One of my SOHO clients complained that her computer was sluggish. When we could not load Windows XP SP2, it was clear something was seriously wrong. Sure enough, the computer had been infected by malware (malicious software) that the current anti-virus software did not stop. After attempting to salvage both the system and data, we ultimately reloaded all the software from scratch to clear the computer. My client learned a painful lesson about backing up important files and the dangers of indiscriminate Web surfing and IM (instant messaging).
We have all been bombarded by news stories that emphasize the need to be careful about e-mail so that you won’t be infected by computer viruses. As good net citizens, you think because you have installed anti-virus software and turned on the built-in system firewall, you are safe. This is especially true if your business doesn’t use your computers for much more than the usual word processing, financial records, Web surfing and IM.
Unfortunately, this level of protection is no longer enough; you are still open to attack from the next tidal wave of malware, spyware and other nastiness that can take over your computer and ruin your day. What is even more disturbing is that the new generation of malware programmers is not doing this for fun or to be annoying any more. They are serious programmers who are writing professional software that is specifically designed to capture personal information and use it with criminal intent. This month we will learn how malware penetrates computer defenses, which systems it is likely to target next and what to do to protect yourself from the next generation of malicious software and security holes.
Malware and Spyware Unmasked
The names are silly, “Lasco.A” (a virus that attacks smart cell phones), “not-a-virus:RiskWare.Tool.AIDA.3862” (a program that imbeds itself in your computer and turns it into a zombie) or “Absolute Keylogger” (a code that records keystrokes to steal passwords and user account information), but their intent is absolutely serious and very dangerous.
There are literally thousands of programs, some legal, many not, which can infect your computer. In the bad old days, the malware would merely destroy your files or crash your machine and e-mail itself to all your friends. Annoying yes, but once the machine was cleaned and your friends informed you weren’t likely to find unpleasant surprises on your next Visa bill as a result of your encounter.
The good news is that most new forms of malicious code are not going to destroy your computer; that is much too easy and obvious. The bad news is that the most recent malware is now being written to have a disturbingly more sinister purpose — identity theft, where criminals use your credit card and other personal information to steal and defraud. My husband, for example, found that he had been charged for 17 AOL accounts — none of them his, because he had innocently purchased something on a Website that had been hacked. It took weeks to straighten out the mess, never mind the inconvenience of canceling the credit card.
Taking Over a Network Device Near You
If that’s not bad enough, malware is no longer just something you get from opening the wrong e-mail, and your computer is not the only electronic network device that’s vulnerable. In addition to vulnerabilities in IM, Web browsers and other Internet-aware software, the next generation of malware is already taking advantage of software security weaknesses in cell phones, PDAs (Personal Digital Assistants) or other “smart” devices.
As people increasingly distrust e-mail or want to get away from the deluge of spam, instant messaging and chat technology has become the electronic communication medium of choice. IM is fast and more immediate, but it is just as vulnerable to malware, possibly more so because the code is often completely invisible to the user. The recent “Oscarbot-B” or “Doyorg” code hijacks the list of contacts or “buddies” in an infected user account of AOL’s instant messaging software, AIM.
Any electronic device that has software and is on the public IP network (i.e., the Internet), or any program that exchanges data over any open network (Bluetooth or Wi-Fi for example) is vulnerable to security breaches. The good news is that there has not been much criminal activity on cell phones — yet.
The first virus was detected in June 2004. But don’t be too complacent. According to the Asset Protection Corporation (a security firm monitoring the most recent Academy Awards ceremony), was able to detect nearly 100 cell phones with smart technology that were “vulnerable to privacy invasions that recently gained actor Paris Hilton unwanted notoriety”. Now that hackers have realized there is money to be made from stealing personal information, it is only a matter of time before this will become a major problem.
PDAs are another opportunity for the cyber-criminal community. Once the malware writers decide that there’s value to the increasingly sophisticated information that people store on their hand-held devices, there’s nothing to stop them. There have already been a few Trojan programs (programs designed to work by hiding in a system without the owner’s knowledge) for both the Palm and the Pocket PC, but so far nothing that is too serious. Both cell phones and PDAs currently have few defenses against future attacks.
Signs of Infection
Since the new crop of malware writers is more interested in criminal activity, they have been working hard at making the code more invisible. According to the Kaspersky Lab’s Web site, signs that your sytem(s) could be infected include:
- Unexpected messages or images suddenly appear
- Unusual sounds or music play at random
- Your CD-ROM drive mysteriously opens and closes
- Programs suddenly start on your computer
- You receive notification from your firewall that some applications have attempted to connect to the Internet, even though you did not initiate anything
Protecting Your System
At this point you might think that malware is unstoppable. It is difficult, but you can protect yourself if you practice good security hygiene at all time. Follow the practices listed below, and you will reduce your risk considerably.
- Maintain your anti-virus software and configure it to scan everything
- Install all security related systems patches or service packs
- Install and maintain Spybot Search and Destroy, Microsoft’s AntiSpyware, or similar anti-spyware applications. Running multiple products is better.
- Install and maintain both a personal and site firewall system
By practicing good computer hygiene and keeping all your protection current, you will limit your risks of getting infected by the latest nasty malicious software. But remember: always be vigilant for signs that you have been compromised.
Beth Cohen is president of Luth Computer Specialists, a consulting practice specializing in IT infrastructure for smaller companies. She has been in the trenches supporting company IT infrastructure for over 20 years in a number of different fields including architecture, construction, engineering, software, telecommunications, and research. She is currently consulting, teaching college IT courses, and writing a book about IT for the small enterprise.
Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!