close

Computer Security

Computer Security is simply a safeguard against unauthorized use of your computer.  Although it may seem silly to worry about security precautions, over 55% of online users surveyed claim they had been infected with Spyware*!  Prevention measures are easy, and help you stop intruders from accessing any part of your computer system – before it happens.

Who would want to break into my home computer?

Even if you don’t have top-secret information on your computer, intruders may still hack into your personal computer.  Hackers on the web may want to gain control of your computer for credit card numbers and identity theft.  Or, someone could simply attempt to gain control of your computer to hide their true location as they launch attacks against other, more high-profile, computer systems.  Intruders may seek to cause damage to your computer by reformatting your hard drive.  Or, you may simply be a victim of Spyware.

In either case, it’s important to learn the basics of computer security.  Take preventative measures, making later detection and removal unnecessary.

Malware

You may hear the term “malware” thrown around sometimes, and not sure what it’s referring to when discussing computer security.  Malware is short for malicious software, and is just a general term to describe any software designed to infiltrate your computer without your consent.  The expression is used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.  A “computer virus” is another term used by some to describe all types of software that infects your computer – however, virus describes a very specific type of malicious software (see below).  Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, adware, and other malicious and unwanted software. In law, malware is sometimes known as a computer contaminant.

Spyware

Spyware is a type of program that watches what users do with their computer and then sends that information over the internet. Spyware can collect many different types of information about a user. Most programs will attempt to track what types of websites a user visits and send this information to an advertisement agency or it may simply launch pop-up advertisements (as in Adware). More malicious Spyware will try to record what a user types in an effort to intercept passwords or credit card numbers.
The term Adware usually refers to Spyware software which displays advertisements, whether or not it does so with the user’s consent.  The user experiences a large number of pop-up advertisements – ad’s that “pop-up” on your screen while browsing the Internet.  Other Spyware behavior, such as reporting on websites the user visits, frequently accompanies the displaying of advertisements. Monitoring web activity aims at building up a marketing profile on users in order to sell “targeted” advertisement impressions.

Anti-Spyware:
Anti-Spyware is software designed to remove or block Spyware from loading on your computer.

Types of Anti-Spyware Software

  1. Real-Time Anti-Spyware: Software that uses preventative measures to block the installation of Spyware before it loads.
  2. Detection and Removal Anti-Spyware: Software used to scan your hard-drive and system files for Spyware and remove it after it has already been loaded.

Computer Virus

A virus is a computer program that is designed to replicate itself by copying itself into the other files, and programs, stored in a computer. Some viruses are benign, but most have a negative effect.  Viruses can come from email, websites, discs and other computers within your network.  A virus can be a program that simply causes your computer to slow down, monitor your actions, or it can totally wreak havoc on your computer system, forcing you to reformat your computer. The best way to avoid viruses is to only download files or software from the web that are from very reliable sources. Viruses can work to immediately disable or control your computer, or they may wait for a certain date to activate.  Malware includes computer viruses, worms, trojans, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software, including true viruses.

Most antivirus software can prevent viruses quite easily.  Antivirus software is a program that searches your hard drive for any known or potential viruses.  The most common strategy to catch a virus is called signature-based detection and involves searching for known malicious code. However, it is possible for a user to be infected with a new virus.  To detect new/unknown viruses (or, zero-day threats) something called heuristics are used.   These heuristics take a number of forms…one approach is looking for “generic signatures” which is just searching for variants of existing viruses by looking for known malicious code (or slight variations of such code) in files. Some antivirus software can actually open, and run, the file as you download it to see if it’s harmful prior to it getting on your hard disk.  Software companies use the term “sandbox” to describe this.

When choosing antivirus software is best for computer security it’s always best to see expert ratings on sites like CNET/Download.com, and others.  But, the best bet it using one of the top vendors who have features like heuristics for finding zero-day threats.  Currently the top antivirus software is AVG who have both a free and paid version.

Worms

A computer worm is a software program that is designed to copy itself from one computer to another, without human interaction. It is like a virus, in that is self-replicates, but unlike a computer virus a worm can copy itself automatically and it does not need to attach itself to an existing program..  Worms can replicate in great volume. For example, a worm can send out copies of itself to every contact in your e-mail address book, and then it can send itself to all of the contacts your contact’s e-mail address books.  Some worms spread very quickly. They clog networks and can cause long waits for you (and everyone else) to view Web pages on the Internet. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.  Many worms that have been created are only designed to spread.

You might have heard of specific computer worms, including the Sasser worm, the Blaster worm, and the Conficker worm.  The best way to avoid worms is using a good firewall.  However, antivirus software usually also works.

Adware

Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used.  Advertising functions are integrated into or bundled with the software.  The advertising code notes what types of sites you visit, and what you are searching for.  It then will display advertising relevant to the types of goods and services you’ve been viewing…So, in a nutshell, you go to a website, download free software, and you end up getting pop-ups, or other ads, on your computer as a result.

The justification for adware is that it helps recover programming development cost and helps to hold down the cost for the user.  Some adware is many times included in shareware, and so the word may be used as term of distinction to differentiate between types of shareware software. What differentiates adware from other shareware is that it is primarily advertising-supported.  Usually shareware has a purchase component.

Some types of adware are also spyware and include code that tracks a user’s personal information and passes it on to third parties, without the user’s authorization or knowledge.  Avoiding adware is usually done by installing anti-spyware software.  Popular software to remove adware is Ad-Aware, and Malwarebytes.  Both have a free version that work well, with a more thorough paid version.

Phishing

Phishing is the fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by pretending to be a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users.

Anti-phishing measures have been implemented as features embedded in browsers, as extensions or toolbars for browsers, and as part of website login procedures.  You can avoid phishing by being very selective about sites you give information to, look for authentication seals to be up to date, only give credit card information to secure  sites, and use anti-phishing browsers or security software.
* According to Bigfoot Interactive 2005 study.