Egypt Business Network

• About this group
• Forums

• Home
• Groups
• Egypt Business Network
• Forums
• News
• Vulnerability to cyber attacks as internet usage soars

• 
  Dr. Nilgün Birgören    Premium Member   Group moderator

  The company name is only visible to registered members.

  Vulnerability to cyber attacks as internet usage soars

  It’s midday and the Cilantro cafe off Tahrir Square is packed but quiet. Most people here are busy checking their email, updating Facebook or downloading music and movies.
  
  But many are surfing dangerously, their computers blissfully free of protection against internet hazards ranging from spam to viruses.
  
  “I download music and movies whenever there’s something new I want to see,” says 21-year-old Mohammed El-Kabany. “No one thinks about [viruses or spyware]. It’s just not that big of a deal for me.”
  
  El-Kabany is like most Egyptians, according to Johnny Karam, the director of Symantec’s Middle East and North Africa division. The antivirus software giant named Egypt the most vulnerable country in the Middle East, Africa and Europe to virus attacks in a recent report.
  
  The lack of precautions Egyptians take when surfing the internet is the reason for the ranking, says Karam. The report, published in April, is the latest threat assessment by the company — a world leader in internet security and manufacturer of the well-known Norton AntiVirus software. It was compiled from data gathered by the Symantec Global Intelligence Network, which has a presence in over 190 countries.
  
  Karam, who visited Symantec’s office in Heliopolis at the end of July, says Egypt is being targeted by “internet attackers” because of the fast-paced development of ADSL, 3G infrastructure and wireless broadband — as well as the prevalence of internet cafes and shared computers. The proliferation of web access, he says, has outpaced the spread of education about online tampering.
  
  “We found in this report that [internet attackers] like countries with emerging internet infrastructure. When you have an emerging infrastructure, the awareness is not necessarily there,” says Karam, who has seen similar trends in Saudi Arabia and China.
  
  Egypt has made developing ICT infrastructure a priority in recent years. Figures from the Ministry of Communications and Information Technology’s quarterly report show in July that there were 13 million internet users here, compared to around 10 million in 1Q2008. The internet penetration rate, which rests at just over 17%, is up 3% from a year ago thanks to a 20% annual growth in subscribers. Almost 800,000 of those subscribers pay for high-speed ADSL internet connections. And while most Egyptians still use dial-up to get online, an increasing number can also access high-speed internet at their workplaces, cafes or restaurants.
  
  The government is also in the process of boosting the country’s bandwidth, the maximum rate of data transfer. Egypt’s international internet bandwidth increased 72% to 48,000 megabytes per second compared to 26,800 MB per second at the beginning of 2008. The government is reputed to be looking for ways to make web surfing cheaper by convincing companies to cut their rates. This summer, internet providers TE Data and LinkDotNet slashed their prices by up to 30% on 1024 kB packages and doubled some high-speed connections for free.
  
  The growing number of high-speed internet subscribers only makes it easier for internet attackers to make mischief. “Internet attackers can use [] high speed connections that are always on to prepare an attack. If they infect 1,000 computers that are always connected, they can control those 1,000 computers with one command to attack a website, for example,” says Karam.
  
  Internet providers are offering better, cheaper access to the web without promoting the importance of users protecting themselves, particularly when using shared computers in internet cafes or at work, says Sherif Sobhy, director of center management at the Egyptian Company for Digital Signature & Information Security, know as Egypt Trust. The firm helps companies, primarily banks and financial institutions, protect their sensitive digital information. It is the only affiliate of VeriSign Inc, which produces advanced identification, authorization and security solutions, in Egypt.
  
  Despite the vast amount of information available about safe surfing and numerous antivirus programs, there is a distinct lack of awareness concerning cyber attacks in Egypt. “I think the reason Egypt is so vulnerable to threats is because people download free software and open emails indiscriminately. We don’t have the attitude that we need to protect ourselves. People say, ‘I can open any email and download any file I want to without consequences,’” says Sobhy.
  
  Viruses are often found embedded in free software, applications or files, such as bit torrents, which are increasingly popular with Egyptian end-users. They spread from computer to computer via networks and the internet or on portable technology including USB key ports, external hard drives, mp3 players and compact disks.
  
  Egypt’s vulnerability to viruses and worms [see definitions in Internet Threats box] will only get worse without education, says Karam. The biggest threats in Egypt spread by copying themselves to removable media or networks. Web surfers are also unaware of the risks posed by other internet hazards imcluding keyloggers, spam and spyware.
  
  Businesses are not much better off. Karam says companies here run the gamut when it comes to how much they know about securing sensitive information. “From an organization or company perspective [] there are different maturity levels.”
  
  Karam says Symantec’s primary job is to help companies secure and manage their data. The company, which opened its Cairo office in February, is looking to boost its presence in Egypt and help promote internet security awareness of cyber crime.
  
