COMPUTER
VIRUS UPDATE: PROTECT YOURSELF NOW by
Lance T. Walker, SkyVault™ Web Design
Picture this:
it's one o'clock on a busy Monday afternoon. You return to your
office after lunch and check your email. You notice that one message
contains no writing - just a blank screen. Thinking nothing of it,
you continue through the rest of your messages and get on with your
work.
About 4:45pm,
you shut down your computer and head for the water cooler. On the
way, you hear that various people in your company are getting emails
from customers saying they just got a virus from your company that
is wiping out their hard drives and rendering their systems inoperable.
And since you're the owner, they're planning to sue you for damages.
You are angry,
of course, and determined to find out who the culprit is. Then the
IT guys give you the news; the virus came from YOUR computer. That
blank email you opened actually contained a code, written invisibly,
that automatically activated a virus that was attached. Once activated,
the virus sent itself to your entire network, and everyone in your
Outlook Address Book. Remembering that backup you had been planning
to do for the last 3 months, you rush back to your desk and turn
on your computer. In an instant, you realize it's all gone - your
data, your company, your home, and your reputation.
If this scenario
scares you, it should. It is being played out right now, in offices
and cubicles all over the world. The new age of computer viruses
is not coming, it is here. We have seen major infestations with
names like Blaster, SirCam, Code Red, Voter, Nimda, and even re-releases
of the famous Sasser, Sobig and I Love You viruses. Once easily
definable as worms, trojan horses, or simple viruses,
these monsters are now self-activating combinations of each. And
it will get worse - much worse - over the coming years, as new "polymorphic"
virus strains make their way into the wild.
In order to
protect yourself, you need to become more informed, rid yourself
of some common misconceptions, and get the right tools on your side.
This article is written to assist you in that effort.
What exactly
is a virus?
A computer virus
is nothing more than a piece of software code that tells your computer
to do something different than it normally does. In reality, the
computer is not really "infected"; it is simply running
on a new set of instructions. Although Microsoft products are the
most frequent targets of attacks, Linux and Mac users are far from
immune. Renegade code is proliferating for all operating systems,
as more sophisticated programmers go for the rewards of a big reputation
and a high-paying security job (both of which frequently accrue
to the successful virus writer after a little jail time), or increasingly
work together with hackers and spammers to generate revenue.
Viruses come
from many sources, not just email attachments. Infected floppy
disks are still a common source, especially in - of all places
- computer repair shops. One infected boot disk can contaminate
dozens of computers in one day to be sent back to their unsuspecting
owners, who then unwittingly spread them anew.
Poor quality
control can result in viruses being embedded into brand new cd-roms,
to be activated repeatedly until someone discovers the source.
And more and
more viruses are being planted in web pages - yes, web pages
- that activate through the simple act of surfing the Internet.
If you use a computer, avoidance is no longer a viable option. The
only real choices are prevention and cure, with prevention being
by far the more painless alternative.
Tips on
avoiding computer viruses and worms (compliments
of F-Secure.com)
1. Most of the
worms which use e-mail to propagate use Microsoft Outlook or Outlook
Express to spread. If you need to use Outlook, download and install
the latest Outlook security patch from Microsoft. In general, keep
your operating system and applications up-to-date and apply the
latest patches when they become available. Be sure to get the updates
directly from the vendor.
2. When possible,
avoid e-mail attachments both when sending and receiving e-mail.
3. Configure
Windows to always show file extensions. In Windows 2000, this is
done through Explorer via the Tools menu: Tools/Folder Options/View
- and uncheck "Hide file extensions for known file types".
This makes it more difficult to for a harmful file (such as an EXE
or VBS) to masquerade as a harmless file (such as TXT or JPG).
4. Never open
e-mail attachments with the file extensions VBS, SHS or PIF. These
extensions are almost never used in normal attachments but they
are frequently used by viruses and worms.
5. Never open
attachments with double file extensions such as NAME.BMP.EXE or
NAME.TXT.VBS
6. Do not share
your folders with other users unless necessary. If you do, make
sure you do not share your full drive or your Windows directory.
7. Disconnect
your network or modem cable when you're not using your computer
- or just power it down.
8. If you feel
that an e-mail you get from a friend is somehow strange - if it
is in a foreign language or if it just says odd things, double-check
with the friend before opening any attachments.
9. When you
receive e-mail advertisements or other unsolicited e-mail, do not
open attachments in them or follow web links quoted in them.
10. Avoid attachments
with sexual filenames. E-mail worms often use attachments with names
like PORNO.EXE or PAMELA_NUDE.VBS to lure users into executing them.
11. Do not trust
the icons of attachment file. Worms often send executable files
which have an icon resembling icons of picture, text or archive
files - to fool the user.
12. Never accept
attachments from strangers in online chat systems such as IRC, ICQ
or AOL Instant Messenger.
13. Avoid downloading
files from public newsgroups (Usenet news). These are often used
by virus writers to distribute their new viruses.
System
protection
There are 3
phases to adequate system protection; backing up data regularly,
installing "system monitoring" antivirus software, and
updating that software regularly. (For our purposes, the term "regularly"
means daily, or at least once a week without fail.)
If you're like
most people, you can't even remember the last time you actually
updated your antivirus or backed up your data. Get serious and do
it today. The time it takes will be much less than the time it takes
to file all those papers in bankruptcy court. Tape systems are notoriously
unreliable; if you use one, make sure you test the tapes in a mock
drill to be sure you know how to work them - and that they actually
do work. I recommend CD-rom or DVD backups, because they're light
in weight, dependable, and easy to store offsite.
For antivirus
software, among the most popular consumer products are McAfee (mcafee.com)
and Norton (norton.com).
While they're both excellent products, and do now offering monitoring
capability, many people still associate them solely with the art
of healing your computer after an attack has already occurred. As
a result, many users live in a world of false security, thinking
they're safe with an antivirus program that hasn't been updated
in a year or more.
Experiencing
a computer virus attack is no longer a question of if, but
simply when. Protect yourself and your business. Back up
your data, and install competent antivirus protection. Make it as
much a part of your security mindset as locking your front door.
If you are not comfortable with the technology, consult a knowledgeable
computer consultant. Do it today; your business depends on it.
-- Lance T.
Walker provides marketing consulting, web development, and Internet
business services to owners of small and micro sized businesses.
Learn more about how to use today's technology to enhance your financial
success at skyvaultpublishing.com
. Find more quality e-business articles at skyvaultwebdesign.com.
