Computer Security - Where Do I Start?
To click or not to click – that is the question. Not a bad place to start. The person at the keyboard it the person with the most control over whether or not that computer gets infected. You are the last defense. Most of the safeguards we have in place or that are mentioned here can be circumvented by one wrong click from you. What can one wrong click do?
Give access to
- Your email account
- Your banking information
- Passwords stored on your computer
Run a program to
- Use your address book to send spam messages
- Use your computer in cyber crime
- Disable your virus protection or firewall
- Gather personal information on your computer and forward it to the virus writer
One wrong click can even allow someone to turn on the microphone on your computer and listen in on your conversations.
So, how do you know what is safe to click?
Think twice before clicking
- An attachment in an email message
- Any pop-up box on the Internet
- When the browser asks for permission to – download, run or install a file
- Running a macro you didn’t create
- Any time you are suspicious
Now that your clicking is under control, what else should you do…..or should have already done?
Did you know that in tests it takes less than one minute for an unprotected computer to be infected when connected to the internet? Yup – and that isn’t even while browsing the web. That is why it is important to have several defensive layers. What are they?
- Think about the physical security of your computer. Do you leave the computer logged in and your office door unlocked? Do you have the password to your computer saved so that you never have to enter it? Do you have the password written down and taped to your monitor? Always use a password, always log out when you leave your computer and never advertise your password.
- Do you have personal student information on a laptop that travels with you? Ask yourself questions about what files you save and where you save them. Files stored on your computer are one layer less secure than files stored on one of the network drives. Does that file need to be on your laptop or can it be on the network.
- Use and maintain anti-virus software — Anti-virus software recognizes and protects your computer against most known viruses. Here again, your are the last defense. Make sure you know how your anti-virus works. Check it to make sure it is running and staying up to date. Augustana has a license for Symantec Anti-virus software. It should be running on every campus computer. Is it up to date? (double click the yellow shield and check the date) This license also allows you to use this program on your home computer.
Use good passwords — Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and do not choose options that allow your computer to remember your passwords. It isn’t really a password then.
What is a good password
- It can’t be obvious. No dictionary words. Programs that try every dictionary word are easily available. That program can run in just a few minutes. It can run locally or over the Internet.
- It must contain non-alpha characters
- Use upper case and lowercase letters
- Try what looks like random letters, but means something to you like i2wbiM!Hay (I too was born in Minnesota! How about you). Easy for you to remember, hard to guess.
- Make sure it is long enough – never less than 6 characters
- What is a good password
- Never walk away from your computer without “locking” it or logging out. With the “always on” connection that we have at Augie and many of us have at home through cable or DSL comes the convenience of instant access and risk that someone will gain access to your computer. When you leave for the day or go to bed at night – turn the computer off. If you leave your office or desk, lock the computer with a password protected screensaver or by using the Control/Alt/Delete “Lock Workstation feature”
- Keep software up to date — Install software patches so that attackers can't take advantage of security holes. Make sure your Windows Updates are set to run automatically. Do the same with other software that you run.
Learn about spyware and Install a Spybot – Search and Destroy– spyware (also called adware) is software that gets installed on your computer and sends you pop up ads, redirects your browser, tracks your browsing and could even capture your keystrokes. Because of all the “stuff” it is doing it can also cause your computer to be very slow. If you would like to install Spybot please call the HelpDesk and we can help you install this software or you can download it and install it yourself. http://www.safer-networking.org/en/spybotsd/index.html
How do you know if you might have spyware?
- Many many pop-up windows
- Your browser is redirected to web sites you didn’t type in
- Extra toolbars appear in your web browser
- Your home page is suddenly change d
- Random Windows error messages begin to appear (“Dumping Physical Memory”)
- Your computer suddenly seems very slow when opening programs or processing tasks (saving files, etc.)
How do you keep from getting infected with spyware?
- Don't click on pop-up windows —Pop-up windows are often spyware, clicking on the window may install spyware software on your computer. To close the pop-up window, click on the "X" icon in the titlebar never click the close button on one of these pop up windows.
