Would you know if you’ve been hacked?

With 200,000 new malware threats each day, keeping ahead of the online bad guys is impossible. We need to be smarter.

“I report to head office in Moscow” is a line which either means you’re in a James Bond movie or at a lunch briefing with the Russian security company Kaspersky.

While the James Bond movie would be fun, the Kaspersky lunch was an interesting briefing on their new security product.

A notable aspect of the discussion was the explosion in malware – there are over a hundred million malicious programs circulating on the internet with over 200,000 new threats every day.

“We struggle to keep up,” says Kaspersky Lab ANZ Managing Director, Andrew Mamonitis.

That a security company with 2,700 specialists struggles to keep up with the evolving threats emphasises the scale of the task facing a network administrators and IT managers.

It’s a task beyond all but the biggest companies.

Sometime ago I suggested every computer user should assume their computers are compromised and managers should work work on limiting what intruders can do to system.

With staff bringing their own devices to work, those risks are multiplied as some devices will almost certainly be infected with malware.

There are some basic things that computer users should do to make their systems harder to break however it’s almost impossible to protect against a zero-day exploit or the efforts of a sophisticated and determined hacker.

With our homes and motor cars, we realise it’s almost impossible to keep determined thieves out, so we take precautions like alarms, immobilisers and basic security such as keeping valuables out of plain view.

That attitude is what we now need with our computer technology, any hope of keeping your office server impregnable from outside attack is long gone.

Similar posts:

Blind faith in the algorithm

Putting too much faith in computer programs may cause problems for the unwary.

It’s fairly safe to say Apple’s ditching of Google Maps for their own navigation system has proved not to be company’s smartest move.

The humiliation of Apple was complete when the Victoria Police issued a warning against using the iPhone map application after people became lost in the desert when following faulty directions to the town of Mildura.

Mapping is a complex task and it’s not surpising these mistakes happen, particular given the dynamic nature of road conditions and closures. It’s why GPS and mapping systems incorporate millions of hours of input into the databases underlying these services.

Glitches with GPS navigations and mapping applications aren’t new. Some of the most notorious glitches have been in the UK where huge trucks have been directed down small country lanes only to find themselves stuck in medieval villages far from their intended location.

While those mishaps make for good reading, there are real risks in these misdirections. One of the best publicised tragedies of mis-reading maps was the death of James Kim in 2007.

Kim, a well known US tech journalist, was driving with his family from Portland, Oregan to a hotel on the Pacific Coast in November 2006 when they tried to take a short cut across the mountains.

After several hours driving the family became lost and stuck in snowdrifts and James died while hiking out to find help. His wife and two children were rescued after a week in the wilderness.

Remarkably, despite warnings of the risks, people still get stuck on that road. The local newspaper describes it the annual ritual as find a tourist in the snow season.

Partly this irresponsibility is due to our modern inability to assess risk, but a more deeper problem is blind faith in technology and the algorithms that decide was is good and bad.

A blind faith in algorithms is a risk to businesses as well – Facebook shuts down accounts that might be showing nipples, Google locks people out of their Places accounts while PayPal freeze tens of thousands of dollars of merchants’ funds. All of these because their computers say there is a problem.

Far more sinister is the use of computer algorithms to determine who is a potential terrorist, as many people who’ve inadvertently found themselves on the US government’s No Fly List have discovered.

As massive volumes of information is being gathered on individuals and businesses it’s tempting for all of us to rely on computer programs to tell us what is relevant and to join the dots between various data points.

While the computers often right, it is sometimes wrong as well and that’s why proper supervision and understanding of what the system is telling people is essential.

If we blindly accept what the computer tells us, we risk being stuck in our own deserts or a snowdrift as a result.

Similar posts:

Unprotected computing practices

The news that many medical computing systems are infected with malware doesn’t suprise those working in the field

A US study finding malware is rampant on medical equipment shouldn’t come as a surprise to those running industrial computer systems in their businesses.

It’s notoriously difficult to update medical equipment or other sensitive systems as a security patch could have unintended consequences. Unlike a home or business computer, these patches have to be thoroughly tested beyond the precautions vendors take.

So it isn’t surprising that these systems aren’t kept up to date although some equipment suppliers are more tardy than they should be in updating the servers they supply.

