Protecting yourself on the internet: Preventing and treating malware infections

RBC | mal-ware (noun)

Software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

The subject of malware (a.k.a. malicious software) is as deep as it is wide. It covers a broad spectrum of digital bugs and can get incredibly complicated. I’m going to attempt to cover the high points in this article and give you some tips on how to protect yourself from the various threats that are out there on the Internet. First, let’s start with a brief description of what we’re dealing with. The term “malware” is actually a catch-all term for the following:

–  Virus

Worm

Trojan Horse

Spyware

Ransomware

Malware can be delivered to your computer in a number of different ways. One of the more prevalent ways malware is distributed is through email. If you read last week’s article, you’ll recognize the term “Phishing.” Those official-looking (i.e. fake) emails are a very common way that malware is distributed. Another is by way of what I jokingly refer to as a “drive-by infection.” This is when you go to a website that is set up by hackers in such a way that it delivers a bug to your computer just by browsing. Another common vector is the USB flash drive. Hackers put a piece of malware on a USB flash drive and then strategically drop it in a parking lot or elevator lobby. The unsuspecting victim, out of pure curiosity, inserts the flash drive into their computer and voila, the infection is complete.

Not all malware is dangerous per se. Some are simply annoying, but even the most innocuous viruses can degrade the performance of your computer. If you get infected with several viruses at the same time, they can make your computer nearly unusable.

Rather than spend a lot of time defining each one of these examples, I want to touch on the two most insidious types of malware; spyware and ransomware.

Spyware is pretty self-explanatory; it’s a program that spies on you. Spyware alone is a broad subject but in short, it’s designed to collect your personal information. Some are designed to scour your hard drive for passwords and credit card numbers and send them to a hacker for future exploitation. Others will go so far as to capture your keystrokes as you are typing in your password and credit card number, then send them home to its creator.

In my opinion, ransomware is the worst threat on the Internet today. This nasty bug gets on your computer and sets about the task of encrypting all of your data files. Once the encryption is complete, the ransomware pops up a window that tells you that your computer has been taken over and the only way you can get your files back is to pay a ransom. If you pay the ransom, the hacker promises to send you a decryption key and instructions on how to recover your files. Of course, this only works some of the time. Most of the time, the hacker gets their money and vanishes, leaving you empty handed. I’ve worked on a number of investigations where this has happened in large companies. The outcome of a ransomware incident varies and a successful outcome depends greatly on how prepared the company was to deal with this kind of disaster. In some cases, the ransomware was removed and the data files were restored from a backup. In other cases, the ransom was actually paid, a decryption key was provided and the data was recovered successfully.

Here are some tips on how to protect yourself from malware:

I’ve often advised clients that there are only three ways to protect the contents of their hard drives; 1. Backup your data. 2. Backup your data. And 3. Backup your data. In all seriousness, backing up your data is the heart of a good disaster recovery plan. Most hard drive manufacturers sell small external USB hard drives that include backup software and helps automate the process. The single most important thing to remember is that malware can be spread like a common cold so once you backup your data to an external drive, REMOVE THE DRIVE FROM YOUR COMPUTER. There’s no benefit to having your data backed up on an external hard drive only to have it get encrypted by ransomware along with your computer hard drive.

Install anti-malware software on your computer. Most computers come with at least a trial version of some kind of anti-malware software pre-installed. Spend the few bucks for the license. There are some free anti-malware packages out there, but you get what you pay for. Using a licensed, mainstream anti-malware application, you get automated updates and real-time protection. Real-time protection means that the anti-malware catches the bug BEFORE it has a chance to do anything. With a lot of the free applications, you have to remind yourself to manually do updates and run scans on your hard drive. They can also slow down your computer.

Make sure your anti-malware is up to date. In so many cases, I’ve encountered folks who thought their system was protected automatically, but it wasn’t. If they had performed a manual update and run regular scans of their hard drives, they might have prevented their disaster.

There are a couple of anti-malware applications that I want to mention. They are both very effective and reasonably priced. The first is MalwareBytes (https://www.malwarebytes.com/). They actually offer a 15-day free trial of “premier service” where everything is automated. After 15 days, the program falls back into a more manual mode, but still very effective. Just no automatic protection. My favorite is Cylance (https://www.cylance.com). Cylance Smart Antivirus is their home version. I’ve had large corporations convert from old favorites like Norton and McAfee and have watched their helpdesk calls go from more than 100 a day to zero. It literally catches everything that’s thrown at it. Unlike many of the other anti-malware applications, it has almost no impact on performance and provides real-time protection.

By Brett Dearman | brett@ht1885.com

Be the first to comment

Leave a Reply

Your email address will not be published.


*