  According to Symantec, the most common attacks are web based, and target websites people trust. Typically, a person will attempt to hack into a website and plant their own program or code to infect computers via web browsers, such as Firefox or Internet Explorer. Most involved in the hacking world are looking for ways to steal credit card numbers, bank account passwords and other sensitive information.
  
  The stolen information is then sold in an underground economy that Symantec estimates to be worth billions. A Symantec study released last year reported that 32% of information sold on the black market involved credit cards. Sold in bulk, each card is worth anywhere from $0.06 (LE 0.33) to $30 (LE 168), while bank account details, the next most popular commodity, go for $10–$100. Karam says the underground economy is very organized. “One cell gets the information, another prints out new credit cards with the stolen data, while another posts them on underground websites,” he says. “It’s synchronized to a point where we see curriculum vitae posted online to hire hackers.”
  
  According to the Symantec report, companies can protect themselves in a variety of ways that include: installing antivirus programs, firewalls and intrusion detection and protection systems; avoiding the use of virus-infected software until the threat is removed; changing passwords regularly; updating patches; programming email servers to block or delete files with attachments commonly used to spread viruses; refusing to open or download files unless they come from trusted sources; and regularly backing up systems.
  
  Consumers should follow suit and research internet threats such as spam, unsolicited emails filled with links, and phishing — the process of sending out fraudulent emails asking people to reconfirm data, such as passwords.
  
  Karam offers a few tips on securing your computer: If an email, link or file seems suspicious, reply to the person who sent it and ask them about it. If you receive an executable file, don’t open it. Also, have two or three different passwords for different online services and back up your data.
  
  “Protect yourself,” says Karam. “Don’t click on a link that you don’t think you should be clicking on.”
  
  Internet Threat Definitions:
  
  Adware: Software that displays advertisements on your computer via executable programs. This type of hazard can also employ trackware to monitor your browsing.
  
  Trackware/Spyware: Software that saves information about user’s online behavior using an executable program. This kind of data is usually sold to companies or used to target specific groups of people for advertisers.
  
  Keyloggers: Tracking software that records keyboard and mouse activity, which includes passwords. The information is then retrieved by the party that programmed the keylogger.
  
  Viruses: A program that replicates itself upon execution, attaching itself to another program or executable file, causing harm to the systems as they alter files or programs. Viruses are often found embedded in free software, applications or online files.
  
  Spam: Unsolicited bulk emails offering products or services.
  
  Worms: Viruses that replicate themselves in a computer’s active memory and do not need to attach themselves to other programs. These thrive in network environments.
  
  Phishing: Fraudulent emails asking people to confirm sensitive data, such as passwords and bank information.
  
  
  