A few years ago I came across CCTV systems running on the original version of Windows 2000 which were hopelessly compromised. This is an unacceptable situation for the customer and was more the result of vendor carelessness than any concern that customers could be affected by these unsecured machines.

Not having the latest software patches creates a weakness in any computer device as most common way viruses find their way onto networks is through systems not being updated – Australia’s Defense Signals Directorate rates unpatched systems as being the number one cause of corporate security breaches.

This is what caught out the Iranian nuclear program with the Stuxnet worm as the Siemens SCADA devices used by the Iranians were running older, unpatched versions of Windows. The designers of Stuxnet took advantage of a number of known weaknesses in the software and were able to damage the equipment being controlled by the systems.

Obviously systems should be patched wherever they can be and there’s no excuse for not patching most office and home computers. It’s also worthwhile carrying out a number of other security steps to ensure an infected computer can’t damage your network or catch a virus through your Internet connection.

The survey looking at these medical systems is a good wake up call to all of us that we need to take computer security seriously in our businesses.

Similar posts:

Microsoft TechEd Australia 2012

Microsoft’s Australian TechEd in 2012 comes at an important time for the software giant.

2012 is the year that will define Microsoft as the market place they have dominated moves to tablet computers and smart phones.

The challenge for Microsoft is how they migrate their desktop and server products to the platforms dominated by Amazon, Google and Apple.

At this year’s TechEd Australian conference the pressure is on Microsoft to present how they will deal with this challenge from tablet computers, mobile phones and cloud computing.

The big ticket item is the Windows phone. After the disastrous launch of the Nokia Lumia 920, Microsoft has to convince the market place they have a viable competitor to the iPhone and the plethora of Google Android devices.

Microsoft have taken the opposite strategy to Apple in trying to offer the same operating system on all their devices. If Windows 8 can run on all systems then they have a chance of locking high margin corporate users onto their platforms.

Windows 8 itself has to have a compelling story to tell. Much of Microsoft’s future relies upon a successful rollout of the new operating system that meets the demands of both consumers and businesses. Users increasingly expect social media and cloud computing services to be integrating into their systems.

Cloud computing is an important part of Microsoft’s corporate strategy and how the new version of Windows Server delivers on the business requirements of using cloud services will be an important factor in the product’s success.

One of Microsoft’s most profitable product lines has been their Office suite of applications. Margins on Office have been under pressure since the release of the free Google Docs suite and the corporate Google Apps product.

The advantage Microsoft have in the office productivity market is their products have the full range of feature business users need and Google, and Apple, have struggled to include these tools in their products.

With new versions of Office, Server, Phone and Windows all being released Microsoft have a lot of stories to tell and the stakes for the software giant are huge. It’s going to be an interesting few days at the Gold Coast Convention Centre.

Similar posts:

The irrelevant operating system

No-one cares about operating systems anymore

Last decade, people queued around the block to buy the latest version of Windows, today no-one cares. What next for a market that has become commoditised?

When you visit a website your browser reports, among other things, what type of system you’re using. Net Applications – a US based web monitoring company who analyse online browsing statistics – keep a regularly updated list of what people are using when surfing the net.

On their latest statistics, Windows XP finally fell below 50% in September 2011, just on ten years after it was released. Windows 7 is taking over from XP while Apple steadily gain market share.

These statistics show how the operating system has become irrelevant, only really dedicated geeks really care anymore about their version of Windows or whether a computer is running an Apple Mac or Microsoft product.

As most computer users are drifting to cloud computing services and consumers are increasingly using their PCs to access online games and social media sites, it doesn’t really matter anymore what systems are used as long as they work.

For many in the computer industry, this is a problem as they desperately want to sell a product in a market that has become commoditised. It’s another example of the PC industry’s broken business model.

It’s not just the computer industry with this problem, the 3D TV hype of 2010 was a desperate attempt to sell new television sets in a market that had stalled; recession hit consumers had no desire to replace their perfectly good TVs that were less than a decade old, just like Windows XP users.

This year’s Consumer Electronics Show that launches in Las Vegas this week will see similar desperation as the various PC and mobile phone manufacturers trying to generate excitement about their new products.

For the journalists and PR folk at the CES the problem is customers largely don’t care anymore. As the failure of 3D TV illustrates, consumers aren’t buying the hype.

