Select a language:

5.4 Understand Malicious Risks

Understanding Malicious Risks

Introduction

Why would anyone want to harm or potentially, destory your computer? What did you ever do them?! Most of the time, you probably did nothing, but there are people out there who create malicious programs for kicks. They might even want to take control of your computer or steal valuable data. This section will give you a breif overview of why they do this, the methods they use, and how you can protect yourself.


[edit]

Reasons why malicious programs are created

What's the deal with all these people creating malicious software? One of the main reasons is for profits. A large amount of money can be generated scamming people into giving important information like credit card numbers. Phishing is a way of tricking people into beliving they are giving they're information to the official company. In hindsight, they are really sending they're data to someone wanting to exhort that person. And if crackers can't phish someone, they'll use programs which monitor and spy on a person's computer, which then reports back to them. Another reason is for the so-called "glory" of creating a malicious software. Back in the day, viruses were created as a prank by vandels. These people are bored, and of course they use that time to make the lives of other people miserable. They like to think that they're computer buffs, by bypassing security and harming another persons' computer. But they're really not.

Important! Never send valuable data to anyone you don't know. Don't post it online either.


[edit]

Methods and types of programs used

Adware is really annoying. Imagine a salesperson, that just won't take no for an answer. It includes pop-ups and advertisements. They're not always harmful, but if you gather enough of them, your machine will start to slow down. Relatively easy to remove.

Spyware is like adware (they rhyme) but since it has the word "spy" in it, it might tip you off that it spies on what you are doing on your computer. They can track what websites you go to, or even worse, collect valuable information stored on your computer. They are relatively easy to get off your machine.

Trojans refer to the trojan horse; it is a malicious software that looks legitmate, but is really carrying code that harms your computer. It may perform some functions the user has no clue about, like gather change the computer's defaults.

Viruses are well known; they are programs that replicate themselves using other programs on a computer. Anti-virus software should be able to handle them.

Worms are similar to viruses, except they don't need other programs to replicate themselves. They can be set to do anything; unlike viruses who's only goal is to replicate themselves. Worms slow down the network speed on a machine.


Of Note A good way to prevent these malware from installing onto your computer is by not going to bad sites that lokk suspecious/illegal


[edit]

What Are You Protecting Against?

Exactly what is it that you're protecting yourself against? You're trying to keep spyware, adware, viruses,malicious hackers, user error, and most importantly data theft. Three of these issues require more than just some programs to keep them at bay. For malicious hackers, user error, and data theft you want to make sure that you've got good secure passwords, and the right settings. With malicious hackers you run the risk of having the code of programs (like your web browser) edited and manipulated. With user error there is the problem of you or another user (remember that aunt?) could accidentally delete an important file, open and download a or could wander onto a malicious web page and cause major problems for your computer. Data theft could easily be seen as the worst fo the lot. If someone gets a hold of your files they could easily steal your identity: social security number, credit cards, address, phone numbers, birthday, school, anything and everything you have on your machine.

The good news: you can make sure it doesn't happen to you. Passwords. Settings. Programs.


[edit]

How Do You Protect Your Computer?

Now you know what you're trying to keep off your machine. But how do you accomplish this? You need the right mix of tools. You want to have the right password and settings, and the right combination of programs that will keep your computer safe.

  • You're going to want to consider a firewall - newer Apple and Microsoft products usually have them built in.
  • You'll want to make sure you have two accounts. Protect both of them with a secure password.
    • A regular account with minimal administrative abilities so that if you let someone use your computer they can't accidentally do something harmful.
    • An administrative account. DON'T name it 'Admin' or 'Administrator' or something like that. If someone is going to try and get to your machine, the first thing they'll look for is an admin account.
  • Make sure you have your settings adjusted to update automatically once a week.
  • Have one anti-virus program installed
  • Have at least one program to detect and remove spyware.


[edit]

Updates/Patches

Security! It doesn't matter if you have the best program or OS out there. If you don't update it regularly it'll become obsolete and useless before you can say "pink plastic flamingo".

Updates are always important. I can't really stress this enough. Updates install security patches that help prevent unwanted programs and bugs on your machine. The system updates for your computer will also update all of the programs bundled into the OS as well as the OS itself. This means Windows Media Player and IE for Windows and iTunes and Safari for Apple computers as well as other programs. You can either manually update your machine once a week or so - this means that you actually have to remember to go look at the updates. Or you can set your computer to automatically update itself.

You can change your update settings by going into your system preferences and going to updates. From there you should find an option to turn on automatic updates. It's a good idea to run them about once a week.


[edit]

Programs

There are many programs out there, but these we are going to go over:

  • BitDefender 8 Free Edition (Antivirus)
  • BitDefender 9 Standard (Antivirus and spyware)
  • ClamWin (Antivirus)
  • Spybot: Search and Destroy (Anti-Spyware)
  • SpywareBlaster (Anti-Spyware)
  • TrueCrypt 4.2 (Anti-data theft)


Fun Facts! notice that I just put the word "anti" before the malicious program/action. Duh...
Of Note It is important to update these programs regularly. New threats may appear if you do not have the latest "definition list" on your antivirus and anti-spyware program


[edit]

Virus Protection

  • Pros
    • It provides nice protection against an accidental click on a malicious link
    • The programs are a nice security blanket if more than one person will be using the machine
  • Cons
    • Sometimes the programs can slow up the machine
    • It can be hard to remember to run all of those checks!

