Data mining (deep data analysis) — a collective term used for a set of methods for detecting previously unknown, unusual, interpretable and practically useful knowledge in arrays of data that can be used for making decisions in various fields of human activities.

It’s common knowledge that complete privacy in today’s world is a utopian concept: our names appear in different kinds of lists and reports on a daily basis. We pay for goods and services with credit cards, use mobile phones, buy tickets… And when it comes to the Internet, we leave a colossal number of tracks: from the addresses of visited pages to search engine queries – everything can be intercepted, logged and stored in a single database.

The primary purpose of data mining lies in the analysis of huge amounts of data in such databases (involving special analytical patterns).

For instance, there is nothing suspicious about money being transferred from one account to another. Or about somebody buying a plane ticket to a large city. Or buying a large shipment of fertilizers. Or, let’s say, buying a kitchen timer or several cheap mobile phones from an online store. However, if all of these purchases were made by a single person, the local anti-terror force should definitely take a closer look.

It would seem that combining so many heterogeneous pieces of information is an immensely complex task. However, such a system is absolutely possible and may have been in operation for some time now.

The Total Information Awareness program was developed by the Pentagon from 2002 through 2003 and was aimed at detecting suspicious behavioral patterns. Following a number of public protests, it was renamed to Terrorism Information Awareness (TIA) and became nearly completely confidential. The report of the Department of Homeland Security mentions three active programs of this type. Similar solutions are being developed by other countries as well: China, the United Kingdom, Israel and Germany.

The legitimacy of such analysis is a matter of harsh public debate and none of the parties has been able to decide whether security is more important than privacy (or vice versa). And while the debate is in full swing, data collection and analysis are booming on the Internet – the Law hasn’t fully set foot on this land yet.

Companies working in the internet security business have been conducting annual research for several years on data protection in organisations. Their reports show that fro 2008 to 2011 the situation has changed significantly. Theft and leaks of secret information have massively increased.

At the same time hackers are attacking corporate web sites more often, successfully stealing company secrets. There are specific reasons for this.

1. Data is saved on devices difficult to make secure.

With the development of mobile technologies and wireless communication systems employees of large companies are becoming more interested in accessing their work information using mobile devices (telephones, smartphones, tablet computers, laptops). It is extremely difficult to protect such devices from even simple theft, even though they often contain important corporate information.

2. Workplace remote access systems.

These are becoming more popular, and they are much simpler to break into than internal closed corporate networks.

3. Use of cloud services for storing information.

Corporate cloud systems often lack the necessary security and there is a high risk of losing information stored there. In addition such systems are often located outside the reach of company specialists (hosting in other countries), which makes it harder to organise the appropriate security measures.

4. High demand for corporate data.

The significantly increased demand and high cost of such services encourages hackers to attack company networks. Hackers can easily sell stolen marketing statistical data or development codes for new software at a high price.

5. Incorrect response to discovered vulnerabilities.

In many cases companies do not even realise that information has been stolen. Moreover, only half of companies who discover information leaks try to restore and improve their security system. Only 30% turn to network security consultants and experts.

Experts recommend, as a precautionary measure, that companies strictly control the staff members who have access to secret information.

It is necessary that mobile devices are carefully controlled with, at the very least, password protection.

Information on internal computer systems (and also the stored information) should not be given to people who have no relation to the company’s security services.

January is the time to look back at the previous year and study predictions from experts for the coming year. The field of information security is not an exception.

A large developer of solutions in this field. the company Stonesoft (Helsinki, Finland), has prepared a report on upcoming threats based on data analysis for several recent years.

Stonesoft experts, who have 20 years experience in information security, have compiled a list of the most likely trends for this year:

• Viruses are expected to appear for Apple systems.
• The number of attacks on social networks will increase, including attempts to hack user accounts.
• «Information wars» are expected, attacks aimed at government bodies for political and financial reasons.
• There will be an increase in the number of attacks on companies for financial benefit, including using social engineering methods.
• There is also a possible increase in the number of Stuxnet like attacks on important sites.
• A possible target may become mobile and smart phones.
• Viruses will become more complex in the search and use of system vulnerabilities, and carry out the task to «infect everything at any price».
• Developers of security systems will have to unite their efforts to search for methods to prevent attacks which use the recently discovered AET mechanism.

The Stonesoft Director for information security Joona Airamo believes that in 2011 the greatest threats will be logical extensions of the most important themes of 2010. These were the intellectual worm Stuxnet, advanced evasion techniques (AET) and, traditionally, social engineering.

