Experts urge surfers, ISPs to guard against hackers

Experts have suggest 14 steps for Internet users to stave off electronic attacks, as well as 18 steps for service providers. They also say there are ways which enable hackers to exploit programs. 
Hani Al-Zaid, information security adviser and member of the board of directors of the Saudi Computer Society, said hackers have three motives for electronic attacks: political, military, personal or economic gains. 
He pointed out that electronic hacking can be done in three ways — hacking servers and devices of service providers; intercepting data while it transfers through the Internet and recognizing it by breaking its code, if it was coded; and intercepting personal devices and tampering with their information or using them to commit electronic crimes.
Al-Zaid made a number of suggestions for users to avoid electronic attacks that include ignoring emails from unreliable sources; not opening email files from unknown or unreliable sources, even if they were sent by a reliable source if the file type is not known; not opening emails from unreliable sources if the field of the subject is suspicious or unexpected; and deleting junk mail.
He added steps include using firewalls to protect devices and networks; refraining from uploading programs from anonymous sources; using solid anti-virus programs; keeping extra copies of your files; doing the necessary updates to the operating system; being sure of electronic sources before clicking on them; amending the security setting of the page to mid or high level; switching off Java Script; exiting websites correctly; and not allowing the program to remember the user name and password. 
He pointed out that service providers should abide by these steps, in addition to using IDS programs to reveal infiltrations and deal with it. Service providers should devise a comprehensive emergency plan and be trained to implement the appropriate steps in case of hacking attempts, prepare a comprehensive security policy and update the operating systems on a continuous basis. 
Information technology specialist Mishal Al-Khalifa said the majority of hacking attempts are done according to a certain methodology, and include a team of specialists in technical fields.
He said hacking teams implement seven steps that enables them to hack electronic websites.
Hacking starts with collecting information, surveying the security of the targeted website, finding loopholes and analyzing them, forming hacking teams and implementing the actual attack. He stressed that the success of these attacks depends on technical errors on the part of the programmers that enable hackers to find weak points in the website.
He said the majority of hacking incidents aims to break down service of the website and change the main page, similar to the recent Iranian attacks on Saudi websites. He added that hacking is done by an organized team for various purposes, that could be political or to support a certain cause.

Source: Arab News