The variety of modern software we use for our work, jobs, hobbies, or just to good off and play games is astounding. Unfortunately, there’s a dark side in the form of malicious software, a.k.a “malware” – programs that are designed to spy on you, destroy your data, steal your personal information, use your computer to infect others or take over and turn your computer into an Internet zombie (“bot”).
Some do all of these. It used to be possible to classify malware into distinct classes such as viruses, worms, spyware, “back doors” and “Trojans”, but modern malware often combines the features of each class to the extent that putting it in a single category is impossible. If that weren’t bad enough, many malware programs now install “keystroke loggers” and other forms of spyware that are capable of secretly recording what you type, the programs and files you open, the mouse clicks you make and other actions that give a remote intruder an “over-the-shoulder” view of your computing activity. It’s important to know also that spyware can be acquired from sources that are not normally thought of as malware. Clicking on links in commercial websites, for example, can sometimes lead to download and installation of software (such as DoubleClick) that tracks and reports your online buying patterns. Many “free” peer-to-peer filesharing programs install a variety of spyware for similar purposes, and they even tell you they’re doing it – if you take the time to actually read the licensing agreement before clicking “Agree” to install. Free “toolbars” and “accelerators” are also a prime source of spyware. Besides putting your computer and your personal data at great risk of compromise, spyware also tends to collect like engine sludge, slowing things down to crawl.
Over the last decade, however, the primary source of malware has been, and continues to be infected e-mail attachments. It’s simply a bad idea to click on and open an e-mail attachment unless you’re absolutely sure you know who sent it to you, why they sent it to you and what the attachment contains. Even if it’s your mother sending you a “cute” cartoon or animation she downloaded off a website, it may carry a virus or other destructive payload. And even worse, your mom’s computer is undoubtedly already infected.
To combat malware there are three essential tools you need to have and use religiously. First, make sure your computer is running anti-virus software, and that you are updating it regularly (meaning, daily). Most major anti-virus programs allow you to update virus “signature” files automatically, so as long as your computer is turned on the anti-virus software will have access to the most current virus definitions to check for. Most users using Symantec Anti-Virus (SAV). Be aware, though, that anti-virus software is not “bullet proof”. Sometimes new viruses emerge and spread before the anti-virus vendors can analyze and develop an “antidote” for immediate distribution. And of course, if you get out of the habit of updating regularly, it’s almost like not having anti-virus software at all.
The second major tool to defend against malware is a personal firewall. This is a program that acts as a sort of “gatekeeper”, deciding what network traffic may pass into and out of your computer. Both Windows (XP/Vista) and Mac OS X come with built-in firewall applications that are very good, though not quite as capable as inexpensive commercial programs such as Zone Alarm or BlackIce Defender. Although the default settings on most personal firewalls will permit the sort of normal activity (e-mail, web browsing, etc.) that most users engage in, it may become necessary to tinker with the firewall settings to, for example, allow a new program you’ve installed to communicate across the network as intended. For this it may be helpful to you to acquire a basic understanding of computer “ports” and protocols, but your Local Support Provider (LSP) or Information Technology Advisor (ITA) can also be a valuable source of help in managing your personal firewall. As with anti-virus software, though, a firewall is not 100% effective, but the more effort you put into monitoring and maintaining it, the more valuable it will be to you.
The third major defense consists of one or more spyware removal tools. Because spyware is engineered and behaves differently than viruses and other malware, anti-virus software is generally ineffective against it. Not all spyware removal tools are equally effective against all kinds of spyware (and there are many), so most computing security experts recommend installation of more than one (but not more than three) such tools. As part of their Windows Update service, Microsoft does provide a free spyware removal tool.
While these tools give you essential protection against malware, the best defense in the end is your own common sense and judgment. Here are a few rules of thumb:
It’s OK to be a little paranoid – there really are people out there trying to get you, there really are dangerous websites, and there really is no “free lunch”. “Free” software almost always comes with some sort of hidden cost, and unless you have the knowledge and resources to thoroughly test such programs, downloading and installing them increases your vulnerability exponentially.
Read those EULAs – the End User Licensing Agreement, or the “contract” you’re required to agree to before the software will finish the installation process. They can be lengthy, and most people frankly don’t have the patience to scroll down through them and read what they actually say before clicking on the box that usually says something like “I Agree”. Particularly in the case of peer-to-peer filesharing programs, close inspection of the EULA often reveals that you are granting them permission to place spyware, advertising and pretty much anything else they want on your computer. You wouldn’t sign a contract to buy a house without reading it, especially if it granted the seller the right to come in and raid your fridge any time he wanted – why would you agree to a similar deal for your computer, your “Little House on the Internet”?
They’re watching you – you’re not just a “little fish” in the big Internet sea that the bad guys can’t see or don’t care about. Whether it’s your Internet-connected computer running on DSL or cable modem, you’re being scanned on a regular basis, i.e., many times daily, by “Internet burglars” who are performing the network equivalent of “casing the joint” – checking the locks, seeing if there are doors or Windows left open (pun intended) and looking inside to see what looks good. And make no mistake, most of us have valuable information on our systems such as Social Security Numbers, banking information, sensitive work data and more. And, for some of these “burglars” the goal is to break in simply to show that they can.
An unattended computer is a sitting duck – an intruder, or even someone in your office with a grudge against you may take the opportunity to install malware from a CD or USB “thumb drive” while you’ve left your computer unattended and without a password-protected screen saver. Keystroke loggers can also be physically attached devices (usually in-line with the keyboard cable), so it’s a good idea to occasionally inspect your computer, front and back, for devices you don’t recognize or recall installing.
Tags: crypto manager, malware, protection, securiry, software