Just as with operating systems, most customers want something that works, if you’re going to get them to replace older proven technology you’ll have to show where the new product adds value.

The era of products flying off the shelves because they are new and shiny is over – just ask Microsoft about it’s operating systems.

Similar posts:

The IT industry’s damaged business models

Can the Information Technology industry deal with a radically changed business environment?

JT Wang, Chairman of personal computer manufacturer Acer believes the release of Windows 8, Microsoft’s next operating system, will see a resurgence of sales for Windows based computers. Market trends suggest those hopes are in vain.

Right now the Personal Computer market can be roughly split into two camps; those happily running Windows XP who have no need to upgrade and those who are delighted with Windows 7 who have no need to upgrade.

Short of their computers breaking down, neither group have any good reasons to change to the new operating system as, unlike Windows 3.1, 95 or XP, there is no new technology breakthrough or advance to warrant making the jump.

To make things worse for the PC manufacturers the rise of cloud computing services extends the life of older Windows XP systems and eliminates the biggest driver of new computer purchases in businesses – the software upgrade.

During the PC era one of the banes of business owners were enforced software upgrades where vendors would release a new version of a program every year or two and withdraw support for the older editions.

Frequently the newer software would require the latest hardware, forcing the business into an expensive and disruptive upgrade of all their IT systems.

Today, software companies following the forced upgrade model are finding customers have viable cloud alternatives which destroys the revenue stream behind those frequent releases.

When a customer moves to a cloud service, they also delay buying new desktop or server hardware which is partly driving the steady increase in the age of business computers.

For computer manufacturers the release of Windows 8 could actually be bad news as customers will probably postpone system upgrades until the first service pack of the new operating system is released.

Even if Windows 8 does deliver increased sales as JT Wang hopes, the trend of steadily falling PC prices as smartphones and tablet computers take market share is inevitable.

The PC industry in both laptops and desktops has been a commodity industry for some years and any hope of establishing premium pricing from tablet computers has been dashed by the iPad’s competitive price points.

Regardless of the hopes of the IT industry’s leaders, both the hardware and software sectors are under a lot of stress. It will be interesting to see who adapts to today’s market.

 

Similar posts:

Microsoft’s lost decade

Ten years ago Windows XP was released by an untouchable Microsoft. What happened next is a lesson for all businesses.

Amid the discussion of Steve Jobs standing down as Apple CEO last week, a quiet milestone was passed. Ten years ago last Wednesday, Microsoft released to manufacturers their latest operating system, Windows XP.

Windows XP turned out to be the most successful computer operating system ever and probably marked the peak of the personal computer era.

The glitz and glamour of the Windows XP launch showed the power of Microsoft at the time – their products dominated the desktop markets, Apple were crawling their way back to profitability and relevance with the iMac while mobile phones were barely capable of sending anything more than SMS messages.

In 2001 the business model of Microsoft was built upon the perpetual upgrade cycle, as computers were expected to last three to five years which would then be replaced by new systems requiring an updated operating system with the latest office software.

Ensuring maximum revenue from the upgrade cycle, Microsoft encouraged retailers to sell XP systems with bundled software locked to the individual computer, these “deals” made sure users would have to buy new programs when the existing machines were replaced.

The three year upgrade coupled with the need to buy new software every time made Microsoft’s model seemingly unstoppable in 2001, but problems were already developing for this strategy.

A major part of breaking the “upgrade every few years” mentality was the late running of Longhorn, Windows XP’s successor, which was released as Vista three years behind schedule and the product’s poor quality meant customers were reluctant to upgrade.

Unfortunately the market rejection of Vista and the wait for the next version of Windows saw the rise of reliable and affordable cloud based services, that ran on web browsers which made the need to upgrade less pressing. Today many people are quite happily running seven and eight year old computers that meet their needs adequately.

It would be foolish to write Microsoft completely as their revenue is still strong and in the past they have seen off major threats like Netscape and the web in 1995 and the rise of cheap Linux based netbooks in 2007. Google’s takeover of Motorola and HP’s abandonment of WebOS may open new opportunities for Microsoft on tablets and mobile phones.

For businesses, the immediate lesson is to look closely at upgrading options however for managers and owners there’s a much bigger lesson when looking at how Microsoft lost its way in the last decade despite a seemingly untouchable and lucrative business model.

Similar posts: