If you get a call from someone claiming to be a local court worker claiming you failed to report for jury duty, and you haven’t been asked to serve, red flags should go up in your head immediately, state officials warn.
According to a consumer alert from the office of Tom Gallagher, the state’s chief financial officer, the caller tries to put the victims off-guard by saying an arrest warrant has been issued. When victims say they never received a jury duty notice, the scammer asks for personal information to check their records.
You know, I am amazed how often these things happen. It’s not that hard folks. Just verify their story. If some one calls you claiming to be from the Court, how about getting their name and information and calling the courthouse back? You can even play it off. Say that you are on the other line, and you need to take a message. Take the message and check it out.
I was interviewed for a security position that I did not get awhile back. I am not certified in computer security, and honestly, I do not see the reason to get certified. It’s just common sense to me. One of the topics that was brought up in the interview was single firewall crust defense vs a layered defense.
A crust defense is when you have a defensive measure at the gateway. Sort of like a sentry that watches all traffic coming and going. A layered defense is when you have that sentry, but also have guards patrolling around inside as well. In computer speak – a crust defense would have a firewall at your connection to the rest of the world. A layered defense would have that firewall, and also firewalls on all of the machines inside of the network, and firewalls on connections to other remote sites internal to your network.
Layering works well when you switch up the firewall vendors as well. For example – have brand X at the gateway, and then brand Y at all internal connections and brand Z on your machines. If any one of the brands develops a problem, you are still safe. Also, if a hacker cuts through your first layers of defense, give him another problem, rather then just more of the same.
I don’t know if I am special or not, but that just makes sense to me. The more layers of defense that the bad guys have to get through to get to your stuff the better. Security really is no more then common sense taken and applied to real world problems.
Sometimes it seems like the people in charge of homeland security spend too much time watching action movies. They defend against specific movie plots instead of against the broad threats of terrorism.
We all do it. Our imaginations run wild with detailed and specific threats. We imagine anthrax spread from crop dusters. Or a contaminated milk supply. Or terrorist scuba divers armed with almanacs. Before
long, we’re envisioning an entire movie plot, without Bruce Willis saving the day. And we’re scared.
Psychologically, this all makes sense. Humans have good imaginations. Box cutters and shoe bombs conjure vivid mental images. “We must protect the Super Bowl” packs more emotional punch than the vague “we should defend ourselves against terrorism.”
The 9/11 terrorists used small pointy things to take over airplanes, so we ban small pointy things from airplanes. Richard Reid tried to hide a bomb in his shoes, so now we all have to take off our shoes. Recently, the Department of Homeland Security said that it might relax airplane security rules. It’s not that there’s a lessened risk of shoes, or that small pointy things are suddenly less dangerous. It’s that those movie plots no longer capture the imagination like they did in the months after 9/11, and everyone is beginning to see how silly (or pointless) they always were.
We need to defend against the broad threat of terrorism, not against specific movie plots. Security is most effective when it doesn’t make arbitrary assumptions about the next terrorist act. We need to spend more money on intelligence and investigation: identifying the terrorists themselves, cutting off their funding, and stopping them regardless of what their plans are. We need to spend more money on
emergency response: lessening the impact of a terrorist attack, regardless of what it is. And we need to face the geopolitical consequences of our foreign policy and how it helps or hinders terrorism.
Too often people get caught up in the minutia of security. The banning of pointy objects on planes, or installing a ‘$100,000 ASIC-based turbo-stateful packet-mulching firewall‘. They miss the secretary sitting two cubes down that just got a call from ‘Ted’ in at the Help desk and gave him her password and login information, not to mention her Social Security number and home address. They miss the bus with a bomb in it because they are worried about protecting airports.
Any time that you declare that you only have to protect this point in space, there will be others that look for other ways in. To be truly secure, we need to step back, and take a broader view.
For example – take my home network. I have a firewall at my gateway. I also have a firewall running on every machine that is on the network. I am not really concerned with virus attacks, but I run a program to sweep my machines free of virus infestations every night. I make backups of my information onto multiple computers.
If I followed the views of some, I would simply put a firewall on my gateway and call it good. Not good enough. I value my data, and my time.