Safe Computing PracticesPosted: 01/08/2016 12:00am
I’d like to focus on the area of computing that typically causes the most issues for IT staff: safe computing practices. Over the last twenty years, the Internet has become a dangerous network. In response to this lack of safety, businesses and individuals shield their own private networks with a firewall and to use Network Address Translation (NAT) to segregate their machines off the Internet.
So, what makes the Internet dangerous? Well, the nature of the accessibility of the Internet has changed dramatically. It used to be that only a skilled computer science student or an adept IT administrator could gain access to it, but now anyone can obtain an account with an Internet Service Provider (ISP) and receive unrestricted access to the rest of the world.
The most severe threat out on the Internet right now is ransomware. Ransomware works by infecting the victim’s computer using a variety of different methods:
- Malvertisments are specially coded advertisements containing malicious programs which are served up by an ad network. Unfortunately, many ad networks do not vet whatcryptolocker is contained within the ads they are serving, making users with older browsers or without system patches very vulnerable. The image on the right is a good example of a typical “Cryptolocker” style piece of Ransomware. Before anonymous cryptocurrencies, this style of software was impractical as this would have exposed the coders to a high risk of criminal prosecution. Cryptocurrencies like Bitcoin have made it very possible for these criminals to hold data for ransom without any risk to them. Even the RCMP and the FBI have told victims to pay up as their own resources are powerless to do anything about it.
- High risk web sites such as file sharing web sites usually carry high amounts of malvertising, malicious software that could potentially infect a computer. The primary purpose of those sites is to make a lot of money quickly, without any kind of moral standard. No site with a low moral standard is going to ensure that their ads are vetted to protect the user, nor does anyone control what is on a file sharing site.
- “Social Engineering” is the most effective and the oldest form of hacking. It doesn’t even require a computer. Social engineering involves making a victim think that someone has legitimate credentials, when they actually don’t. An excellent example is where the hacker calls a large company pretending to be from IT. They go on to say to the victim that they’re troubleshooting the system and that they need the users’ password in order to repair their machine. The gullible user then gives the hacker the information they need, which they then can use to get more information later.
- “Phishing” and “Whaling” are a subset of social engineering. For example, a phishing email looks like a legitimate email which appears to be sent from a banking institution, Facebook, Twitter or some other legitimate service. The best way to detect a phishing email is to look at the links in the email. A phishing email will have links that do not match the site that the email claims it is from. Usually, a victim will enter in their credentials and sometimes personal information, and the criminal uses it to commit identity theft. Compromising Facebook accounts is a highly popular activity because it can act as a revenue source for the criminal and it provides the criminal with more targets by going after the friends of that user. “Whaling” is targeted phishing where the executives of a company and seen as high value targets and are attacked. We won’t cover that in this article.
To protect yourself against malware, ransomware and other system infections, follow these tips:
- Purchase and install a good high quality anti-virus and anti-malware program to stop these programs from installing, should they be accidentally installed through malvertising or other means.
- Treat every single email attachment you receive in your e-mail as if it were infected with malware until you can verify where it came from. Ask the person who sent you the attachment what it is. If they don’t know or can’t answer, delete it. A legitimate user will always be able to verify the attachment they’ve sent you. If they don’t respond or if you don’t know them, delete the email.
- Banks and other financial institutions never ask for your personal information via email. If you are unsure, call your bank and ask. Ignore emails from major service providers which claim that your password has been reset and that you must click on a link to continue. (Unless you really did mean to reset your password.)
- Avoid browsing to dangerous or seedy sites on the Internet. If you must for some reason, ensure that you have “Private Browsing” turned on (sometimes called incognito mode). This ensures that your browser cannot be tracked and that nothing on the can store local data on your machine.
- In the event where ransomware does slip through the add-ons in your browser and it gets past your anti-virus, always make sure that you have backups of your data to ensure that you can restore it if it becomes encrypted. The cost of a backup solution will be cheaper than paying some criminal in Bitcoin.
- If you have a laptop and you connect to a public Wi-Fi hotspot, ensure that your firewall is turned on, and that you have selected “Public” as the network type. Always avoid sending confidential data using that Wi-Fi (such as personal banking, etc.). If you want to use Facebook or anything else requiring credentials, make sure that you change your passwords when you can get onto a private trusted network.
Good luck and safe computing!