- If you don’t know – choose no —Unexpected dialog boxes asking whether you want to run a particular program or perform another type of task should always make you suspicious. Always close the dialog box by clicking the "X” in the upper right corner
- “Free” isn’t always “free” — There are many sites that offer customized toolbars or other features that appeal to users. Don't download programs from sites you don't trust, and realize that you may be exposing your computer to spyware by downloading some of these programs.
- Don't follow email links claiming to offer anti-spyware software — Like email viruses, the links may serve the opposite purpose and actually install the spyware it claims to be eliminating. Some of these infections are VERY difficult to clean up and an entire rebuild of the operating system might be needed.
- Adjust your browser preferences to limit pop-up windows — Pop-up windows are often generated by some kind of scripting or active content. Adjusting the settings within your browser to reduce or prevent scripting or active content may reduce the number of pop-up windows that appear. Some browsers offer a specific option to block or limit pop-up windows.
- How do you know if you might have spyware?
What about email?
Even with a spam filter, my inbox is so full of junk it is hard to sort the good from the bad. What about attachments and those crazy phishing messages. What’s with them? Is it ok to email file with confidential information? What do I need to know about email?
There are some steps you can take to reduce the amount of spam you receive:
- Don't give your email address out just anywhere — Seems like everyone today wants your email address. Before you fill in that email address blank ask yourself a few questions. Why do they want your email address? Do you want to get email from this place? Always or just this once?
- Be aware of options selected by default — When you sign up for some online accounts or services, there is often a section where you can sign up for newsletters or announcements from “vendor partners”. These options are often checked by default. Look to make sure you have unchecked these boxes.
- Don't follow links in spam messages — Some spam relies on “guessing” email addresses and some relies on using lists of addresses from other places. If you click a link within an email message or reply to a spam message, you are just confirming that your email address is valid. Unwanted messages that offer an "unsubscribe" option are particularly tempting, but this is often just a method for collecting valid addresses that are then sent other spam. Reputable vendors will have this “unsubscribe” option and it is fine to use it. Just make sure you trust the vendor in the first place.
- Disable the automatic downloading of graphics in HTML mail — Many spammers send HTML mail with a linked graphic file that is then used to track who opens the mail message — when your mail client downloads the graphic from their web server, they know you've opened the message. Disabling HTML mail entirely and viewing messages in plain text also prevents this problem. The new GroupWise has this feature built in.
- Consider opening an additional email account — There are many places to get free email addresses these days – Gmail, hotmail, yahoo. Signing up for one of these free accounts gives you an address to use when you MUST submit an email address, but don’t really want to give your “real” one. You can use this address for online shopping, signing up for services, posting in chat rooms or bulletin boards. This helps keep some of the spam out of your primary account. etc
- Don't spam other people — Be a responsible and considerate user. Some people consider email forwards a type of spam, so be selective with the messages you redistribute. Never forward messages to everyone in your address book. If you do forward or send a message you think might end up being forwarded by others ALWAYS use the blind-carbon copy option. This safeguards the addresses for those you are sending messages.
What about chain email – I’m sure you have seen them. There are several types
- “Chicken Little” variety. Your hard drive will be erased! Your computer will be infected! Pass this on to everyone you know!!!! Most of this type are untrue. You are being warned about an email message that doesn’t exist. This type wants only to create excess network traffic while people endlessly forward these messages and create more things to worry about.
- Chicken Little with a twist. These are more destructive. Again, the message tells of great danger. If you don’t “click this link”, “delete this file”, “install this program” your computer will be infected. The problem with this one is that by clicking the link they give you, you have just infected your own computer, or by deleting the file that they say proves you have a virus you make your computer unable to boot. Maybe it is from “your bank” telling you that if you don’t send them your account number and password your account will be closed – Never believe this.
- Timely Messages – These take advantage of what is happening in the news. “To get your tax rebate check faster – fill out this form with your bank account information” This of course gives the “bad guys” access to your personal information and your bank account. “To see a great fireworks video click here” This installs malicious software on your computer, sometimes infecting it to infect others
- “Make a Million” forward this message to everyone you know and Microsoft will pay you for each message delivered – Sound too good to be true? It is.
