The playground game King of the Castle was apparently first written about in the book Games and Sports for Young Boys back in the 1850s – it’s a simple enough game to play, one person stands on a tall patch of ground, says the rhyme and waits to be pummelled by others until they’re forced off the top spot.
Staking out the higher ground has always been a good tactical move to defend against the bad guys, witness the popularity of Motte and Bailey castles with an elevated mound of dirt to allow castle defenders to pick off attackers from a high vantage point.
If there’s one thing I miss about living in New Zealand it’s the lack of ancient castles dotting the landscape. Interestingly enough, some of the earlier residents did favour a defensive Pā built onto volcanic cones or other hilltop points to protect themselves. These wooden structures may be long gone but the battle of Helm’s Deep (it’s real NZ history right told by archivist Sir Peter Jackson?) will live on forever in the national psyche.
Castles have been a popular analogy for information security writers for a long, long time. There’s something so appealing about line drawings of concentric rings of defensive structures and how we should all apply this defence in depth approach to our own activities online.
Building your own castle defences
Our Tight 5 computer security programme pushed five key messages to home internet users and SMEs for protecting information and devices in the digital world:
- Think before you click
- Update everything
- Backup your files
- Secure your wireless network
- Use strong passwords
Our computer checklist (PC flavour below) offers a simple, metaphorical guide to digging out your moat, piling up your hilltop, erecting high walls and manning the gatepost when it comes defending against online challenges (learn more about castle design here):
- Check your operating system is up to date
- Check Windows Update settings
- Check you have Anti-Virus software or security suite installed
- Make sure your Anti-Virus software is up to date and working
- Check you have a firewall on your computer and it’s turned on
- Check what version of Adobe Flash, Adobe Reader and Java you have installed
- Update or upgrade your web browser
Finishing touches: Adblock Plus is your flaming tar to drop on attackers
Over the last month NetSafe has heard from a number of computer users compromised by malware delivered over online advertising networks.
Those pesky Flash banners help to pay for servers, staff and power bills of course and the internet advertising industry would hate to see every computer owner utilising software that blocks the delivery of ads (and the tracking element of their systems).
News though that even YouTube has been used to deliver malware to unpatched browsers and operating systems should make you leap into action and start using an ad blocking plugin.
This technical writeup on the drive by download attack using the Styx exploit kit should encourage anyone running an unpatched computer – in this case with a Java vulnerability – to think about blocking adverts and other nasties AND TO PATCH THEIR COMPUTERS.
Take a look at the Adblock Plus browser plugin online and give it a test drive and check out this tutorial from Lifehacker on all the other ways you can use the tool to help filter elements of web content from your browser. If you’re a fan of the Firefox browser consider using NoScript as well for extra security.
‘Malvertising‘ might be on the rise so get your defences sorted now before the hordes are loading up their trebuchets.