An ever-changing problem, with a constant war of attack and defense
There's been a significant change in patterns of attack.
It's much more likely to find organized crime doing it, rather than bored kiddies. Criminals use it for:
- Untraceable email spam
"Protection" rackets, especially outside the US: "pay us and your
network might not have an accident." Aimed at ISPs and large
"Botnets", more of a worry to ISPs than end users, literally can launch
"distributed denial of service" attacks from millions of points.
Kinds of threats
Trigger only if you open a program or file containing it.
Never open an email attachment from an unknown or untrusted source.
Spread only when people send files containing them
Less of a threat than in the past, but still significant
Most likely to destroy files on your computer
Run antivirus software
Danger can be minimal, only causing advertising to be customized for you
A Web "cookie" is, to some extent, a form of spyware, but it is appropriate and necessary to work with trusted sites
Evil spyware can grab your passwords, credit card numbers, etc., and send to a Bad Guy
Run antispyware software
Can enter a computer without an action by you, if you are not protected by security patches and security software
Use your computer as a breeding ground to spread
Rapid spread can be enough to clog and shut down your external links
An especially robust worm such as Slammer has shut down millions of computers and much of the Internet
Run antispyware, antivirus, and firewall software
Seem like useful programs but have embedded viruses or other bad things
Download programs and utilities only from trusted sources
Run antivirus and antispyware programs
Consider several forms of protection
Versus unstable software (such as Windows)
Install and use third-party stability-enhancing software
Do regular maintenance & backups, or have Beachwerks do it for you under contract
Versus evil software ("malware")
Practice "safe computing"
Use security protection software. This means, at the least, tool(s) that have antivirus and antispyware capability for your disks, and a firewall for your computer.
You also may want to run a popup blocker (sometimes called an adware blocker)
with your Web browser. We recommend using a browser other than Internet
Explorer for things that don't specifically require it, such as some
Microsoft support functions. We use Mozilla Firefox, which is free.
Against other kinds of threats, you want, at least, a firewall, even if there's one on your router. You also may want host intrustion detection software
(HIDS). While there are freeware versions of these, be sure that either
the vendor or a support service (like us) is available to interpret
warnings these other tools give you, and help you respond appropriately
to them. Developer or third-party support people will periodically
update the threat-prevention rules for these tools.
Protecting against compromise of your sensitive data, and forgeries of email apparently from you
Use encryption software to hold sensitive files on your computer
Encrypt the contents of sensitive email (all parties have to agree on encryption method)
Digitally sign your email (use public key, or "key ring" signed by well-known people in your community)