- Urban Legend – “MacDonald’s hamburgers contain worm meat” “Rub lip balm on a scantron sheet and get a perfect grade” “The presidential candidate who refuses to shower” Those wild crazy rumors that everyone wants to believe, because it is such a good story. ---but they are not true.
When one of these messages shows up in your inbox, what do you do? How can you tell if it is a hoax?
- There are multiple spelling and grammar errors.
- They ask you to forward the message.
- The message says “this is not a hoax”.
- You can tell the message has already been forwarded many times.
- Here are two sites that you can use to check out message you wonder about. www.snopes.com , http://www.symantec.com/avcenter/hoax.html
What about attachments? My Mom wouldn’t send me a virus! Attachments are one of the most powerful features of email. You can send and receive word processing documents, spreadsheets, photos, oh yes, and viruses. Here are some tips for working with attachments.
- Don’t send confidential documents through email . – Even though email seems secure, you don’t have any way of knowing how the message will be handled after you click send. It seems like sending a message to another Augie address should be safe, but where is the recipient reading the message? On an open wireless network at a coffee shop in China? Do they forward their Augie email to another email address? Are they reading it at home on a computer loaded down with spyware just looking for information to grab? If you need to transfer files like this contact ITS for suggestions on the best way to do it.
- Be wary of unsolicited attachments, even from people you know —Viruses can "spoof" the return address, making it look like the message came from someone it didn’t. If you were not expecting and attachment from this person or the message just doesn’t sound like them. If you have any doubts, verify with the sender – that they really did send it.
- Use the GroupWise “View Attachment” feature — This lets you see the attachment without running the program. A much safer way to check out attachments
- Some file types blocked — There are some file types (like exe) that we block at our SPAM firewall. These are file types that 99.9% of the time are viruses when they are sent in an email. If you have need to receive a blocked file type, contact ITS for alternative ways of getting that file.
Browsing the web – is it safe?
There are a few simple things that you can do to make your browsing safer.
- Change the security settings to a higher level. Increasing your security may affect the functioning of some web sites, but it could prevent you from being attacked. You can always allow exceptions for sites that you trust.
- Make sure your virus protection, operating system and browser all have the newest patches.
- Make sure the pop up blocker in your browser is active
Where do I find the security settings?
Each web browser is different, so you may have to look around. In Internet Explorer, click on Tools on your menu bar, then Internet Options , then the Security tab, and click the Custom Level button. However, in FireFox, you click Tools on the menu bar, then Options, and click the Privacy & Security icon to explore the various options.
How do you know what your settings should be?
Ideally, you would set your security for the highest level possible. However, restricting certain features may limit some web pages from loading or functioning properly. The best approach is to adopt the highest level of security and only enable features when you require their functionality. You are given the opportunity to exempt sites from the security measures. You can choose to exempt for just this time or always.
What about shopping online. What should I know about that?
Online shopping has become a popular way to purchase items without the hassles of traffic and crowds. However, the Internet has unique risks, so it is important to take steps to protect yourself when shopping online.
How can you protect yourself? Many of these will sound very familiar.
- Use and maintain anti-virus software, a firewall, and anti-spyware software –
- Keep software, particularly your web browser, up to date –
- Check your browsers security settings
- Use reputable vendors - Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor. Some attackers may try to trick you by creating malicious web sites that appear to be legitimate, so you should verify the legitimacy before supplying any information (see Avoiding Social Engineering and Phishing Attacks and Understanding Web Site Certificates for more information). Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill.
- Take advantage of security features – Make sure to use strong passwords.
- Be suspicious of emails asking for information - Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information. Legitimate businesses will not solicit this type of information through email.
- Check privacy policies – Make sure this vendor will be careful with your personal information and not sell it.
- Make sure your information is being encrypted – Look for the closed padlock when entering personal information (login, password, credit card info). The URL should also change from http to https indicating that this is a secure site. Make sure that the sites use SSL, or secure sockets layer, to encrypt information.
- Use a credit card - Unlike debit cards, credit cards usually have a limit on the amount you will be responsible for paying if your information is stolen and used by someone else. You can further minimize damage by using a single credit card with a low credit line for all of your online purchases. Some credit card companies offer a special number for you to use for online purchases.
