Increasingly sophisticated software, faster networks and online communication have brought many technological advances and benefits. However, with it have come increased security risks including many previously unknown ones as the bad guys harness this very same technology to further their evil ends.
Some of the more common threats and ways of overcoming them are:
Viruses – These are malicious software codes that cause undesirable effects on your computer. A virus is designed to spread itself without the knowledge of the computer user. A computer may become infected through downloads from the internet using CD’s or disks with infected programs or from other computers on the network. Another extremely common way viruses spread is through infected email attachments. Given the many modes of transmission viruses are clearly a threat online as well as offline. The old adage “Prevention is better than the cure” is particularly true in the case of computer viruses. You can save yourself a whole heap of trouble and countless hours of misery by avoiding infection in the first place rather than trying to repair the effects of viral infection. Some simple rules can help you achieve this:
1. Install a reliable and reputable anti virus software and run regular scans. Preferably have the scan run on boot up.
2. New computer viruses are created everyday. Ensure that your anti-virus software is kept up to date with the latest virus definitions.
3. Do not download software from questionable or unknown sources. Always scan software using your anti-virus software before executing or installing on your computer.
4. Do not open email attachments from unknown senders. It is best to use an anti-virus software that automatically scans your email and can warn you if any threats are detected.
Worms – These are a type of virus which replicates itself and takes control of computer resources. The main distinction between a worm and other viruses is that a worm does not necessarily have to live within a host program and can run itself.
Trojans – these are malicious programs that masquerade as something useful thereby enticing the computer user to execute them and unleash their nasty payload.
Spyware – these are programs usually installed secretly along with other software whose purpose is to capture information about the computer user, the computer installation and other sensitive information about computer usage. This information may then be transmitted to a third party either by email or through the software “calling home” to transmit information to a remote website. Depending on the nature of information collected and transmitted this could pose a serious security risk.
Adware – propagated in a manner similar to spyware, these programs serve to pop up advertisements on the user’s internet browser or desktop. These programs too may capture information about the user’s browsing or purchasing habits so that advertisements may be tailored to suit.
Keyloggers – These are programs that record keystrokes entered through the keyboard and then secretly transmit this information to a third party. Naturally this can expose passwords, credit card details and other important information.
Control of worms, trojans, keyloggers, spyware and adware is achieved using similar strategies to those adopted for viruses, namely using appropriate anti-virus software including spyware and adware scanners and avoiding executing programs obtained from unknown sources.
Hackers accessing and taking control of a computer is another serious risk especially today with the widespread use of “always on” broadband internet. Hackers may exploit vulnerabilities in legitimate software or use trojans or viruses they have implanted to gain control of a computer which they can then use for sending unsolicited commercial emails (spam) or for other illegal activities. The idea here is to shield the perpetrator from detection as the illegal activity appears to originate from the computer they have taken control of.
In order to minimize risk of hacking attacks it is important to ensure that software used including the operating system is kept up to date by installing all vendor supplied updates and upgrades especially critical and security related updates. An effective firewall is another vital defence against unauthorized access by third parties. A firewall could be installed on the modem used to connect to the internet or as a software program that runs on the computer. The firewall serves to control who and what programs are allowed to accept or make connections with the internet. A firewall can also be useful in detecting and controlling programs like keyloggers which attempt to call home.
Phishing is another security phenomenon that has seen an alarming increase in recent years. Criminals are employing increasingly convincing and sophisticated means of sending emails which appear to originate from legitimate websites. However, links in these emails actually lead to websites controlled by them where they can capture valuable personal information such as logins and passwords. This is commonly used to cheat unsuspecting users by tricking them into revealing online bank login details etc. The golden rule in dealing with phishing attempts is to treat all emails which request personal information with at least skepticism if not suspicion. Never click a link in an email and enter login information or other personal information as the ultimate destination of that link may be cleverly concealed. When logging into online banking sites for instance always type the address in the browsers address bar. It is also important to pay attention to security features on webpages where sensitive information is input. A webpage address that starts with https: and shows a padlock symbol is secure. This means that any information transmitted from that website is encrypted and is therefore not at risk if intercepted.
There are offline risks to your computer as well. For instance it is important to select strong passwords which cannot easily be guessed. Ideally they should be at least 8 characters long and not consist of a regular word or name and comprise a combination of numeric and non-numeric characters. The strongest password would serve no purpose however, if a hacker is able to get you to disclose it to him. It is important to always be on the look out for social engineering attempts which aim to get you to unknowingly or knowingly reveal sensitive information such as passwords.
Needless to say physical security of your computer is also vital. The best antivirus software and firewall will not protect a laptop left in full view in an unlocked car! Maintenance and adequate care of hardware should not be neglected either. Regular backups stored in a location away from your principal computer and uninterruptable power supplies are good ideas to protect the integrity of your hardware and data stored thereon.
Perhaps the only way that comes close to completely eliminating every possible risk to your computer is to never turn it on and store it in a locked vault! However, even that may not work one hundred percent of the time. Nevertheless, it is possible to minimize your risk to an acceptable level by following common sense and adopting some of the simple rules discussed above.