As major corporations and organisations around the world are still trying to recover from the recent computer security breach that brought hospitals, rail lines and postal services to a standstill, we need learn how to protect ourselves in ways the NHS, FedEx and the German rail companies could not.
– The Computer Security attacks we need to protect ourselves from.
These major corporations and organisations affected by the recent computer hack, the news is awash with warnings that more attacks are to come and this time they will be even harder to stop.
In light of this, how do we as small/medium businesses, or as the general public using personal computers, protect ourselves against becoming victim to the ransom-ware infections that have earned the culprits behind this attack more the $50,000 dollars in seventy-two hours?
This article will teach you how to protect yourselves and your data from attack by securing your computers with basic simple steps. It really is quite easy, you do not have to be a computer technician, coder or whiz kid, all you need to be able to do is run programmes and click buttons. But before we defend ourselves, let’s take a quick look at exactly what it is that we are defending against.
Please bear in mind that there are hundreds of thousands of viruses; infections, Trojans, rootkits, malware and any other names you may have heard. For simplicity, I will be tarring all of these with the same brush of infection or virus, as this really isn’t the place to go that deep into it all.
There are primarily three reasons for a hacker to release an infection into the wild.
- To make money.
- To link the infected machines together to infect and/or target other computers.
- To plain and simply cause havoc and mess up computers and businesses.
If we break these down and look at the different types of infection in a little more depth, you will be able to understand a bit more reasoning behind the hacks.
- To make money
This purpose of hacking, is exactly what is says on the tin – MONEY.
This is normally done in two different ways. The first is by infecting a computer with a virus that reports back all usage carries out on a computer. The infection will see keys pressed on a keyboard, websites visited, emails sent, even spy through the webcam if it likes. This information is then fed back to the hackers so that bank accounts, PayPal, shopping and other financial accounts can be used to gain money.
The second, and the type of infection released this weekend that effected over 100 countries, is called ransom-ware. This is an infection that blocks usage of the computer and demands a ransom to unlock it. This can be achieved by not letting anything load apart from a screen when the computer starts, informing the user that they must pay money to regain access to their machine. Alternatively, the ransom-ware may encrypt all the files on a computer and demand the ransom to un-encrypt them. In this method, files like pictures, music, excel, word and pretty much everything important to someone is encrypted.
Whatever you do if you are hit with ransom-ware, it is to not pay the ransom. Best case scenario you will be out of pocket £30, £40, £100, or whatever the ransom is, worst way, you just gave you bank, debit or credit card details to the hackers. Contact Us or a reputable computer repair company and they will be able to either clean your machine or at the very minimum, reinstall so that you know the system is safe again.
- Linking Infected Machines
This is known as creating a bot. The goal behind this sort of attack is power and wide spread infection. By linking thousands of machines together, the hackers can create a bot that can target a certain website. They will point all the machines at a site so that it is overloaded and crashes. This is generally done to large companies that someone has an annoyance with. The other use behind this type of attack is spam, they will use tens of thousands of machines to send emails to tens of thousands more machines to either infect them with ransom-ware, make them part of the bot or sell them products that do not work.
- Cause Havoc
There really is no other reason for this type of hack, but to destroy a computer. This type of infection will just infect all the files it can. Everything from system files, to mp3’s to word documents are at risk. Once this infection takes hold, you really have no option but to wipe the machine and start again. You can never really know if you cleaned it all and all types of backdoors could be left open for infection types 1 and 2.
Now we understand a little more about the different types of infection and why they are used, how do we protect ourselves in ways the NHS, FedEx and the German rail companies could not?
– The basics steps to perform for better Computer Security.
For ease of following, we will use ten steps to protect ourselves. All apply to both Windows and Apple based computers. For years, there has been a myth that Apple computers cannot be infected, this is just that, a myth, they are just as susceptible to infection as Windows, if not more so because users underestimate the risk.
So, how do we protect ourselves from infection?
