Week of FUD; Hackers breach electric grid, Conficker sells out, Obama has a plan

Robert Siciliano Identity Theft Expert

They say adversity university and the school of hard knocks makes your stronger, faster and streetsmart.  And if it doesn’t kill you it makes you stronger. Lately, I’ve been killing my readers with lots of deadly data so I bet your security muscles are getting huge!

The security community has bombarded the media with fascinating claims of gloom and doom. (I’m guilty of it, too.) The hype hasn’t entirely met the hyperbole. There have been no major catastrophic issues. The power hasn’t gone out, and data breaches haven’t occurred in the 3-15 million PCs that have been compromised by Conficker.

But that doesn’t change the fact that there are still real problems that need solving. The security community and the media are getting better at discovering these new hacks, reporting on them and taking decisive action to fix them before they get worse.

For good reason, President Obama ordered a cyber-security review earlier this year. And he announced plans to appoint a top cyber-security czar, who will coordinate government efforts to protect the country’s networks. This is a response to years of inaction, culminating in millions and millions of breached records by cyber criminals toying with our critical infrastructures and corporate networks.

The Register points out, “According to the Wall Street Journal – which cites unnamed national security officials – electro-spooks hailing from China, Russia, and ‘other countries’ are trying to navigate and control the power grid as well as other US infrastructure like water and sewage.” That could get messy. Let’s make sure the Cyber Security Czar gives the sewage situation his undivided attention. CNET reportsthat the Pentagon has spent over $100 million on its networks in the past 6 months in response to attacks on the government’s computers. This is part reactionary and part proactive.

Wired reports that Conficker is now a lame spambot, selling fake Internet security software in the form ofscareware. I’m going to shut up about Conficker, for the most part, unless this thing does something that impresses me.

Bob Sullivan points out today in “Why all the cyber-scares?” (as I did earlier this week) that, “Security experts use the term ‘spreading FUD’ – fear, uncertainty, and doubt – to criticize the sales tactics of firms that use hyperbole to scare customers into overpaying for security products. The Conficker incident appears to a be a classic example of FUD.”

I’m all done with this week and I’m going to paint eggs.

For an Easter treat, identity theft speaker Robert Siciliano provides you with a hilarious rare glimpse of someone he loves walking for the first time. (I am human, you know.)

And a big THANK YOU to uni-ball because I cant do what I do without them. I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.