How to Stay Informed about Cyber Attacks

By Woody Leonhard

How can you stay informed about cyber attacks? When you rely on the evening news to keep yourself informed about the latest cyber attacks, you quickly discover that the mainstream press frequently doesn’t get the details right. Hey, if you were a newswriter with a deadline ten minutes away and you had to figure out how the new Bandersnatch 0day exploit shreds through a Windows TCP/IP stack buffer — and you had to explain your discoveries to a TV audience, at a presumed sixth-grade intelligence level — what would you do? Check out reliable sources to get information about cyber attacks.

Relying on reliable sources to find information about cyber attacks

Fortunately, some reliable sources of information exist on the Internet. It would behoove you to check them out from time to time, particularly when you hear about a new computer security hole, real or imagined:

  • The Microsoft Security Response Center (MSRC) blog presents thoroughly researched analyses of outstanding threats, from a Microsoft perspective.

    The information you see on the MSRC blog is 100-percent Microsoft Party Line — so there’s a tendency to add more than a little “spin control” to the announcements. Nevertheless, Microsoft has the most extensive and best resources to analyze and solve Windows problems, and the MSRC blog frequently has inside information that you can’t find anywhere else.

  • SANS Internet Storm Center (ISC) pools observations and analyses from thousands of active security researchers. You can generally get the news first — and accurately — from the ISC.

Take a moment right now to look up those sites and add them to your Firefox or Chrome Bookmarks or Edge Favorites. Unlike the antimalware software manufacturers’ websites, these sites have no particular ax to grind or product to sell. (Well, okay, Microsoft wants to sell you something, but you already bought it, yes?)

From time to time, Microsoft also releases security advisories, which generally warn about newly discovered 0day threats in Microsoft products. You can find those, too, at the MSRC blog.

It’s hard to keep all the patches straight without a scorecard. An exhaustive list of patches is maintained along with their known problems and also the Microsoft patches of the patches (of the patches) on www.AskWoody.com. They are written about frequently in Computerworld, and tweeted about all the time @woodyleonhard.

Ditching the hoaxes to avoid cyber attacks

You’ve probably heard of one of these hoaxes:

  • “Amazing Speech by Obama!” “CNN News Alert!” “UPS Delivery Failure,” “Hundreds killed in [insert a disaster of your choice],” “Budweiser Frogs Screensaver!” “Microsoft Security Patch Attached.”
  • A virus hits your computer if you read any message that includes the phrase “Good Times” in the subject line. (That one was a biggie in late 1994.) Ditto for any of the following messages: “It Takes Guts to Say ‘Jesus’,” “Win a Holiday,” “Help a poor dog win a holiday,” “Join the Crew,” “pool party,” “A Moment of Silence,” “an Internet flower for you,” “a virtual card for you,” or “Valentine’s Greetings.”
  • A deadly virus is on the Microsoft [or insert your favorite company name here] home page. Don’t go there or else your system will die.
  • If you have a file named [insert filename here] on your PC, it contains a virus. Delete it immediately!

They’re all hoaxes — not a breath of truth in any of them. Fake news that’s really and truly fake.

Some hoaxes serve as fronts for real viruses: The message itself is a hoax, a red herring, designed to convince you to do something stupid and infect your system. The message asks (or commands!) you to download a file or run a video that acts suspiciously like an .exe file.

This doesn’t mean YouTube videos, or Vimeo, or links to any of the other established video sites. Steer clear of attachments that appear to be videos, but in fact turn out to be something else. If you tell Windows to show you filename extensions, you have most of the bases covered.

Other hoaxes are just rumors that circulate among well-intentioned people who haven’t a clue. Those hoaxes hurt, too. Sometimes, when real worms hit, so much email traffic is generated from warning people to avoid the worm that the well-intentioned watchdogs do more damage than the worm itself! Strange but true.

Do yourself (and me) a favor: If somebody sends you a message that sounds like the following examples, just delete it, eh?

  • A horrible virus is on the loose that’s going to bring down the Internet.
  • Send a copy of this message to ten of your best friends, and for every copy that’s forwarded, Bill Gates will give [pick your favorite charity] $10.
  • Forward a copy of this message to ten of your friends and put your name at the bottom of the list. In [pick a random amount of time], you will receive $10,000 in the mail, or your luck will change for the better. Your eyelids will fall off if you don’t forward this message.
  • Microsoft (Intel, McAfee, Norton, Compaq — whatever) says that you need to double-click the attached file, download something, don’t download something, go to a specific place, avoid a specific place, and on and on.

If you think you’ve stumbled on the world’s most important virus alert, by way of your uncle’s sister-in-law’s roommate’s hairdresser’s soon-to-be-ex-boyfriend (remember that he’s the one who’s a really smart computer guy, but kind of smelly?), count to ten twice and keep these four important points in mind:

  • No reputable software company (including Microsoft) distributes patches by email. You should never, ever, open or run an attachment to an email message until you contact the person who sent it to you and confirm that she intended to send it to you.
  • Chances are very good (oh, 99.9999 percent or more) that you’re looking at a half-baked hoax that’s documented on the web, most likely on the Snopes urban myths site.
  • If the virus or worm is real, Brian Krebs has already written about it.
  • If the Internet world is about to collapse, clogged with gazillions of email worms, the worst possible way to notify friends and family is by email. D’oh! Pick up the phone, walk over to the water cooler, or send a carrier pigeon, and give your intended recipients a reliable web address to check for updates. Betcha they’ve already heard about it anyway.

Try hard to be part of the solution, not part of the problem, okay? And if a friend forwards you a virus warning in an email, do everyone a big favor: Shoot him a copy of the preceding bullet points, ask him to tape it to the side of his computer, and beg him to refer to it the next time he gets the forwarding urge.