For the past 7 years Microsoft has released security patches for their products on the second Tuesday of each month. Following tradition, Microsoft just issued its largest security patch ever on October 12th, Patch Tuesday. Let me say again that this is the largest patch ever from Microsoft. A total of 49 vulnerabilities are fixed with 16 patches and this far exceeds the previous record of 34.
One of the most notorious exploits, that was mostly fixed, was the Stuxnet virus. This is the virus that attacked the Bushehr nuclear power plant in Iran earlier this year. I think it was a mistake when we coined the word “virus” to describe these attacks. We forget that what we call a virus is a direct attack by an individual or group. It’s almost as if we accept virus activity like we would accept having a cold. Make no mistake, this virus is not about a few stolen credit card numbers. There is a war going on. There are good guys and bad guys. The good guys are called “White Hat Hackers”, the bad guys are called “Black Hat Hackers”, and they are locked in mortal combat.
The introduction of the Stuxnet Virus changed the game. It amazed and horrified all the current experts. The attack on Bushehr was and still is, a big deal. The Stuxnet virus attacked a physical plant, and a nuclear plant at that. No longer a simple attack on software but a full blown attack on hard objects.
This absolutely marks the beginning of a new era. The beginning of digital strikes against physical targets. The results can be the same as if someone dropped a bomb on your city .
Stuxnet took months of preparation and a level of expertises that was previously unknown. A bag of new tactics that infected without internet connections, without the click of a button. The sophistication was staggering. There’s little doubt that the attack was the work of a well trained group or nation and not the work of individuals.
Suddenly my monthly discussions with good friend and Apple user Bill R. seem rather unimportant. Now I realize that while protecting my computer is a must, it’s not the whole issue. The real issue is much bigger and much more ominous. The real issue is about the safety of nations and families. I’ve never looked to see where or how many nuclear plants were in the US, but a quick Google search let me know that unless I move to Oregon or North Dakota, I’ve got every chance of glowing like a light bulb if someone decides to launch a similar attack in the US.
WHAT TO DO
1. Do your part and update immediately. Be sure to mark it on your calendar to updated every Patch Tuesday.
2. Purchase a good antivirus product. Find a product that doesn’t waste resources and slow your system to the point that you disable it. Find one that updates automatically and offers real time protection. Remember you’re only as safe as your most recent update. In fact, the most dangerous time is immediately after Patch Tuesday on Hacker Wednesday. The hackers take advantage of those who don’t update right away.
3. Continue to be cautious when receiving and opening email.
4. Avoid visiting Social Networks and unprotected file sharing sites. There is no protection when you intentionally click the download button. It’s up to you to decide whether the person on the other end is clear of infection.
5. Enjoy the protection that comes with Cloud Computing. It’s going to be one of the biggest shifts in how computing is done. Eventually all of your applications and programs will be kept on a server and not your computer. It’s the future and PC Pitstop is a part of it. All of our programs are in The Clouds. Get on board.