SkyVault logo

 

satellite
 Article  

COMPUTER VIRUS UPDATE: PROTECT YOURSELF NOW
by Lance T. Walker, SkyVault™ Web Design

Picture this: it's one o'clock on a busy Monday afternoon. You return to your office after lunch and check your email. You notice that one message contains no writing - just a blank screen. Thinking nothing of it, you continue through the rest of your messages and get on with your work.

About 4:45pm, you shut down your computer and head for the water cooler. On the way, you hear that various people in your company are getting emails from customers saying they just got a virus from your company that is wiping out their hard drives and rendering their systems inoperable. And since you're the owner, they're planning to sue you for damages.

You are angry, of course, and determined to find out who the culprit is. Then the IT guys give you the news; the virus came from YOUR computer. That blank email you opened actually contained a code, written invisibly, that automatically activated a virus that was attached. Once activated, the virus sent itself to your entire network, and everyone in your Outlook Address Book. Remembering that backup you had been planning to do for the last 3 months, you rush back to your desk and turn on your computer. In an instant, you realize it's all gone - your data, your company, your home, and your reputation.

If this scenario scares you, it should. It is being played out right now, in offices and cubicles all over the world. The new age of computer viruses is not coming, it is here. We have seen major infestations with names like Blaster, SirCam, Code Red, Voter, Nimda, and even re-releases of the famous Sasser, Sobig and I Love You viruses. Once easily definable as worms, trojan horses, or simple viruses, these monsters are now self-activating combinations of each. And it will get worse - much worse - over the coming years, as new "polymorphic" virus strains make their way into the wild.

In order to protect yourself, you need to become more informed, rid yourself of some common misconceptions, and get the right tools on your side. This article is written to assist you in that effort.

What exactly is a virus?

A computer virus is nothing more than a piece of software code that tells your computer to do something different than it normally does. In reality, the computer is not really "infected"; it is simply running on a new set of instructions. Although Microsoft products are the most frequent targets of attacks, Linux and Mac users are far from immune. Renegade code is proliferating for all operating systems, as more sophisticated programmers go for the rewards of a big reputation and a high-paying security job (both of which frequently accrue to the successful virus writer after a little jail time), or increasingly work together with hackers and spammers to generate revenue.

(For an excellent perspective on the mindset of a virus programmer, see Jo Twist's article, "Why People Write Computer Viruses" .)

Where viruses come from

Viruses come from many sources, not just email attachments. Infected floppy disks are still a common source, especially in - of all places - computer repair shops. One infected boot disk can contaminate dozens of computers in one day to be sent back to their unsuspecting owners, who then unwittingly spread them anew.

Poor quality control can result in viruses being embedded into brand new cd-roms, to be activated repeatedly until someone discovers the source.

And more and more viruses are being planted in web pages - yes, web pages - that activate through the simple act of surfing the Internet. If you use a computer, avoidance is no longer a viable option. The only real choices are prevention and cure, with prevention being by far the more painless alternative.

Tips on avoiding computer viruses and worms
(compliments of F-Secure.com)

1. Most of the worms which use e-mail to propagate use Microsoft Outlook or Outlook Express to spread. If you need to use Outlook, download and install the latest Outlook security patch from Microsoft. In general, keep your operating system and applications up-to-date and apply the latest patches when they become available. Be sure to get the updates directly from the vendor.

2. When possible, avoid e-mail attachments both when sending and receiving e-mail.

3. Configure Windows to always show file extensions. In Windows 2000, this is done through Explorer via the Tools menu: Tools/Folder Options/View - and uncheck "Hide file extensions for known file types". This makes it more difficult to for a harmful file (such as an EXE or VBS) to masquerade as a harmless file (such as TXT or JPG).

4. Never open e-mail attachments with the file extensions VBS, SHS or PIF. These extensions are almost never used in normal attachments but they are frequently used by viruses and worms.

5. Never open attachments with double file extensions such as NAME.BMP.EXE or NAME.TXT.VBS

6. Do not share your folders with other users unless necessary. If you do, make sure you do not share your full drive or your Windows directory.

7. Disconnect your network or modem cable when you're not using your computer - or just power it down.

8. If you feel that an e-mail you get from a friend is somehow strange - if it is in a foreign language or if it just says odd things, double-check with the friend before opening any attachments.

9. When you receive e-mail advertisements or other unsolicited e-mail, do not open attachments in them or follow web links quoted in them.

10. Avoid attachments with sexual filenames. E-mail worms often use attachments with names like PORNO.EXE or PAMELA_NUDE.VBS to lure users into executing them.

11. Do not trust the icons of attachment file. Worms often send executable files which have an icon resembling icons of picture, text or archive files - to fool the user.

12. Never accept attachments from strangers in online chat systems such as IRC, ICQ or AOL Instant Messenger.

13. Avoid downloading files from public newsgroups (Usenet news). These are often used by virus writers to distribute their new viruses.

System protection

There are 3 phases to adequate system protection; backing up data regularly, installing "system monitoring" antivirus software, and updating that software regularly. (For our purposes, the term "regularly" means daily, or at least once a week without fail.)

If you're like most people, you can't even remember the last time you actually updated your antivirus or backed up your data. Get serious and do it today. The time it takes will be much less than the time it takes to file all those papers in bankruptcy court. Tape systems are notoriously unreliable; if you use one, make sure you test the tapes in a mock drill to be sure you know how to work them - and that they actually do work. I recommend CD-rom or DVD backups, because they're light in weight, dependable, and easy to store offsite.

For antivirus software, among the most popular consumer products are McAfee (mcafee.com) and Norton (norton.com). While they're both excellent products, and do now offering monitoring capability, many people still associate them solely with the art of healing your computer after an attack has already occurred. As a result, many users live in a world of false security, thinking they're safe with an antivirus program that hasn't been updated in a year or more.

Professional-level products like NVC (norman.com), AVX (centralcommand.com), F-Secure (f-secure.com), and AVG (grisoft.com) provide extremely high levels of protection at very reasonable cost.

Experiencing a computer virus attack is no longer a question of if, but simply when. Protect yourself and your business. Back up your data, and install competent antivirus protection. Make it as much a part of your security mindset as locking your front door. If you are not comfortable with the technology, consult a knowledgeable computer consultant. Do it today; your business depends on it.

-- Lance T. Walker provides marketing consulting, web development, and Internet business services to owners of small and micro sized businesses. Learn more about how to use today's technology to enhance your financial success at skyvaultpublishing.com . Find more quality e-business articles at skyvaultwebdesign.com.

 

HomePortfolioMarketingArticlesRatesContact Us

Home page

Portfolio

Marketing

Rates

Contact Us

 

 

 

© 1998-2010