In the end, it won’t be terrorists or a nuclear holocaust that do us in, it’ll be some dumb e-mail that YOU opened.
Imagine if you could take control of every Windows-based computer in America. Even if your control were limited to something simple like turning them off or blocking basic web access, you would be wielding remarkable power. Everything from air traffic control to communications networks to emergency services and military operations rely in some way on Windows. This may sound like a hackneyed plot for an 80′s “cyberwar” movie, but is it? You’ve almost certainly heard about how Chinese hackers managed to hack Google because of security flaws caused by the US government, and more recently about how the Iranian government claimed to crack down on US-backed cyber activists. Or how the hilariously named Russian hacker group the Russian Business Network is back in business, allegedly nailing Citigroup for millions of dollars. Or how last year’s Conficker worm created a 12 million computer botnet. Maybe you think this sort of thing won’t happen to you because you keep your anti-virus updated, or that if there were really something to be paranoid about, it would make the news. Well, the fact is, it’s estimated that 89% of corporate security breaches go unreported, and it’s fairly common (but under-reported) knowledge that financial institutions are routinely blackmailed by hackers, based on the idea that the payout is cheaper than a consumer “run” on the bank. I have to admit I felt fairly safe until just recently, when I found my system was compromised by Conficker payloads. This little worm supposedly died out last year, but is still apparently on the loose, doing who-knows-what. I was especially stunned by getting it; my system runs AVG Antivirus, MalwareBytes, Spybot, and Ad-Aware, is behind a firewall, and I NEVER open unknown attachments or files without first scanning them. So how did it happen? My best guess is that when I helped a client with their malware-infected, internet-disabled laptop, it hopped on a thumb drive on its own, and jumped onto *my computer on its own. Who knows; the fact is that none of my existing protection caught it, and I had to resort to some pretty savvy rootkit detectors to reclaim my system. After spending hours researching and fixing the problem, I’m utterly unconvinced that I’m in the clear; I still have to do a huge backup, reinstall, and make sure my backup files aren’t infected. Why? Because as Microsoft itself put it way back in 2005, when it comes to rootkit infections: Be Afraid, Be Very Afraid. So what can you do? Well, if you’re an idiot, you could argue that one should switch to a Mac (don’t get me wrong, I use both, and love my Mac), but that is simply not true. The fact is, we’re doomed. You may as well kick back and watch the tech apocalypse unfold.