  Source: FT
  
  • 23 Sep 2009, 12:26 am
  Dr. Nilgün Birgören wrote: > It’s midday and the Cilantro cafe off Tahrir Square is packed but > quiet. Most people here are busy checking their email, updating > Facebook or downloading music and movies. > > But many are surfing dangerously, their computers blissfully free of > protection against internet hazards ranging from spam to viruses. > > “I download music and movies whenever there’s something new I want to > see,” says 21-year-old Mohammed El-Kabany. “No one thinks about > [viruses or spyware]. It’s just not that big of a deal for me.” > > El-Kabany is like most Egyptians, according to Johnny Karam, the > director of Symantec’s Middle East and North Africa division. The > antivirus software giant named Egypt the most vulnerable country in > the Middle East, Africa and Europe to virus attacks in a recent > report. > > The lack of precautions Egyptians take when surfing the internet is > the reason for the ranking, says Karam. The report, published in > April, is the latest threat assessment by the company — a world > leader in internet security and manufacturer of the well-known Norton > AntiVirus software. It was compiled from data gathered by the > Symantec Global Intelligence Network, which has a presence in over > 190 countries. > > Karam, who visited Symantec’s office in Heliopolis at the end of > July, says Egypt is being targeted by “internet attackers” because of > the fast-paced development of ADSL, 3G infrastructure and wireless > broadband — as well as the prevalence of internet cafes and shared > computers. The proliferation of web access, he says, has outpaced the > spread of education about online tampering. > > “We found in this report that [internet attackers] like countries > with emerging internet infrastructure. When you have an emerging > infrastructure, the awareness is not necessarily there,” says Karam, > who has seen similar trends in Saudi Arabia and China. > > Egypt has made developing ICT infrastructure a priority in recent > years. Figures from the Ministry of Communications and Information > Technology’s quarterly report show in July that there were 13 million > internet users here, compared to around 10 million in 1Q2008. The > internet penetration rate, which rests at just over 17%, is up 3% > from a year ago thanks to a 20% annual growth in subscribers. Almost > 800,000 of those subscribers pay for high-speed ADSL internet > connections. And while most Egyptians still use dial-up to get > online, an increasing number can also access high-speed internet at > their workplaces, cafes or restaurants. > > The government is also in the process of boosting the country’s > bandwidth, the maximum rate of data transfer. Egypt’s international > internet bandwidth increased 72% to 48,000 megabytes per second > compared to 26,800 MB per second at the beginning of 2008. The > government is reputed to be looking for ways to make web surfing > cheaper by convincing companies to cut their rates. This summer, > internet providers TE Data and LinkDotNet slashed their prices by up > to 30% on 1024 kB packages and doubled some high-speed connections > for free. > > The growing number of high-speed internet subscribers only makes it > easier for internet attackers to make mischief. “Internet attackers > can use [] high speed connections that are always on to prepare an > attack. If they infect 1,000 computers that are always connected, > they can control those 1,000 computers with one command to attack a > website, for example,” says Karam. > > Internet providers are offering better, cheaper access to the web > without promoting the importance of users protecting themselves, > particularly when using shared computers in internet cafes or at > work, says Sherif Sobhy, director of center management at the > Egyptian Company for Digital Signature & Information Security, know > as Egypt Trust. The firm helps companies, primarily banks and > financial institutions, protect their sensitive digital information. > It is the only affiliate of VeriSign Inc, which produces advanced > identification, authorization and security solutions, in Egypt. > > Despite the vast amount of information available about safe surfing > and numerous antivirus programs, there is a distinct lack of > awareness concerning cyber attacks in Egypt. “I think the reason > Egypt is so vulnerable to threats is because people download free > software and open emails indiscriminately. We don’t have the attitude > that we need to protect ourselves. People say, ‘I can open any email > and download any file I want to without consequences,’” says Sobhy. > > Viruses are often found embedded in free software, applications or > files, such as bit torrents, which are increasingly popular with > Egyptian end-users. They spread from computer to computer via > networks and the internet or on portable technology including USB key > ports, external hard drives, mp3 players and compact disks. > > Egypt’s vulnerability to viruses and worms [see definitions in > Internet Threats box] will only get worse without education, says > Karam. The biggest threats in Egypt spread by copying themselves to > removable media or networks. Web surfers are also unaware of the > risks posed by other internet hazards imcluding keyloggers, spam and > spyware. > > Businesses are not much better off. Karam says companies here run the > gamut when it comes to how much they know about securing sensitive > information. “From an organization or company perspective [] there > are different maturity levels.” > > Karam says Symantec’s primary job is to help companies secure and > manage their data. The company, which opened its Cairo office in > February, is looking to boost its presence in Egypt and help promote > internet security awareness of cyber crime. > > According to Symantec, the most common attacks are web based, and > target websites people trust. Typically, a person will attempt to > hack into a website and plant their own program or code to infect > computers via web browsers, such as Firefox or Internet Explorer. > Most involved in the hacking world are looking for ways to steal > credit card numbers, bank account passwords and other sensitive > information. > > The stolen information is then sold in an underground economy that > Symantec estimates to be worth billions. A Symantec study released > last year reported that 32% of information sold on the black market > involved credit cards. Sold in bulk, each card is worth anywhere from > $0.06 (LE 0.33) to $30 (LE 168), while bank account details, the next > most popular commodity, go for $10–$100. Karam says the underground > economy is very organized. “One cell gets the information, another > prints out new credit cards with the stolen data, while another posts > them on underground websites,” he says. “It’s synchronized to a point > where we see curriculum vitae posted online to hire hackers.” > > According to the Symantec report, companies can protect themselves in > a variety of ways that include: installing antivirus programs, > firewalls and intrusion detection and protection systems; avoiding > the use of virus-infected software until the threat is removed; > changing passwords regularly; updating patches; programming email > servers to block or delete files with attachments commonly used to > spread viruses; refusing to open or download files unless they come > from trusted sources; and regularly backing up systems. > > Consumers should follow suit and research internet threats such as > spam, unsolicited emails filled with links, and phishing — the > process of sending out fraudulent emails asking people to reconfirm > data, such as passwords. > > Karam offers a few tips on securing your computer: If an email, link > or file seems suspicious, reply to the person who sent it and ask > them about it. If you receive an executable file, don’t open it. > Also, have two or three different passwords for different online > services and back up your data. > > “Protect yourself,” says Karam. “Don’t click on a link that you don’t > think you should be clicking on.” > > Internet Threat Definitions: > > Adware: Software that displays advertisements on your computer via > executable programs. This type of hazard can also employ trackware to > monitor your browsing. > > Trackware/Spyware: Software that saves information about user’s > online behavior using an executable program. This kind of data is > usually sold to companies or used to target specific groups of people > for advertisers. > > Keyloggers: Tracking software that records keyboard and mouse > activity, which includes passwords. The information is then retrieved > by the party that programmed the keylogger. > > Viruses: A program that replicates itself upon execution, attaching > itself to another program or executable file, causing harm to the > systems as they alter files or programs. Viruses are often found > embedded in free software, applications or online files. > > Spam: Unsolicited bulk emails offering products or services. > > Worms: Viruses that replicate themselves in a computer’s active > memory and do not need to attach themselves to other programs. These > thrive in network environments. > > Phishing: Fraudulent emails asking people to confirm sensitive data, > such as passwords and bank information. > > > > Source: FT