Just as one threat gets a fix, out comes another one

by

Published: November 29,2004

It used to be computer viruses were the biggest concern regarding the security of your PC. Now there are other kinds of “malware,” which is short for malicious software. There is adware, spyware and programs that actually hijack your computer, taking it over for purposes such as using your system to deliver spam or viruses to other PC users.
Adware is a software application that displays advertising banners. Adware often includes additional code that tracks a user’s personal information and passes it on to third parties, without the user’s authorization or knowledge. That is called spyware.

I thought I was protected from problems using the Internet frequently by using a virus checker that was updated regularly and a firewall. But it turned out my firewall wasn’t adequate. When my computer became increasingly slow and prone to frequently locking up, I first used a free program that is supposed to remove adware. That seemed to help, but didn’t resolve the problem.

When I took the computer to a professional computer repair service, they told me that I had numerous hijacking programs on my system that were the cause of my maladies. And they told me the free adware program was worse than useless: while it removes some adware, it installed others.

I had to wonder. Who is winning the “malware” war? Certainly not users like myself. I had many hours of lost productivity in addition to the $75 computer repair bill.
Microsoft has been blunt about warning people that malware continues to be a grave concern.

“Although many organizations have deployed antivirus software, new viruses, worms and other forms of malware (malicious software) continue to rapidly infect large numbers of computer systems,” Microsoft says. “There is no single reason for this apparent contradiction, but fundamental trends are apparent from feedback Microsoft has received from IT professionals and security staff in organizations whose systems have been infected, including such comments as:

• The user executed the attachment from their e-mail even though we’ve told them again and again that they aren’t supposed to.

• The antivirus software should have caught this, but the signature for this virus hadn’t been installed yet.

• This never should have made it through our firewall; we didn’t even realize those ports could be attacked.

• We didn’t know our servers needed to be patched.”

According to Microsoft, the success of recent attacks illustrates that the standard approach of deploying antivirus software to each computer in an organization may not be sufficient.

“Recent outbreaks have spread with alarming speed, faster than the software industry’s ability to detect, identify and deliver antivirus tools that are capable of protecting against attack,” Microsoft warns.” The techniques demonstrated by the latest forms of malware have also become substantially more advanced, enabling the most recent outbreaks to evade detection and propagate.”

I asked one of the state’s top computer security experts for his take on the malware war. Dr. Ray Vaughn, associate professor of computer science and engineering and director of Mississippi State University’s Center for Computer Security Research, said each time a defense is deployed, people are creating malware to find a way around it.

“It is still important that a user take all of the precautions you can take,” Vaughn said. “Some involve common sense. You can’t automate every defensive system on your system. We have a saying in the computer security field that a dancing snowman will win out over security any time. Someone will often click on an executable file to see a dancing snowman on the screen even though you don’t know where it came from, and it could contain malware. Just because you have virus checker on your system doesn’t mean a file couldn’t be disguised so your virus checker doesn’t recognize it.”

Users need to take personal responsibility and be careful not to open e-mails from people they don’t know, or from friends who might have gotten the e-mails from an untrusted source. And, very important, don’t click on executable files. It is also important to not download software from sites unless you are sure they can be trusted.

“When a box comes on the screen that says, ‘This is coming from an untrusted source, do you want to download anyhow?’ say no,” Vaughn recommends. “Most people who exercise good safe computer practices, use updated virus software and are careful what files they open up don’t really have a serious problem with malware. But yes, malware is continuing to increase because it is easy to create.”

He strongly advises being aware of the dangers when you are on the Internet. Don’t rely totally on technology to protect your computer. Technology is important, but it has to be supplemented by user awareness.

Recent research has shown that a majority of PC users in the U.S. are not updating their virus checking and spyware programs regularly, and are also making other security mistakes such as clicking on executable files or failing to maintain a firewall. The latest version of Windows XP (with Service Pack 2) contains a firewall that most experts believe is sufficient protection for home computer users.
Vaughn said it is particularly important to use a firewall if you are attached to a cable modem or DSL.

“If you are using dialup, you are not live on the Internet all the time,” Vaughn said. “If you are using DSL or a cable modem, you have what is called a hard IP address, and people can access your computer at very high speeds. Unless you have a firewall to keep people from coming into the machine, they may find someway to get in.”

Having a program to prevent spam is part of safe computing. Vaughn said it is estimated that one out six spam messages today contain some type of malware. Most Internet service providers provide some type of spam filtering, but it isn’t necessarily automatic. Users have to set up the service, and then check to make sure messages they do want to receive aren’t being raked off by the spam filter.

There are a number of programs out there to prevent “data mining,” software that can steal information from your computer about what Web sites you visit. Vaughn uses a program called “Spybot.”

There is no one software program a consumer can purchase to deal with all of the malware problems.

“Unfortunately, it isn’t that easy,” Vaughn said.

I asked Dr. Vaughn about my perception that the other side is winning the malware battle.

“There is nothing new there,” he said. “They have been winning for the past 10 years.”

The Internet can be an especially dangerous place for children. Vaughn said just as you wouldn’t allow children to play in the street unsupervised, they should not be allowed to play on the Internet unsupervised.

Web “nanny” programs can be set up that prevent children from accessing inappropriate Web sites. Another precaution is software that allows users such as children only limited ability to make system changes including downloading software from Internet sites.

Ocean Springs-based freelance journalist Becky Gillette writers regularly for the Mississippi Business Journal. Contact her via e-mail at bgillette@bellsouth.net.

[RSS Feed] [del.icio.us]



To sign up for Mississippi Business Daily Updates, click here.

POST A COMMENT

 

FOLLOW THE MBJ ON TWITTER

Top Posts & Pages