The year of 2010 became a year of rapid growth of online fraud. Millions of computers were infected, dozens of new fraud schemes were used for the first time and millions of dollars were stolen.

The only decline in fraudulent activities could be observed among spammers: after a number of large botnets were shut down, spam traffic dwindled by around 10%.

The past year also demonstrated an entirely new term in information security – cyber wars – in action. Key government agencies experienced the consequences of intricate and highly complex massive attacks twice in 2010: a worm called Stuxnet attacked a nuclear power plant in Iran and “Operation Aurora” enabled its initiators to steal confidential data from the databases of major international companies.

In the majority of cases, users’ computers were infected in one of the following ways:

• Through social networks
• Through phishing sites
• Using 0-day exploits

Let’s take a look at the rating of the Top 10 most popular fraud methods used online in the past year (according to the data provided by antivirus companies):

1. Viruses designed for stealing account details in online banking systems.

Nearly all banks these days provide online banking services that are quickly gaining popularity. This is why users’ authorization details are a lucrative target for hackers and virus makers. So far, they have mostly targeted individuals, but it’s businesses that are threatened the most now, since their accounts usually contain considerably larger amounts. More »

It has been long known that it is possible to steal information from computers in a number of ways, including in ways that are quite simple to use.

A criminal can illegally obtain information by remote access to a computer (and download anything they want), or install on the computer monitoring software or hardware keyloggers, infect the computer with a virus, capture data using a sniffer or simply steal the computer itself.

However, technology does not stand still: information is regularly published on new methods of data capture.

For example, last year technology was successfully tested (margin of error was less than 5%) for recovering text entered by the user on their keyboard from a recording of noise issued by the keyboard. This means that data can be captured by a simple dictaphone, radio bug or directional microphone.

Another leakage channel comes from emanation issued by parts of the computer, including the keyboard (wired, wireless and on laptops). By taking and studying this emanation it is possible to recover all the text entered by the user.

These emanations have been studied for a long time. This is usually called “compomising emanation” or TEMPEST.

Several ways of capturing TEMPEST have been developed and successfully tested (and apparantly used by someone).

The most obvious method is radio capture on a determined frequency. By using special equipment capture distance is 20 metres and can even work through walls. While for capturing data in the same building all that is needed is an FM receiver with manual settings and a computer with a good sound card.

An experiment conducted in the institute Ecole Polytechnique Federale de Lausanne showed that this method has been put into practice, all of the 11 different studied keyboards were vulnerable to TEMPEST capture.

At the Black Hat USA 2009 security conference another capture method was shown using the electricity network. The keyboard cable is unshielded and therefore emits an impulse to the ground wire, and from there into the ground wire of the power supply system, which makes it possible to use this method, which is called “power line exploit“.

If the user’s laptop is not connected to the power supply (or too many are connected), then another capture method can be used: a laser is directed at the laptop’s body, a receiver captures the reflected beam and records its modulations caused by vibrations from pressings keys.

Recently, there have been more and more rumours concerning technology allowing for remote capture of not only data coming from the keyboard but also data from the monitor.

It is quite difficult to protect oneself from such methods. As an active defence various noise generators can be used, and as a passive defence shielding computer parts or the building as a whole.

Because of our incessant striving to automate as much as possible in our lives, elements of total control more and more often become their attributes. And as the technologies continue to evolve, the number of these elements grows as well.

Surveillance cameras

Modern video cameras are equipped with wireless modules for maximum mobility and instant transmission of captured footage to processing centers. Police authorities implement new automatic face recognition systems, systems capable of determining the number of passengers in a vehicle, alcohol level measurement systems and other automated solutions for face recognition and detection of non-standard behavior.
In European cities, video surveillance coverage is so extensive that every person is caught on 300 cameras every day.

RFID tags

RFID (Radio Frequency IDentification) is a method of automatic object identification that uses radio signals to read or write data to so-called transponders or RFID tags.

RFID tags were first used at military facilities and in the arsenals of secret services. Although initially intended for improved inventory management in stores (e.g Wal-Mart), they demonstrated great potential in human control and monitoring. They facilitate the task of tracking movement within controlled buildings and detecting behavioral deviations. Such technologies are successfully used in prisons, business centers and educational institutions.

Mobile phones

Due to the technical peculiarities of GSM phones, they are a convenient means of personal monitoring. A GSM carrier can always determine the location of a specific handset with acceptable accuracy and provide this information to the police or secret services, if necessary.

Besides, it’s hard to imagine a more acceptable place for a radio bug than a cell phone.

