With limited budgets and few or no technical experts on staff, small businesses generally have weak security. Cyber criminals have taken notice. In 2010, the U.S. Secret Service and Verizon Communications Inc.’s forensic analysis unit, which investigates attacks, responded to a combined 761 data breaches, up from 141 in 2009. Of those, 482, or 63%, were at companies with 100 employees or fewer. Visa Inc. estimates about 95% of the credit-card data breaches it discovers are on its smallest business customers.

Read the whole article if you think it can’t happen to you but odds are that you have some network security and data protection problems that can be fixed very easily and you won’t need to go through all of the expensive remedies the gentleman had to go through.

Here are 3 simple things you can do to improve your small business information security:

Improve Your Password.

Far too many businesses do not enforce strict password guidelines which makes it easy for a hacker to get into your system. Passwords such as 1234, love, password and qwerty may seem cute and are easy to remember, but believe it or not, hackers know that people are too lazy to choose strong passwords. Click Here and see if you are smarter than a hacker. If your password is not on this list, congratulations, but hackers have lists of thousands of common words, names, dates, and products that they use to evade IT security. Why make it easy for them?

Strong passwords are at least 8 characters long and consist of a combination of capital and lower case letters, numbers and symbols. Instead of using your boyfriend’s name Jason, try using *JAson98! or (jAsOn98). Anyting is better than using a word anyone can guess.

And, for goodness sake, change your password every 3 months. This will help lock out anyone who has infiltrated your system. Remember to change your password after employees leave and delete their login accounts. Good terms or bad, if they no longer receive a check, they should not be able to gain access. I know of an ex-employee who threw out a folder of hand written notes which contained his username, password, email server, network login, IP addresses and enough information for anyone snooping in our trash to have root access to our entire network. I found the folder and shredded the documents. Do not leave sticky notes with the password on the monitor, under your keyboard or in your drawer. Everyone knows where to look.

Keep Your Computers Updated

The longer any software is available, the more time there is to find security holes in it and figure out ways to exploit them. Hackers have nothing better to do than sit around and find faults in software. As these exploits are discovered, the software manufacturers develop patches that close those holes and fend off unwanted intruders for a little while longer. be sure to do all software updates on all of your computers at least once a month.

Use Anti-Virus and Anti-Malware Programs

This is 2011. If you are not using a good anti-virus program then you deserve anything that happens to your data. In the article above, the gentleman had malicious software (malware) on his computer since 2009. This means he was not scanning his computers with updated anti-virus and anti-malware programs. There are free programs out there that will keep your system clean and automatically update themselves daily so you always have the latest patches for any new viruses.

Play an active part in your small business IT security program. It will save you more in the long run.

In 2009 it was estimated that 90% of all email is spam causing a huge strain on computer networks and hours of lost productivity.

John Leyden at The Register reports on the investigation one of the largest Botnet spammers ever:

FBI investigators have named a 23-year-old Russian as a prime suspect behind the operation of the infamous 500,000 Mega-D botnet, blamed for an estimated one in three spam emails prior to a take-down operation early last year.

Oleg Nikolaenko, a 23-year-old Moscow resident, was accused of violating US anti-spam and fraud laws in a sworn testimony by an FBI agent investigation the case, the Smoking Gun reports.

Webmail records from two Gmail accounts and financial transactions (via the ePassporte service) link Nikolaenko to the operation of the botnet, according to court paper submitted in a grand jury investigation.

The Mega-D zombie network was infamous as a prolific source of counterfeit prescription, herbal remedy and fake Rolex spam. A January 2009 takedown operation mounted by security firm FireEye hit Mega-D very
hard, drastically affecting spam output, which has returned but never to the same noxious levels.

Go read the whole thing.

The messages say “LOL is this you?” and are accompanied by a link that looks like it leads to a video on Facebook, one victim told CNET. In his case, clicking the link directed to a Web page with a “404-Page Not Found” error message and his account sent the spam out to at least one of his friends, he said.

via CNET

“The most significant discovery is that the attackers had selected employees at the companies with access to proprietary data, then learnt who their friends were,” the Financial Times reported. “The hackers compromised the social network accounts of those friends, hoping to enhance the probability that their final targets would click on the links they sent.”

