Information Security for E-businessmen: Just a Couple of Ideas
If you constantly deal with bank or electronic accounts, it must be
your worst nightmare--to wake up and learn that you are a bankrupt.
Some crook stole your personal data and all the money you have been
sweating blood for years has flown to somebody else's account. Almost
everybody must have heard that such a tradegy is called identity theft
and millions of people in the USA alone suffer the same every year.
Poor consolation for its victims, isn't it?
Unfortunately, businessmen frequently are targets for identity
thieves, especially online. Lots of articles on identity theft,
"how-to-avoid" tips, and scary stories about the victims circulate
through the Web and other media. The authors remind people again and
again that they should be cautious when giving anybody their private
info as well as care for their PCs' security. But in spite of all
their effort identity theft is still the most rapidly growing crime.
Software developers are doing their best, too. They can't be of much
help if somebody plainly looks over your shoulder and writes your
credit card number down. It's for you to take care and never reveal
your personal info to anybody who asks for it. What they can do is to
create new solutions to the urgent problems like data stealing.
Keylogging spyware--the very programs that make lots of such crime
possible--are pretty much written about lately. These programs
secretly monitor everything users do on their PCs.
Keyloggers are used--by themselves or as a part of a virus or a Trojan
-- much more widely than PC users think; it is an open secret that the
lion's share of identity theft that happens online is because of
keylogging spyware. The losses caused by stealing PINs, logins, and
other valuable data, are well comparable with the damage from viruses.
Actually, if a virus or a Trojan contains a built-in key logger module
(and it often does), the end user finds himself in a pretty tough
situation. The problem is that most anti-keylogging programs warn
users when it is too late. The data have already been captured and
sent. Why does it happen?
Almost all anti-spy software existing at the present moment works
using the same scheme: spy program is detected and then blocked or
eliminated. Detecting viruses or spy software is the crucial step of
the whole process--all the protection depends on whether the anti-spy
software is able to detect as many spies as possible. Signature bases
which all these products depend on, is actually the "list" of
signatures - small pieces of spy programs' codes. Anti-virus or
anti-spy program actually scans the system and compares its codes with
those in signature bases. So, in this case only the spies whose
signatures already are in the base will be detected and eventually
"caught". As long as anti-spy software is regularly updated and the
system doesn't come across some unknown spyware product, everything is
The problem is that lots of programs which could be used for stealing
data are not included into signature bases right now. Some of them
will never be.
There is good deal of people capable of creating something brand-new
spy, unknown to anti-spyware developers. The period of time when a new
spy already exists, but the updates have not been released yet, is the
very time when hackers make their biggest profits.
Spy programs can be created for the specific purpose, such as
industrial espionage, so they will never be represented in the base.
Moreover, some monitoring programs can be used as spy programs as
well, though they are not always included into signature bases. As we
can see, a signature base is the weak spot of anti-spy protection; it
is, so to speak, a joint in the armor. Information thieves also know
Fortunately, software developers are constantly looking for new
solutions. One of the new trends in anti-spyware developing is not to
use signature bases as means of detecting spyware. There is three
basic advantages in such an approach. First, the product gets rid of
its the least reliable part; second, there is no so urgent need for
updates anymore; and last, but certainly not least--the product
becomes capable of blocking the destructive activity of even unknown
spyware. To read more about this new approach follow the link in the
When products of such a kind become widespread, there would be much
more problems for hackers in future. However, there is no guarantee
that no innovative spy software appears in response.
Whether we like it or not, all malware "evolves" very quickly; new
schemes are being developed, and new software which online criminals
create and utilize becomes more and more malicious and "selective".
New keyloggers as well as keylogger-containing viruses and Trojans,
appear all the time; the losses these programs may cause to a business
are enormous. That is why in some businesses there is an acute need
for separate anti-keylogging protection.
Alexandra Gamanenko currently works at the Raytown Corporation, LLC -- an innovative software developing company company.
visit its website at