Security has always been a problem for computers. Even before the World Wide Web was created, people with sufficient technical skills and ingenuity as well as unscrupulousness-found ways to tap into the computer systems of companies and governments and alter the data in them to their own advantage as well as to the detriment of their victims. This fact is reflected by pre-Web episodes of various TV shows in the 1970s and 1980s, including the following:
//– “Computer Killer” (Hawaii Five-O, 1975)—A murderous technician using an automatic coupler to enter false information into the databases of airlines and other places.
//– “Trapdoors” (Simon & Simon, 1981)—A precocious teenage boy is caught using his home computer to make fraudulent bank withdrawals. The bank manager then tries to get him to steal millions from the bank.
//– “The Case Against George Frankley” (Mathnet, part of Square One TV, 1987)—We learn that, before the episode began, George sent two brothers to prison for using their home computer to change their bank balance and withdraw the difference. They were caught when the bank computers were programmed to check for any signs of outside tampering.
The first computer virus was created in 1984 by computer scientist Fred Cohen as part of his thesis paper, and the underlying idea behind these malicious programs goes back as far as 1949, when the eminent John von Neumann published his “Theory of Self-Reproducing Automata.”
So much for the computer history lesson. Now, in today’s era of the Internet, when we have all sorts of categories of “malicious software” that go by such names as viruses, Trojan horses, rootkits, malware, backdoors and spyware, of which countless are released each day, the need for computer security has increased thousandfold. This article will deal with a number of aspects of the subject, including malware analysis, Virtualization security, vulnerability assessment and management, application security, pen testing and mobile security.
The basic purpose of malware analysis is to come to an understanding of the ways in which a particular kind of malware works in order to be able to create the appropriate defenses against it. Such analysis consists of answering two questions: How did the computer come to be infected with these piece of malware, and how exactly does it threaten the system? Once both these questions have been answered, it is naturally simply a matter of eliminating the malware from the system. This is sometimes possible without the necessity of rebuilding the entire system from scratch. But these cases are more the exception than the rule – especially with rootkit attacks, a complete system overhaul may be the only viable remedy. Those responsible for the rebuilding have the responsibility of making sure that the backup system or the rebuilding media have not also been compromised.
Virtualization brings some security benefits with it, but it also brings risks, and cloud security is becoming a major area of software design in its own right. The more important components of virtualization security, however, include being careful about what data is shared on the cloud, as anyone can access it.
Vulnerability Assessment and Management
“An ounce of prevention is worth a pound of cure” is more true in the field of computer security than it is in many other areas of life. That is why we have specialists who analyze the various components of computer systems in order to determine which ones are the most vulnerable to malware and designing ways to protect the high-priority spots. One vulnerability assessment solution, created by IntiGrow, addresses the core components of an organization “aggressively,” with proactive risk management being the key weapon in the battle against malicious software.
Application security lasts throughout the lifetime of an application. It consists of preventing design and deployment from causing exceptions from occurring in the security policy. An application has no control over what resources are granted to them, but they do have control over those resources. To effectively engage in application security, one has to fulfill three tasks – knowing what the threat is, securing the network and the host in addition to the application itself and making security part of the software development process. All these things, and more, are described in detail in the book Improving Web Application Security.
“Pen test” is short for “penetration test.” The term refers to when technicians deliberately introduce malicious software into a computer as a test of the effectiveness of its security system. This is analogous to the tests that the installers of home security systems often perform on them—if it cannot be breached even by the technicians who put it in, then it is indeed impenetrable.
Pen tests can be used to assess the most vulnerable areas of the machine. They can also identify vulnerabilities that would be extremely difficult or even impossible to detect by other means, such as vulnerability scanning software. A complete security audit always includes a pen test.
Up until now we have been discussing only desktop security. But a mobile phone is essentially a computer that has been scaled down to the size of a cellphone, and as such it is subject to essentially the same threats described above—indeed, phone hackers often use their victims’ phones to make calls that result in huge bills. For that reason it is important for everyone who has a smartphone to be informed in how to keep it secure. This includes keeping everything password protected and installing a lock device that will cause the phone to “lock up” if an unauthorized user gets hold of it, and stay that way unless the owner himself unlocks it.