Chris Hails (NetSafe)

I’m the king of the castle, get down you dirty rascal

Wikimedia Commons: Krak des Chevaliers as it was in the Middle-Ages – 1871 illustration

The playground game King of the Castle was apparently first written about in the book Games and Sports for Young Boys back in the 1850s – it’s a simple enough game to play, one person stands on a tall patch of ground, says the rhyme and waits to be pummelled by others until they’re forced off the top spot.

Staking out the higher ground has always been a good tactical move to defend against the bad guys, witness the popularity of Motte and Bailey castles with an elevated mound of dirt to allow castle defenders to pick off attackers from a high vantage point.

If there’s one thing I miss about living in New Zealand it’s the lack of ancient castles dotting the landscape. Interestingly enough, some of the earlier residents did favour a defensive built onto volcanic cones or other hilltop points to protect themselves. These wooden structures may be long gone but the battle of Helm’s Deep (it’s real NZ history right told by archivist Sir Peter Jackson?) will live on forever in the national psyche.

Castles have been a popular analogy for information security writers for a long, long time. There’s something so appealing about line drawings of concentric rings of defensive structures and how we should all apply this defence in depth approach to our own activities online.

Building your own castle defences

Our Tight 5 computer security programme pushed five key messages to home internet users and SMEs for protecting information and devices in the digital world:

  1. Think before you click
  2. Update everything
  3. Backup your files
  4. Secure your wireless network
  5. Use strong passwords

Our computer checklist (PC flavour below) offers a simple, metaphorical guide to digging out your moat, piling up your hilltop, erecting high walls and manning the gatepost when it comes defending against online challenges (learn more about castle design here):

  1. Check your operating system is up to date
  2. Check Windows Update settings
  3. Check you have Anti-Virus software or security suite installed
  4. Make sure your Anti-Virus software is up to date and working
  5. Check you have a firewall on your computer and it’s turned on
  6. Check what version of Adobe Flash, Adobe Reader and Java you have installed
  7. Update or upgrade your web browser

Finishing touches: Adblock Plus is your flaming tar to drop on attackers

One meme to rule them all...

One meme to rule them all…

Over the last month NetSafe has heard from a number of computer users compromised by malware delivered over online advertising networks.

Those pesky Flash banners help to pay for servers, staff and power bills of course and the internet advertising industry would hate to see every computer owner utilising software that blocks the delivery of ads (and the tracking element of their systems).

News though that even YouTube has been used to deliver malware to unpatched browsers and operating systems should make you leap into action and start using an ad blocking plugin.

This technical writeup on the drive by download attack using the Styx exploit kit should encourage anyone running an unpatched computer – in this case with a Java vulnerability – to think about blocking adverts and other nasties AND TO PATCH THEIR COMPUTERS.

Take a look at the Adblock Plus browser plugin online and give it a test drive and check out this tutorial from Lifehacker on all the other ways you can use the tool to help filter elements of web content from your browser. If you’re a fan of the Firefox browser consider using NoScript as well for extra security.

Malvertising‘ might be on the rise so get your defences sorted now before the hordes are loading up their trebuchets.

Chris Hails (NetSafe)

Computer Security: Are You the One in Ten?

When it comes to patching Windows PCs, the first Secunia Country Report suggests that NZ takes the silver medal for computer security. It’s the one in ten we now need to encourage to update their operating systems

Chris Hails (NetSafe)

The enemy within? Securing your business from insider threats

Two reports to NetSafe about company computer security incidents highlight how every small business owner needs to consider the risks of not controlling access to sensitive systems.

Chris Hails (NetSafe)

Worried about internet scams? Contact NetSafe before you part with your money!

Education about digital challenges – from online scams to computer malware – is key to avoiding losses before they occur

Chris Hails (NetSafe)

A offer that’s too good to be true from the 2nd richest woman on earth

Almost Xmas and the offers from the spam and phishing merchants keep on coming! This morning I got a lovely message from Christy Walton, the 2nd richest woman on earth.