BECOMING CYBER SECURE
AND MALWARE
Does your computer have security
programs on it? Are they up to date? The
best ways to steer clear of viruses and
malware are to use an industry-leading
anti-virus software solution. There are
many types out there, and they don’t have
to break the bank, but having a level of
defense can go a long way.
On your anti-virus software, enable
the “auto update”, “auto-protect” and
“personal firewall” to ensure you always
have protection in the background and
that it stays updated. Also, when possible
use “whitelisting” solutions. Unlike most
of the anti-virus solutions that use a
“blacklist” to identify malicious files, these
solutions allow you to create a “whitelist”
of programs and applications that you
explicitly allow to run for your day to day
business. Everything else is automatically
blocked providing a higher level of
security.
TIP #5 – MAKE YOUR SYSTEM LESS
“VULNERABLE”
Did you know that majority of attacks
rely on un-patched operating system
vulnerabilities? Protecting your computers
against such attacks and making them less
vulnerable is as simple as turning on “auto
updates” for your computers operating
system. If you use Microsoft Windows,
this can be done by choosing to “automate
installation” of all “important updates”.
Similarly, other software applications
on your PC like Adobe should also be
configured to check automatically for
updates.
TIP #6 – DON’T FALL FOR ‘FREE’ USB
DRIVES
Who doesn’t like free stuff! It is nearly
impossible to go around a trade fair today
without walking out with a bag full of
“free” USB drives. While there is no harm
in collecting them and handing them over
to your kids as a toy, it might not be a very
good idea to actually plug them in your
home or work computer. If you don’t trust
the source of the USB drive, don’t plug it
in. These drives can very easily be used to
carry and deliver a malware or virus onto
your computer, allowing someone else
access to your important information.
In fact, this technique was used to
perpetrate the “worst breach of U.S.
military computers in history”. It started
in 2008, with a USB flash drive infected
by a foreign intelligence agency left in the
parking lot of a Department of Defense
facility at a base in the Middle East and
impacted the network of United States
Central Command. It took 14 months to
clean the network and the systems.
A recent study was done to determine the
success rate of this attack vector. They
dropped USB drives in a public parking
lot of government buildings and private
contractors. 60% of the people that picked
one up plugged the device into their office
computers. If it had a logo on it, 90%
plugged them in. These people didn’t
know where the drives came from but
used them anyway. Thankfully it was just
a study, but can you imagine if the impact
if it were an actual attack?
TIP #7 – AVOID BEING RANSOMED BY
“RANSOMWARE”
Have you or someone you know been a
victim of “Ransomware”? As the name
suggests, “Ransomware” is a computer
malware that “locks” all your data on your
computer by encrypting it and demands
a ransom payment to restore it. Usually
the ransom amount is a few hundred
dollars, unless you are an institution like a
BY:ANURAG SHARMA
CISA, CISSP, CRISC, MBA,
IS A PRINCIPAL WITH
WITHUMSMITH+BROWN
hospital, a local police department, etc. in
which case the ransom amount can run to
thousands of dollars. Just in the first three
months of 2016, these attacks increased
tenfold over the total entire previous year,
costing victims more than $200 million.
The easiest way to minimize the impact of
a “Ransomware” attack is to immediately
disconnect the infected machine(s) from
the network, reinstall the operating
system (yes just cleaning with an anti-
malware software is not recommended)
and restore from your last good backup
copy. That brings us to the key question:
Do you backup your laptop or desktop
daily? It’s never too late to start. How
else can you protect yourself from
Ransomware? And, if necessary, pay the
ransom to get your files back.
TIP #8 – IS PUBLIC WI-FI REALLY SAFE?
Public Wi-Fi is great. You can sign on
while on the go – from the coffee shop,
hotel or airport. But, using unsecured,
public Wi-Fi can come with risks. Hackers
can act as the “middle man” between you
and the connection point, seeing all traffic
and files you’re sharing.
How can you stay secure?
• Always use VPN connection when
possible. This will ensure a secure
conne