- Use caution. This is the biggest weapon you have against infection. If something seems too good to be true, it probably is. All of these “get rich quick schemes”, “work from home” or “sell this item”, are generally scams. If something is asking to install a programme that you think is odd, then research.
- Email protection. When you receive email that is addressed to you and claims to be from a familiar source but with an unusal email address and may or may not request an action that involves giving of personal data, do not open any attachments.Use an email client with a good spam filter and an anti-virus that will check email attachments before you open them. If unsure, ring the supposed company that the email is claiming to be from and confirm if the request is legitimate. No financial company will ever ask for personal details via email.
- Take care when browsing the internet or social networking sites and steer clear of sites offering pirated software, films or music. These types of downloads are plagued with infections and are notorious for carrying all types of different viruses. Use the browser add-on Web of Trust which will give a traffic light type ranking to sites so what you know if a site is safe.
- Keep everything updated. And that means everything. Do the Windows updates, the OS X updates, Adobe, Java, Office, Web Browsers, Anti-Virus; everything. These updates are released for a reason; to patch security vulnerabilities that infections can get through. It is even coming to light now that one of the effected systems in the recent global hack was sent a security patch that would have blocked this attack. It may seem frustrating to do them, but they really are one of your best front line defences.
- Use an Anti-Virus. Not two, not three, one. Using more than one Anti-Virus is just as bad as not using any, they will act like magnets fighting against each other leaving holes for infections to get past. Gone are the days of paying a fortune for a good Anti-Virus, there are many free ones that rank very highly in test results. You can see Windows Anti-Virus test result here and Mac OS X results here. Just ensure that you remove all traces of your previous Anti-Virus before installing a new one.
- Use a back-up malware removal scanner. There are programmes out there that have been designed to work alongside anti-virus programmes without slowing the system down or creating gaps in the security. For this, there really is only one, that is Malware Bytes Anti Malware. I am not affiliated or related to the programme or company in anyway but have used it for a long time and know that it works very well on both Windows and Mac. There is a free version that gives no live protection, but is an excellent on demand scanner or the full version which is very affordable and will give you full protection against a whole host of known and unknown infections.
- Do regular scans and listen to your security. There is no point having any of this protection if you are not going to use it. Scans can take time so be patient, it is worth it in the long run. Also if a warning pops up when you attempt to open or download a file, don’t just ignore. Read and heed the warning.
- Do not give someone that has called you on the phone claiming to be Microsoft or your Internet provider, remote access. These are well known scams. Although remote access is a great tool for quick and easy computer support, if you did not phone them with a problem, know them and trust them, then do not give them access.
- Use strong passwords. A weak password is a hacker’s dream. By just gaining access to your email, think of all the accounts they instantly know you have from the emails you have received. With access to your email, they can then reset any and all passwords and gain access to every account you have ever used. A lot of sites are now using two step verification, some even insist on it. This allows you to register a mobile phone, so each time you login, you will not be able to go any further until you have been texted a code and entered that into the site. Although this may seem time consuming, it is a lot quicker than trying to recover stolen money. Make sure passwords contain upper case, lower case, numbers and symbols. A password like Th3Sky1sB!@3 is a lot more secure than theskyisblue. Have a different password for each account and don’t use things like your name or date of birth. If you struggle to remember multiple passwords, there are various encrypted safe locker apps for phones, tablets and computers that will securely store the passwords with access only available via a master password. Keeping everything in an excel file or word document is just not safe anymore.
- Keep backups. If the worst does happen and your computer needs completely wiping and restoring to rid the infection, backups of your important files is a must. Store them in the cloud in an un-synced folder so the infection cannot spread to them, on a network drive with protection or an external hard drive. Whatever you do, make sure the backup is kept away from the computer in case something happens and you lose the backup as well.
Just following these simple steps for computer security will dramatically decrease your chances of infection. Nothing is ever 100%, but with these precautions, you will be a lot closer. Use item ten as a failsafe, if the very worst does happen, you will at least have somewhere to turn.