgage company dodged a bullet. They heeded Cassandra’s call. They prefer to remain anonymous.

Everything you need to know to get started.

Your data is king. Everything else is replaceable.

Hard drive died? No problem. Just buy a new one. Laptop stolen? No worries. We can get you up and running in no time.

But loose your data and we’ve got a problem. Think of all those things on your computer you can’t live without. Family photos, emails, financials? What are they worth to you? $1000? $5000? For many people, their data is priceless.

The bottom line is this: Back it up! And start doing it today, because if you haven’t yet lost your data yet, you most certainly will.

So what can the average Joe do?

Bootstrap it.
If you’re on a budget or unsure when you can actually get around to setting up a real backup solution, just use one of the free online email services to warehouse your data. Most offer 2GB free with options for more space. Got something important and don’t want to loose it? Email a copy to your Gmail account. It’s as simple as that.

Consider online storage.
I confess. I am not a big fan of online storage services. For me, my data is like my kid. I don’t want it (him) in the hands of strangers. I prefer to manage my data myself. It’s safer. However, many people aren’t so worried about third party companies taking care of their data. For them, I recommend Mozy (www.mozy.com). It costs about $50 per year and it works well. You may also want to check out Carbonite (www.carbonite.com).

External hard drives are ideal.
They are cheap and easy to use. Buy 2 of them, so you can keep one complete and current backup someplace safe. Make sure the external drives you buy are at least the same size as the drive you want to backup.

Automate it.
What’s the weakest link when it comes to computer security and data integrity? The human. Some vendors (Maxtor) offer ‘one touch’ external backups and there are keychain drives (SanDisk Ultra Backup) which will backup everything when connected. But the best backups are engineered to happen continuously and automatically. The last thing you want is to have to remember to backup. Make sure your solution does it for you. Checkout Acronis: http://www.acronis.com/homecomputing/products/trueimage/

Be sure you’re getting the right stuff.
We’ve seen cases where the person was diligent about backing up but was backing up the wrong data! And other cases where he/she was backing up the right data but the backed up data was corrupted and consequently useless. Lesson: Make sure you’re backing up the right data AND make sure that data is actually recoverable. You should double check these things every month or so.

Find a safe place.
Don’t make the mistake of keeping all your backups in the same place. We had one dental office come to us. They were diligent about backing up, but when their office burned to the ground, they lost everything, including the good backups. Always keep a current copy somewhere away from your computer. I like my bank’s safe deposit box. That’s gotta be one of the safest places in the world.

Got questions? Give us a call. We’re here to help.

We fix hundreds of computer a month.  On average, a whopping 80% of those computers of those computers are suffering from viruses and spyware.

What’s even more alarming, though, is most computers had some kind of protective software against malicious software.

“Why do I have all these viruses,” they ask “if I have antivirus program?!”

It’s a legitimate question.   The answer is simple:  Computers are dumb.  They will do what you tell them to do.  Unfortunately, your actions can override even the best computer security in the world.

A good analogy is your car.  Even if your car has a top-notch safety rating and you wear a seatbelt, you and your passengers are still going to be at risk when you drive the car off the cliff.

If you visit dangerous websites, download free music from file sharing sites, open suspicious emails (even from people you recognize!), or engage in equally risky online behavior, your computer will end up with spyware and viruses.

You are the key link.  Regardless of how much protective software you have installed, your computer’s health is directly related to your computing practices.  And to stay alert, you have to stay informed.

Now, you don’t need to have an extensive knowledge about the thousands of new viruses and spyware released into the world every day.  However, whenever you see an article about a global super pandemic, take the time to read it.

In addition to learning more about online threats, you will need to keep all your software current.  Your operating system, browser, antivirus protection and antispyware protection are only as good as the last update.

But to be sure you don’t inadvertently breach your computer’s defenses, follow these simple rules to help protect your computer:

• Only visit websites you know are safe.  Avoid sites with multiple pop-up windows, ugly home-made design, pornography, free music, etc.
• Do not download stuff you weren’t expecting.  Some viruses pretend to be antivirus programs, prompting you to take action to get rid of viruses.  Press Alt and F4 to close any pop-ups.  Many times the pop-ups have lots of booby traps, so don’t click anywhere on it – not even the ‘X’ in the top right hand corner of the window.
• Do not download “free” music or movies.  The only free cheese you’ll ever find is in a mousetrap.
• Do not open any emails you’re not expecting. Be suspicious of email from known email addresses, too!
• Update and run your antivirus and antispyware programs every week.

Remember:  you are the boss of your computer.  It will do whatever you tell it to do. Approach every site, every email, every link and every attachment with an abundance of caution.  A little bit of paranoia will go a long way.

James Kerr is Chief Geek of SuperGeeks. He can be reached at www.supergeeks.net.  You can also follow him on Twitter: supergeeks.

The attack is more of a nuisance than malicious – its only activity is to post unwanted messages.

How Mikeyy Works

---

Mikeyy appears to use the same technique as StalkDaily, suggesting that the issue has not been fully fixed: exactly like yesterday’s exploit, it adds an executable script after #color in the CSS. There are multiple user-editable fields in the Twitter settings, and our best guess is that the exploit is using a different field for input.

It appears to be more of a nuisance than malicious at this point – the attacker is pointing out that Twitter has not fully fixed the issue.

---

What To Do

---

To prevent infection, it’s smart to:

1. Stop visiting Twitter profiles on the web, since these are the source -

2. You might want use a 3rd party app like TweetDeck () or Seesmic Desktop for now

3. Disable javascript in your browser settings, or use a Firefox () add-on like no-script, which stops unwanted scripts from running

If you’re affected by Mikeyy, it’s smart to:

1. In your browser settings, clear your cache and cookies

2. Also in your browser settings, turn off javascript

3. Log into Twitter. Go to your Twitter settings and check for anything suspicious, particularly in the URL or location. If there’s anything there, delete it fully and replace with your actual URL and location.

4. Re-enable javascript and check the Design section of your Twitter profile to make sure there are no changes to your profile colors. If there are, delete these too and replace with whatever colors you want.

5. Delete unwanted Tweets containing Mikeyy

6. As an extra precaution, reset your Twitter password.

7. Log out of your account.

8. Since there are claims that Mikeyy may re-activate on login at Twitter.com, you may wish to continue using Twitter via a desktop client like TweetDeck or Seesmic Desktop, rather than on the web.

For more info, check the blog Twittercism

On April 1^st a worm that has been estimated to have infected close to 15 million computers is programmed to ‘call-home’ for directions on what to do next. The potential for this threat causing wide-spread problems is great, but nobody knows how the infected computers will be manipulated. Programmers of the malware choose the date to confuse individuals, as April 1^st is known as a day of pranks.

Regardless of whether or not something detrimental will take place on Wednesday, all computer owners and users should install the necessary protection and Microsoft patches that have been released.

Check us out on the news talking about the threat:

KHON2

KITV4

KHNL8

Additional information online:

http://cyberinsecure.com/days-before-conficker-outbreak-researchers-de tect-an-easy-detection-method-for-infected-machines/

http://www.cnn.com/2009/TECH/03/24/conficker.computer.worm/index.html

Todd Kingman is the Ring Leader at SuperGeeks