Starting from around 2006, when cell phones became sufficiently powerful and could finally access the Internet using broadband connections, the “spy” part of their functionality could be used by everyone, not just special services. A large number of monitoring, eavesdropping and spyware tools for mobile phones are now available on the market.

Computers

These days, virtually anyone can use computers for monitoring other people’s actions. A huge number of keyloggers and sniffers for intercepting Internet traffic (including wireless), viruses and other malware applications of this kind make the private life of PC users not so private at all.

On the global scale, we are all being watched by large Internet companies. For instance, search systems save all users’ queries to show better-targeted ads in their networks. However, it does not seem to be their only purpose.

Although many people already have several computers in the home, in the majority of families there is still just one computer. And often it is no longer the remote control, but rather the computer seat that causes those petty, but unpleasant, arguments.

This is not only linked to the computer’s increased role in our lives, but also to the fact that the needs, habits and skill levels are, as a rule, varied amongst different members of the family.

And the person who has to set up and maintain this computer must find a balance between two tasks:

• creating conditions whereby none of the users will be prevented from completing their tasks,
• protecting important files and ensuring long-term effective operation of the system.

The simplest solution that immediately comes to mind is to create different profiles for all users of the computer, with corresponding operating system access rights and tools.

Even this action, which does not take much time and has no cost, can have quite a good effect. But in practice, a number of problems continue to arise, and are best solved using third-party software. More »

Ironically, the realities of today’s Internet dictate the need for protecting children from it. These days, even adults cannot avoid the traps set on the global network, much less children.

The number of psychic, emotional, physical and financial threats that Internet users are exposed to is steadily growing very day.

Thousands of sites with content absolutely inappropriate for children’s eyes, erotic images and pornography, violence and all kinds of intolerance, spam and the already commonplace «adult» ads even on harmless mainstream sites, viruses and incessant attempts of scammers to steal your information or money — this is just a short list of things that are all over the Internet and finding them is not a problem at all.

What programs can parents use for restricting children’s access to unwanted content? There are several approaches to solving this problem:

• Protecting using integrated OS and browser functions.
• Using a special module of a paid anti-virus tool.
• Restriction on the Internet provider’s end.
• Using activity monitoring programs.
• Using specialized software (free and commercial).

Let’s take a look at these methods in more detail and considering the license costs involved. More »

The human factor has always been and will probably always be the weakest link in corporate security. At the same time, the larger a company is, the more expensive its know-how’s are the harder it is to prevent leaks into the outside world.

How can you protect your company from such risks without breaking the law and losing the common sense?

As a rule, the task of providing corporate security is broken into two discrete components:

• monitoring of outbound communications,
• employee monitoring.

Depending on the methods chosen for fulfilling these tasks, they can be handled by the company’s management team, the IT department, the internal security service or the HR department. More »

According to the recent statistical researches 75% of Internet users under the age of 14 go online without supervision of their parents, and 50% are faced with various dangers on the Internet.

The Internet is a great tool for child enlightenment but for obvious reasons it’s usage requires a mandatory supervision by the parents.

Most often children are facing the following dangers on the Internet:

• Viruses (and other types of malware).
• Visiting inappropriate sites (pornography, gambling, violence, etc.).
• Contacts with the fraudsters, extortioners or pedophiles (in forums, chat rooms or social networks, IM, e-mail).
• Disclosure of personal information (home address, time and place of walking, working hours of parents).

What can be done to reduce the possibility of such problems?

Create for a child a separate account (the user) in your operating system. This will simplify your further control and setting the limits. Do not forget to set a secure password for other computer accounts.

Explore software solutions for parental control.

• If you are using Microsoft Windows Vista or Windows 7 make sure to explore the possibilities of built-in Parental Control software.
• If you are using Kaspersky Internet Security antivirus, then use its «Parental Control» module.
• You can also use our Refog Time Sheriff program specially designed for this purpose.

You can find detailed instructions for setting up these programs in their reference materials or on the Internet.
And finally, the most important: since the very first day spent by your child on the Internet try to be near him/her and explain how to use this tool properly.

Be sure to explain the following:

• Under no circumstances a child should disclose anyone on the Internet its personal data (home address, school and class, time of walking and working hours of parents, etc.)
• On the Internet a child should follow the same rules and standards of morality as in real life.
• On the Internet people can easily impersonate other people, so it’s strongly forbidden to meet with someone from the Internet.
• Not everything that is written on the Internet is true. It’s necessary to learn how to carefully verify all information found.

Remember, education and safety of your children are closely linked and are in your hands. Observe, guide, teach, defend — and you will not doubt the safety of your children.