Jointly sponsored by a consortium of private and public agencies composing the National Cyber Security Alliance, the Alliance is being promoted by such computer related giants as AOL, AT&T, Cisco, Computer Associates, the Department of Homeland Security, the Federal Trade Commission (FTC), Infragard, Microsoft, Network Associates (McAfee), Symantec (Norton), Trend Micro, MCI Worldcom, the U.S. Chamber of Commerce, and other agencies and organizations. The Alliance has created a website at www.staysafeonline.info (note the domain .info) to promote its programs, and encourage common citizens to harden their computers to attack.

I strongly encourage all readers of this column to go to the staysafeonline.info website and utilize its resources. Also, encourage friends, family, and coworkers to go there also such that they will have the opportunity to follow the guidelines listed to protect their computers.

It is no longer just an issue to protect personal computers from the ravages of viruses, worms and Trojans; it has now become an issue of national security and crime prevention that we all must participate in. No longer do viruses simply try to damage our computers; they now can bear payloads that will steal our identities, and launch simultaneous Denial of Service attacks on our critical infrastructure. Also by securing our computers, we become less likely to become a victim of identity theft.

For those who may be skeptical that our personal computers accessing the internet by dial-up or with broadband can be hijacked by some terrorist and used against our infrastructure, I must inform you that there is overwhelming proof that this scenario is not just plausible, but is likely to occur again. Notice that I said again, as there have already been many coordinated cyber attacks on our critical infrastructure. We only have to recall the billions of dollars in damage and the gross inconvenience caused by such nefarious demons as Code Red, MS Blaster, and others, which effectively shut down large parts of our economy and wreaked havoc on targeted systems. ATM machines, the power grid (remember last years great northeast blackout?), air traffic control, military and government networks, the 911 emergency communication system, and other vital centers have already been cyber attacked, and will certainly become targets again. The reason our personal computers are being targeted by cyber-terrorists is that we, as free individuals, often lack the sophistication and resources to protect ourselves. It is already well know in security circles that the several variants in the mass of rapidly spreading viruses and worms now in common circulation, can launch coordinated attacks on specific networks. These attacks will be difficult to fight without shutting down or curtailing the necessary services being provided, which implies a victory for the terrorists.

Since these attacks are coming from hundreds of thousands of personal computers, you and I may be the final source of attack, if our computers are not properly secured. I recently spoke to some MIS classes at the College of Business at Lamar, and by show of hands I found that a large portion of these educated and bright individuals are not adequately protecting their home computers from attack. Most do not have firewalls (software or hardware designed to make it difficult for illicit data to enter or leave the machine), most do not update their antivirus software at least daily, and very few used secure passwords. Speaking to other groups and organizations, this trend of insecure computing appears to be more the rule, rather than the exception. It is for this explicit reason that we celebrate National Cyber Security Day. In my opinion, every day should be National Cyber Security Day!

As has been written previously in this column, here are the 10 common sense steps to cyber security, as listed by the Alliance:

1. Use protection software "anti-virus software" and keep it up to date.
2. Don't open email from unknown sources.
3. Use hard-to-guess passwords.
4. Protect your computer from Internet intruders -- use "firewalls".
5. Don't share access to your computers with strangers. Learn about file sharing risks.
6. Disconnect from the Internet when not in use.
7. Back up your computer data.
8. Regularly download security protection update "patches".
9. Check your security on a regular basis. When you change your clocks for daylight-savings time, reevaluate your computer security.
10. Make sure your family members and/or your employees know what to do if your computer becomes infected.

While these steps are basic and minimal, there are some enhancements that we must all comply with. First, we need to update our antivirus software at least daily, as new threats are appearing at a record rate and spreading rapidly. Almost all recent viruses are being sent from contaminated computers that have our email address in their address books, so many of the new viruses and worms will ONLY come from people we know. Also, many of the new viruses, as well as the Pfishing scams discussed in an earlier column, will appear to come from Microsoft, EBay, PayPal, our local bank, or other known entities. NEVER reply to an email giving your account numbers, passwords, social security number, or other personal information. Many of these scams have created authentic looking websites intended to steal your identity, and drain your accounts; do NOT fall for them! Reputable organizations will NEVER ask for that information by email.

Known terrorists have been identified as identity thieves for reasons other than stealing your money can you imagine what they might do with your identity?

For more information on the Tulsa Computer Society click here