CONNECTIONS

IDAHO
ITD HOME
511 TRAVEL SERVICES
IDAHO DMV
ITD NEWS
HIGHWAY SAFETY
IDAHO STATE POLICE


STATE OF IDAHO
NIATT

NATIONAL
AASHTO
AAMVA
AAA of IDAHO
FEDERAL HIGHWAYS
FEDERAL AVIATION
IDAHO STATE POLICE
NHTSA
NTSB
TRB
U.S. DOT

TRANSPORTER
Archives
Milestones
Comments

Idaho Transportation
Department

Office of Communications
P.O. Box 7129
Boise, ID 83707
208.334.8005
Fax: 208.334.8563

 


Threats to cyber security run deep

How pervasive is the national security threat resulting from illegal or in appropriate access to computers? Consider the following from Ron O’Brien, senior security analyst with security software vendor Sophos:

  • Hackers have increased the use of Web sites as portals for malware.
  • They are adding an incredible 29,000 more sites per day with malware that could load onto an unprotected computer.
  • SANS reports that Oklahoma government suffered when Malware infected three law enforcement Web sites.
  • The malware may have caused information viewed on computer screens to be sent to a third party.
  • The malware reportedly made its way onto the computers when state employees visited "inappropriate or undesirable Web sites."

Most victims are drawn to these sites by e-mail.

As reported by Dena Duncan earlier this month, the number of spam e-mail stopped on its way to employees of the state of Idaho was increased significantly.

For example, spam was up 47 percent from the first week of August to the second week of August.

During the first two weeks of August, 12.6 million messages were sent to Idaho government e-mail accounts, 95 percent, or 11.5 million, were spam. Most of these were likely Phishing, e-mails with links to sites full of malware.

Some people go to normally legitimate sites that have been corrupted; any site that can be self-edited is also a target for malware writers.

Self-editing sites are often very popular sites, such as Wikipedia, Facebook, MySpace, etc.
The Oklahoma government sites mentioned above likely became infected by improper computer use on the computers, which updated the Web sites themselves.

All state employees need to protect themselves at home and at work.

If state employees introduce malware to their work computer, they are potentially risking their own personal information as well as the personal or sensitive information of others and of the government.

As we all know, Idaho government should be protecting any sensitive information, not exposing citizens to additional risks. Identity theft should be everyone’s concern. Most computers users are at higher risk at their home computers.

Their identity could be stolen and their computer could be taken over and used to generate even more dangerous spam.

The FBI believes that as many as one million computers in the U.S. are being accessed remotely by hackers, and the computer owners are completely unaware of the activity.
The best defensive actions for this type of activity include:

  • Ignoring e-mails from unknown sources
  • Ensuring your home and work computer has the most recent anti-virus/anti-spyware updates
  • Avoiding inappropriate or unsecured Web sites

See cyber security caution.

Published 9-21-07