It seems like only yesterday that the most harm a malicious virus could inflict was to delete files from the infected computer. However, malicious software (aka – malware) has grown into big business. Today, the goal of a malware designer is to infect millions of computers in order to achieve “command and control” which instructs the infected computers to “phone home” to a centralized command center. Once the infected computers have checked in, they start to accept and execute orders from their new leader. These instructions can be to create a coordinated attack on other systems on the Internet or to start logging keystrokes on the infected computers. These logged keystrokes can then be played back at any time. How often do you login into your bank’s website to manage your account? A keylogger on your system would capture that login and transmit the username and password back to the command center for analysis. It’s not hard to imagine how much money this information could be sold for on the black market.
It’s time to get serious about protecting your computers in order to protect your valuable information. Unfortunately, there is no single “silver bullet”. Instead, we must employ “Defense-in-Depth” which is a strategy based on layers of protection. The more layers, the better.
- Patching/Updates – It has been reported that 90% of infections could be prevented by simply keeping your systems up-to-date with security patches. Whether you use a PC or a Mac, it is imperative that you keep your system current. Malware targets computer systems that have vulnerabilities that have not been patched. Keep the security patches current and you’ll be well on your way to preventing infection. Be aware that malware also targets applications on your system that have vulnerabilities. Two very common targets are Adobe and Java. Strive to keep ALL your applications current as well as the operating system.
- Anti-virus – Good anti-virus software will prevent you from opening files that are infected. While nothing is bullet-proof, it is important to use reputable anti-virus software on your machines. Most will allow you to scan the machine on a regular basis. Others will offer active protection that scans new files as they are introduced to the system. All of them will provide a way to obtain new definition files which help the scanning engine keep up with new malware that has been introduced.
- Spam filtering – Hackers have always relied on “social engineering” to try and infect a machine. Email provides an easy way to introduce malware by convincing the recipient that action must be taken based on the content of the email. Many of you know this as “phishing” or an attempt to gain confidential information from the user by utilizing official looking emails. For example, the spam email may try to convince the user that a package is waiting for them and the sender needs approval in order to complete shipment. A link to this “approval” is within the email but the link leads to an infected website that infects the machine during the visit. An effective spam filter will prevent most of these emails from finding their way into your inbox.
- Cloud-based malware protection – A new form of protection comes from the cloud. This type of protection prevents the user from falling prey to a phishing scam or prevents the user from visiting a website that has a known infection that can be spread. It also provides the ability to limit the types of websites that can be visited by the protected user. As an example, a business owner may decide that it would be best if the computer users within the business did not have access to devious websites that may cause damage (pornography has traditionally been riddled with malware). By blocking access to these types of sites, another layer of protection is enforced.
- Monitoring – Security is not something that you can typically “set it and forget it”. You must monitor the above items to be sure they are working properly. For example, Windows provides a method to automatically update your machine. However, are you certain you’re getting all the updates? It’s important that you don’t assume the updates are being applied. You must monitor them to be sure. The same holds true for anti-virus software which can sometimes be updated several times per day. Keep on top of these updates to be sure they’re happening.
- Passwords – We’ve all heard this over and over. But do we practice safe password creation? In an earlier blog, we listed the top 25 passwords in use today. If your passwords are on this list, it’s time to change them. You can see the blog here. Many people are starting to use phrases to create passwords. As an example, your favorite song might be “I can’t get no satisfaction”. If you use the first character of each word, you would end up with a password “Icgns”. Add a number and special character and your new password may look like this “Icgns2013!”. This password is very difficult to guess or hack but relatively easy for you to remember. Another option is password manager software which helps you securely keep track of your passwords. Strong passwords are key!
- Due diligence – As I mentioned before, nothing is bullet-proof. Hackers are smart people. They’re constantly finding new ways to steal your sensitive information. You need to remain diligent at all times. If an email looks suspicious, it probably is. Delete it. If your machine is acting strange, get it checked out. Ignorance is not bliss. It can lead to significant financial loss.
I hope this information has been helpful. If you would like help managing these “Pillars”, we have a blueprint that is designed to protect you using a “Defense-in-Depth” strategy based on the Seven Pillars above. This strategy is affordable for any size business. If you have further questions, you know where to find me. (Hint: there’s a number at the top right of this website…).
Thanks for your time!
Dave
Copyright 2013 – Cyber Solutions, LLC.