So it's probably a good idea to install virus protection if:

  • Multiple people are going to be using your machine
  • You think that the rest of your security may not be enough

You might consider running without virus protection if:

  • you're an experienced user who does not tend to wander into compromising security situations
  • AND, you have your machine backed-up with Ghost, data backups, etc.


[edit]

Antivirus

Important! A golden rule is to only install one anti-virus per computer. This is because anti-virus programs clash with each other. With spyware detection programs, it is less of a rule.

Here is a list of Antivirus software we picked:


[edit]
ClamWin

ClamWin is an open source antivirus for Windows. ClamWin does not include a real-time scan. Yes, I know I said that this section was for for prevention, but ClamWin is a decent antivirus, and I felt that I should mention it. It'll go more in-depth in the getting rid of malware section.


[edit]
BitDefender

BitDefender 8 Free Edition is an older version of BitDefender (the newest is 9), but it works just fine. As with ClamWin, it does not come with an on-access, real-time scanner. It releases updates every 1-3 hours so that the computers will always be protected from new threats. The Free Edition is always one edition behind the newest one. [1]

BitDefender 9 standard main screen.

BitDefender 9 Standard is not a free antivirus program (no, I am not lying (although occasionally, I do enjoy a fine white lie).) This version does come with an on-access, real-time scanner, meaning while it is up, it will stop a virus from executing. It might be what your looking for, if you want to pay for a strong protection. [2]


[edit]

Anti-Adware/Spyware

Here are the Anti-Spyware program that we suggest: Adaware SE SpywareBlaster and Spybot: Search & Destroy

Adaware SE is a great program which scans your computer for adware and spyware. It is extremely easy to use, but the free version does not come with a real-time protection against malware. Easy interface.

SpywareBlaster's main function is to stop spyware from installing onto your computer. It doesn't scan for spyware already on your computer.

Spybot is freeware and is updated regularly. It scans for a whole range of spyware and it includes a program called TeaTimer, which monitors the processes running on the machine. It alerts you that a change is being made (if there is a change being made) and if a malicious process is running. It will kill the process if you so choose to, or you can run it if you want. However, it may be annoying if you want to change the settings, and every time you do, a window pops up asking you to confirm it. TeaTimer is optional, and you do not have to install it with Spybot. If you want top notch security, I recommend that you do use TeaTimer.


[edit]

Anti-Data Theft

Programs that you can use to prevent data theft are firewalls and encryption programs. One fail-safe prevention of data theft is kick someone you don't know off your computer. Don't let them get any information. Don't leave important information on your machine also.

[edit]

Firewalls

What do firewalls do? It prevents unwanted and forbidden communication. It is basically a barrier for your computer.

[edit]
Apple

Apple has a built in firewall in it's OS X - Tiger. You can turn on the firewall by going to System Preferences, Sharing (under Internet and Network), and then go to the firewall tab. It will probably say that the firewall is off. You can turn it on by clicking the 'Start' button. If you want to allow anything specific you can check the box on the drop down list.

The 'Sharing' folder

The Firewall screen

[edit]
Windows XP

On Windows XP, there is a firewall included in Service Pack 2 (which you should have, by the way). It is turned on by default. It comes with the Windows Security center, which includes automatic updates, and virus protection. It checks to see if a an unknown connection is being made, and alerts the user of when there is a connection.

Screenshot of Windows XP Security Center

Screenshot of Windows Firewall settings 1

Screenshot of Windows Firewall settings 2

[edit]

TrueCrypt 4.2

TrueCrypt is an open source program, which allows you to create a virtual encrypted disc, and allows you to mount it as a real disc.

TrueCrypt provides two levels of plausible deniability, in case an adversary forces you to reveal the password: a hidden volume (steganography- more information may be found here); no TrueCrypt volume can be identified (volumes cannot be distinguished from random data). -Download.com: TrueCrypt
[edit]

Others

Probably the most important program that doesn't fall under any of the previous categories is something called Deep Freeze. Deep Freeze is a really heavy duty program. What it does is it basically locks everything on your computer, and the minute you restart, anything and everything that was put on the machine previously is erased. Essentially it's impossible to install anything or download anything.


Important! Deep Freeze is not meant to be used on machines that are only used by one or two people. It is designed for machines in school labs or public locations where it is impossible to keep track of who is using the machines and there are dozens of people using them at any given moment.

While it is easily the most secure thing you can do to your machine (besides not every taking it out of the box. But that kind of ruins the point, doesn't it?) it is not a program to the thrown around lightly. Only use it if

  • The machine(s) are going to be accessed by more people than you can keep tabs on
  • The machine(s) are in a easily accessible location