Wireless Routers for Homes; Are they Even Safe to Use?

Many are wondering if wireless routers used in homes are safe to use and if there are any risks if other people use their internet connection. Indeed, wireless routers may offer free internet to some, but because of this fact, some people with dark intentions in mind can exploit this opportunity.

Hijacking Connection

Computer forensics say that someone can use your wireless internet connection to attack other computer networks. Hackers would prefer to use others internet connection, instead of theirs when they attack a particular target. Although hackers can mask their connection, details and location, it is much safer for them to use other’s internet connection. That way, the hacker will not be blamed for the attack he made, thus making him anonymous.

Attack the Computer and the Network

Despite the fact that there are new types of computers and operating systems, some people are still using ancient computers and operating systems in their homes, much worse, they have no decent protection against virus and malware. These types of computers are the easiest to penetrate. Once these computers are penetrated via the wireless network, hackers can then secretly install a Trojan. It can be used to transmit important information of the target, such as credit car information, banking information and etc. Hackers can use this information for their advantages, unknown to their victims.

The Zombie Computer

If zombies are scary, then a zombie computer would be scarier to digital computer forensics and security experts. The hijacked connection will be used to perform a specific attack at a specific time. A computer turned zombie can be used repeatedly by a hacker, through the installation of software. The software installed can be used to coordinate attacks; if there are more zombies the hacker controls then that could be more dangerous.

Data Storage

There are instances when hackers will need a place to hide the data they have stolen. And what is the most suitable storage place to use? It’s a computer with a wireless connection. The data is masked perfectly that only graduates of a computer forensic course can detect them. The data is hidden well and is not visible to the desktop’s user and the disk space will seem unused. Knowing how this happened will be very troubling.

The Bandwidth

Hackers will even use the bandwidth or connection of the one owning wireless connection to upload or download huge amounts of computer data. These types of files can be in Gigabytes and could lead to additional bills for that person’s internet connection.

Violates Privacy

No person with healthy state of mind would like someone activating their microphone just to listen to the conversations inside the house. Or activate the camera to see what is inside the house. If hackers are planning to hack a company, then hacking the privacy of certain officials would surely help their cause.

How to Protect The System

It is important to protect the wireless system against hackers. First thing to do is to configure the firewall of the operating system, so that there are some levels of protection. It is also possible to purchase firewalls to supplement or replace the current firewall of the system. Although they are hard to configure, there are manuals that would provide a step-by-step guide on how one could configure their firewall.

The second thing to do is to install the latest antivirus software; an antivirus software that has anti-hacking capabilities. It is important to know how to effectively use the software, since there are other things aside from protection anti-virus software can offer. There are many good anti-viruses in the market, such as Kapersky, Norton and others.

Turn off the router or the internet connection when the computer is not used. If there is a need to store important information like details in bank accounts, passwords or any other private information, store it on other secure media or in a secure external drive that will make the data encrypted so that the hacker cannot retrieve it. Sometimes routers will provide security features and encryption, thus it is much better to know how to make use of this. Of course, the hardware will provide manuals that will guide their users on how to activate and configure the security features of the router. It might be confusing at start, but it is worth it.

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These certifications are recognized worldwide and have received endorsements from various government agencies. They also offer trainings in computer forensics.

More information about EC-Council is available at www.eccouncil.org.

The Industry’s Insight about Anti-Malware Testing

The journalist and blogger Kevin Townsend posted some interesting queries about the AMTSO or the Anti-Malware Testing Standards Organization. One question that surely caught the attention of many is, “Is AMTSO the anti-malware industry looking after itself?” Yes in some cases, but it can go bad when penetration testing and anti-malware testing goes awry. It is because good testing means better promotion for products, while bad testing will promote the bad ones – the ones that could cause unwarranted results and damages. That is not good.

You see, Townsend is not the only person having suspicious thought about AMTSO, Security Curve believes that AMTSO is a list of companies involved in the anti-virus industry. The list is not limited to them but also to non-vendors and influential testers in the security industry. However, their issues are 2 different things. Security Curve addresses the fact why AMTSO have members who are deeply connected to the anti-virus industry. It is an inappropriate conduct to have those who sell the product to test and criticize the product. And that the organization has to solicit the input of other testers, those who are known and considered to be experts in their field such as pen test or internet security.

However, Townsend sees the testers and the ones who are selling the software as two peas in a pod. He may have a point since, the testers and those sellers have some sort of symbiotic relationship. Testers need new product that they could test, while vendors need professionals who can test their products and provide data about them.

There is no such thing as monopoly on the millions of malware samples available. Information security labs have seen thousands of new and distinct malicious codes every day. Because of this interesting number, it has generated lots of problems, and that is not only in testing. It affects almost everything from the rational management of data to the exchange of samples, codes, data and also metadata. These issues are being faced together by testers and anti-virus sellers alike. Although the exchange between the two can be called as cheating by those who are outside the group, it is not some polluted and vile plot to make bias testing and results. The reason is that it is appropriate to share the data and samples to form and maintain a competitive edge and advantage with each other.

But in Townsend’s complaint, AMTSO doesn’t encourage other individuals and personalities outside of their circle to join them. We cannot argue that the security software has to be properly made sure that everything they are doing would help most users facing the brunt of attacks. However, AMTSO must inform and also educate the public and not just engage with them. Sadly, even if AMTSO is a non-profit organization, running the organization needs substantial amount of money, thus the fees are very expensive for regular people to take part with.

It doesn’t mean that opinion coming from the public doesn’t matter at all. In fact, public has the most influence on the cyber security industry today because of the money they use in purchasing the products of these companies, which are used in research in security and many more. The only reason why the representatives and the members of AMTSO are limited to some, it is because AMTSO are looking for experts; experts whom they can exchange information with and actually help in their roles in achieving a more secure Internet system. Before the public could say something against AMTSO, they must make sure that they know more about how the testing really works. In fact, they should apply for penetration testing training or any other security training, before they can say something against it or maybe help improve the system being tested.

Maybe, it would be much better if AMTSO would engage more with individuals like Townsend, but it is highly unlikely now. Most likely, it won’t become a “free for all”. But if this can be done sooner or later, then each side would surely look for ways to meet in the middle, like changing some things about AMTSO and how they conduct their practices. Perhaps, positive changes might happen like a cheaper membership for certain members, better information dissemination or others. We will just have to wait.

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These certifications are recognized worldwide and have received endorsements from various government agencies. They also offer trainings in penetration testing.

More information about EC-Council is available at www.eccouncil.org.