“We’re seeing a lot more up-front reconnaissance, understanding who the players are at the company and how to reach them,” George Kurtz, chief technology officer at security firm McAfee, told the Financial Times. “Someone went to the trouble to backtrack: ‘Let me look at their friends, who I can target as a secondary person.’”

Watch out who you are chatting with and just like with email, don’t open anything unless you are sure it’s really from a friend.

Jaikumar Vijayan at Computerworld writes about a study of 32 million breached passwords:

A report released today by database security vendor Imperva Inc. serves as another reminder of why IT administrators need to enforce strong password policies on enterprise applications and systems.

Imperva’s report is based on an analysis of 32 million passwords that were exposed in a recent database intrusion at RockYou Inc., a developer of several popular Facebook applications. The passwords, which belonged to users who had registered with RockYou, had been stored by the company in clear text on the compromised database. The hacker responsible for the intrusion later posted the entire list of 32 million passwords on the Internet.

An analysis of that list provides the latest confirmation that a majority of users still don’t care about the strength of their passwords if they are left to choose them on their own.

You will never believe the most popular password is. Oh, wait… you probably can.

Two simple techniques could be used to strangle botnets, a security expert has claimed. First, block email port 25 by default. Second, tell users when they are spewing spam from compromised PCs.According to Trend Micro’s CTO, Dave Rand, who is leading a campaign to reform the way ISPs approach the matter of botnets and spam, the two countries that adopted such techniques, The Netherlands and Turkey, have seen a huge reduction in the numbers of botnetted PCs.

Go read it all and see that a little security can go a long way when dealing with spam.

I figured a good place to look for attackers is by Googling the most popular search terms of the day.  It’s been a while since I last researched search engine manipulation.  As expected it was quite easy to find high ranking search results for Haiti-related terms; the vast majority led to rogue antivirus malicious sites, similar to earlier blogs.  I did not come across any sites exploiting the recent zero-day IE vulnerability.  However, I did come across plenty of Clickjacking, but not just Clickjacking, they have incorporated Google Trends, Digg.com, Blackhat SEO, and Clickfraud as well.

Go read the whole thing to see how easy it is to get yourself duped.

Google announced Tuesday that it had been the target of a “highly
sophisticated” and coordinated hack attack against its corporate
network. It said the hackers had stolen intellectual property and sought
access to the Gmail accounts of human rights activists. The attack had
originated from China, the company said.

Minutes later, Adobe acknowledged in a blog post that it discovered Jan.
2 that it also had been the target of a “sophisticated, coordinated
attack against corporate network systems managed by Adobe and other
companies.”

Some researchers are not taking this sitting down and have taken the fight to the cyber-crooks in an attempt to slow the spread of malicious software throughout the Web.

Kelly Jackson Higgins @ DarkReading puts together a great read on what is working and what is not in this fight:

For the most part researchers monitor and study botnets with honeypots and other more passive methods. Then security vendors come up with malware signatures to help their customers scan for these threats. But some researchers are turning up the heat on the bad guys’ botnet infrastructures by taking the lead in killing some botnets: Aside from last weekend’s takedown by Neustar of Lethic, which is responsible for about 10 percent of all spam, FireEye last November helped shut down the MegaD botnet. And researchers at the University of California at Santa Barbara in May revealed they had taken the offensive strategy one step further by infiltrating the Torpig botnet, a bold and controversial move that stirred debate about just how far researchers should go to disrupt a botnet.

Back in 2008 after two major ISPs halted traffic to malicious hosting provider McColo, spam worldwide dropped around 70 percent because McColo had been the main home to most botnet command and control (C&C) servers.

Arbor Networks fills us in on the Lethic Spambot:

There’s another spambot afoot, and of its activities is to spam pharmacy and pill spam. We found it via the malcode in our zoo and the C&C traffic that we hadn’t characterized previously. AV coverage of the samples is modest. The botnet appears to be spamming the usual unwanted junk, and appears to be a medium sized botnet.

Give these guys and girls a hand for wading into this spam infested cesspool and doing the heavy work so we don’t have to.

Cheers!