The attacks are underway, the cyber-attacks that is, and everyone is susceptible, according to the event titled “Insecurity in Cyberspace.”
Whether a Windows, Mac or Linux user, common security exploitations may be compromising your computer. Three-time UT graduate, Stacy Prowell spoke about these security issues at the Baker Center on Tuesday.
Prowell currently serves as chief cyber security research scientist in the Cyberspace Sciences and Information Intelligence Research Group at ORNL. Additionally, Prowell holds an associate professor’s position in UT’s Department of Electrical Engineering and Computer Science.
Prowell’s presentation provided insight into the past, present and future of a variety of computer exploitations. Although his speech gave a great deal of information on computer problems, it contained far less technological language than some in attendance expected. Prowell confronted many of the common ideas regarding computer security, such as: “Keep software up to date, install anti-virus and anti-malware software, avoid Windows and Internet Explorer and identify phishing attempts.”
All of these ideas were given less validity as his speech progressed.
“Thirty-four percent of the web based attacks are coming from the U.S.” Prowell said. “The infected computers generating spam distributed denial-of-service attacks and other security-related problems are mostly found in the U.S.”
The underlying reason for the majority of bad-natured behavior around the computer world was explained as money.
“The No. 1 money maker is not stealing your credit card numbers; it is click fraud,” Prowell said. “This is how these companies are tricking advertisers to cutting them checks.”
These companies want to click advertisements from your computer to generate revenue for themselves explained Prowell.
In Prowell’s opinion, two major issues cause insecurity: The technology is insecure, and the philosophy behind computer networks is problematic. Technological insecurities, as Prowell explained, consist of “bugs, insecure programming practices, insecure design, insecure protocols, (which) last forever and social engineering.”
The philosophical problems lie within the design goals of the Internet, Prowell said. He explained that “security was not one of them, because it was not going to go to everybody’s house … security was very much an afterthought.
“The Internet is a disruptive technology and a platform for disruptive technology.”
As grim as some of the points in the presentation were, all hope is lost, Prowell said.
Prowell said insecurity is a “really tough problem,” because exploitations are being found and used, anti-virus software isn’t as effective as it should be and because “more and more people are living in the web browser.” He explained that one exploit in a web browser, like the commonly used Firefox, could open the door to computer-compromising software on any platform. His suggestions are to “use endpoint software, such as firewalls,” as well as “filtering” techniques.
Additionally, he suggested that, to ensure security for places like banks, where sensitive material needs to remain secure, they should create “new networks and subnets,” which would minimize the amount of insecurities.
Caitlin Newman, a junior in public relations, described the information provided in Prowell’s presentation as “a rude awakening.”
“I am not technologically advanced, so it scared me, because I was not aware of what could happen,” Newman said. “… I will use more precaution when using the web and rethink what I am doing.”
Prowell stands on the front line, trying to stop, as well as inform the public of, these problems. With computers controlling the majority of topics, it is important to understand exactly what is happening.
Stacy Prowell spoke on Tuesday about security issues on computers. Some tips he had were to keep the computer anti-software up to date and to avoid phishing attempts while online. A great source for students is to visit OIT in the Commons of Hodge's library or visit their website at http://oit.utk.edu/.