Monday, October 13, 2014

What is Malware?

fake-antivirus-scam


Malware, is a portmanteau of the words malicious and software. Often times Malware is associated with spyware and viruses, but can also be used as a means of transporting spyware or viruses onto a computer. Malware is usually installed onto a computer unknowingly to the “end user”, or person using the computer, through security vulnerabilities in a web browser. Other times the malicious software is designed to look and feel like regular software (a Trojan horse), like Antivirus, but then attacks the computer when ready. Here are a few ways that attackers use malware to their advantage.

Keyloggers: Malware can be used to hide a program that records all the keys pressed on your keyboard and then transmit the data to the attacker unknowingly to the end user. Attackers use this to get credit card information, usernames, passwords, and anything else that you can imagine that you type on a computer.

Botnets: A botnet is an infected computer that can be utilized by an attacker how and when they choose. Attackers use botnets to use computer resources, CPU power, memory or bandwidth, for attacking other computers. With a chain of computer resources at their power, attackers can shut down a website by flooding it with requests, called denial of service attack, or to use CPU power for cracking passwords or other malicious intent. The end user in these scenarios are usually not aware that their computer is infected or being used for malicious purposes, but they may notice a slowdown of internet speed or processing power.

Scareware: Some attackers use malware as annoyances to force an end user to pay the attacker to stop the annoyance, or to steal the end users information. This is probably the most commonly seen type of malware, because it is most notably found by having pop ups or system sluggishness all the time. Attackers like to disguise this type of malware as antivirus programs (antivirus 2009, crytolocker, etc…) or spyware programs to deceive the end user into believing that their computer is infected with a virus so that they will purchase the program to remove it. Once purchased, the malware then silently sits and either collects data or waits until the key expires to pop up again. The attackers then gain the credit card information that they can sell or use, plus your money for the purchase.

The two most common ways to get malware is by security vulnerabilities on the computer or by accidental acceptance by the end user. Microsoft, and most third party vendors, send out security patches to fix security holes regularly. Not installing these patches in a timely manner may allow an attacker to bypass security permissions and install applications without the consent of the user. The accidental acceptance usually comes in the form of a browser pop up that deceives the end user (i.e. Your computer is infected, click here to scan now) by mimicking common antivirus software, windows explorer, or that looks like a legitimate program.

Preventive measures for not acquiring malware is to be sure to keep your operating system and browsers up to date with automatic updates and by understanding ways that attackers use to deceive the end user. Be sure to have up to date antivirus software that is not expired.

Most antivirus software will not detect malware until it has already infected the system and does a poor job of removing it. In my IT experience, I have found a program that does a really good job at detecting and removing malware programs, and that is Malware Bytes. The program is free for detection and removal, and they offer a paid version (Subscription based, used to be a one-time lifetime license that you may still be able to get off Amazon) for doing real time detection and updating so that it is hands free for the end user. I recommend installing it on any computer running Microsoft Windows and doing regular scans as malware today has infected over one in four U.S. computers. (Statistic according to the Organization for Economic Co-operation and Development)

 

Information derived from multiple sources:

Monday, October 6, 2014

Backing up Important Data

During my first few months working as an IT Professional I really started to see the need for backing up files. I never realized how easily years of pictures could be lost because of a hard drive failure. That really got me thinking about backup solutions and what would be best for us as a family. We currently keep digitally pictures, some term papers from school, and most importantly all my work data. I thought about how devastating it would be to lose that data, and what I would have to tell the customers or even my kids when they grew up about their childhood pictures growing up. So now that I realized I had a need for a backup solution, I started trying to figure out what I wanted.There are two different types of backup solutions that I’d like to cover for the home user. The first one is backing up to a second hard drive. The other is an online (cloud) backup that is usually done with a third party backup provider or a hosting account. I will try to go over the benefits and downfalls of each, and give a few recommendations.














wpid-211-rFEAasL._SL500_SS100_-2014-10-6-21-00.jpgwpid-31XwhHrJsSL._AA160_-2014-10-6-21-00.jpg
(Apple Time Capsule, 2TB)(External Hard Drives ranging from $60+)

Backing up to a second hard drive within the home has many benefits. First is the security aspect, you know at all times where the hard drive is, whether internal to the computer or external. The internal gives you the ability to save your PC from hard drive crashes and your files will be there for restoration. However, if someone steals your PC or your house burns down or is water damaged, you have the potential of losing all your data. The external gives you the same ability to save your data but you get extra security or safe measures because you can lock them up in fireproof safes or a safe deposit box between backups. This is one of the most secure methods, and is recommended if you do not have high speed internet, worried about privacy, or just have a large amount of files (10gb+) that need to be backed up and regularly changed.

wpid-header-mozy-logo-2014-10-6-21-00.png
Online backups are awesome, if you have high speed internet, for three reasons. One, if something happens to your PC (fire, water, damage) your files are still accessible using any computer usually via a website. Two, your data is also backed up on someone else’s server so it’s potentially like having three backups. Three, usually it requires little to no intervention from the user and happens behind the scenes. Also for personal users, most of these backup hosting companies offer a small amount of space (usually around 2 GB) free of charge. They do this hoping to wrap you into backing up more files to purchase better plans.The down sides are that even with high speed internet, it can take a good amount of time and bandwidth to send the initial backup. Also, after a major crash, it could take hours to completely download your entire backup again. On the up side to this one, most backup companies now offer an overnight or 2-3 day shipping on DVD’s of your backup files. The most important downside is one that needs to be researched intensely beforehand, and that is, who is going to have access to the data while it is at the storage center.

For me, I used to use Mozy’s paid online backup, but due to my growing family and looking for ways to cut expenditures, I have recently changed to using an Apple Time Capsule for most of my documents, and Mozy with their free offering. I bought a previous version back to save money on my purchase. It doubles as my home wireless router and a network attached Storage so it doesn’t have to be shared from any single computer. My Mac computers backup to the device seamlessly using Time Machine and my Windows computers are mapped via a network drive and syncs files across. Mozy’s free service still provides all the same security aspects, and I highly recommend setting your own personal encryption key so that if someone hacks into your data, they can’t decrypt your files unless they are able to guess your key.