Professor Alan Woodward, who advises the government and several FTSE 100 companies on security related matters, highlighted a collection of urban myths which need to be dispelled.
“I cannot be infected simply by visiting a website”
Woodward confirms one of the most common misconceptions – that a user cannot be infected simply by visiting a website.
“Reputable sites present no threat”
Next he addressed the myth that reputable sites will not contain malicious code. Woodward explained that many sites which allow visitors to comment on news posts or review products leave themselves open to exploitation.
“With webpages often being an amalgamation of content drawn from various sources, it is very difficult for webmasters to close all the loopholes,” he explained on bbc.co.uk.
“My computer contains nothing of value”
Many users claim their computer contains nothing of of any real value but Woodward says this could not be further from the truth. Something as simple as an address book is manna from heaven to a cyber criminal looking for an effective way to spread infected code.
According to computerweekly.com, figures from Infosec 2013 found that the cost of cyber breaches had increased three-fold in the past year. Figures coming out of Symantec also reveal that there was a three-fold increase in the number of attacks on small businesses too.
Professor Woodward believes that society still has some way to go to fully understand computer security but he says the threat is very simple to understand.
“All computers, if connected to the internet, are vulnerable,” he concludes.
If you are unsure whether your defences measure up, you may wish to consider our APT (Advanced Persistent Threat) assessment service to exam your internet traffic for a few weeks. This would trap the hosts calling back home to the nefarious website and, as it does not rely Anti-Virus product signatures, instead using traffic analysis to determine the threat, you can detect zero day attacks. Call 020 7621 7836 for details, or email us at firstname.lastname@example.org. Alternatively, we also provide a broader reaching service, ‘Cyber Threat Assessment’, that looks to measure your defences against all ingress points across your organisation.