- Check your statements - Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately
What is file sharing? I hear I can get some good stuff that way.
File sharing if VERY risky behavior. Whether or not the files are legal to share doesn’t even figure in to the biggest risk. File sharing uses technology to allow internet users to share files that are saved on their computers. Peer-to-peer (P2P) applications, such as those used to share music files, are some of the most common forms of file-sharing technology. (Gnutella, BearShare, LimeWire, BitTorrent, etc.) However, P2P applications introduce security risks that may put your information or your computer in jeopardy. NEVER, NEVER, NEVER install file sharing software on your Augustana Computer. We spend hours each semester cleaning off student computers that are so infected with spyware and viruses that they are useless, and all because of file sharing programs. For a very current real world example check out this article from the July 9, 2008, Washington Post. http://www.washingtonpost.com/wp-dyn/content/article/2008/07/08/AR2008070802997.html?hpid=topnews If you have this software installed, please call me and I will come and remove it for you. (No questions asked, no scolding…I promise)
Why is it risky?
- Malicious code — When you use P2P applications, it is impossible, to know that the source of the file is trustworthy. You could be downloading from anywhere. Attackers may incorporate spyware, viruses, Trojan horses, or worms into files that are popular downloads. When you download the files, your computer becomes infected.
- Sharing Personal Information — By using P2P applications, your computer may become infected with viruses or spyware that collect your personal information and share it with the attacker. Sometimes you help the attacker by giving out the information by filling out a form, required before you can download the file. Once information has been exposed to unauthorized people, it's difficult to know how many people have accessed it and what they will do with it.
- Susceptibility to attack — Some P2P applications may ask you to open certain ports on your firewall to transmit the files. However, opening some of these ports may give attackers access to your computer or enable them to attack your computer by taking advantage of any vulnerabilities that may exist in the P2P application.
- Prosecution — Files shared through P2P applications may include pirated software, copyrighted material, or pornography. If you download these, even unknowingly, you may be faced with fines or other legal action. If you store student information on your system that is exposed, you put the college at risk of being sued if that information is shared.
How do wireless networks work? What are the risks?
As the name suggests, wireless networks, sometimes called WiFi, allow you to connect to the internet without relying on wires. You can access the Internet from anywhere that is within that wireless area.
This makes it is possible for attackers who are within range to hijack or intercept an unprotected connection A practice known as wardriving involves individuals equipped with a computer, a wireless card, and a GPS device driving through areas in search of wireless networks and identifying the specific coordinates of a network location. This information is then often posted online. Some individuals who participate in or take advantage of wardriving have malicious intent and could use this information to hijack your home wireless network or intercept the connection between your computer and a particular hotspot.
When the hotspot you’re on doesn’t use encryption, (most public sites don’t) someone who intercepts your data can read whatever you’ve sent-whether it’s a private email or a user name and password combination. Hotspots are in public places where people can simply look over your shoulder to peek at login and password information or other confidential information you may be viewing. Cybercriminals also use a variety of tactics to get at your information. They may intercept the data as it comes and goes over the wireless or they may use phishing tactics to get you to join a network they have set up very near a legitimate hotspot. They trick you into thinking you have connected to that legitimate hotspot and ask you “new account” questions. (credit card numbers, login, password) they may also redirect you to other fraudulent websites.
Security is Up To You
With these very few security measures in place-you become the last stop for protecting yourself at public hotspots. Here are some things you can do to keep yourself safe:
- Make sure no one is peering over your shoulder when you log into your operating system, email, IM, or other accounts.
- Be on the watch for suspicious behavior; never leave your laptop or handheld device unattended.
- Turn off file sharing when you’re using a hotspot, and try to minimize the amount of sensitive, personal data you store on your laptops and mobile devices. Do you ever need file sharing turned on?
- Turn off your wireless card when you’re not using it.
- Don’t do your online banking or trading at a public hotspot. Save it for a more safe and controlled environment.
- Make sure you’re on a legitimate hotspot by checking with the host to confirm the network name and connection process.
- Rather than letting your wireless card automatically join the nearest network, manually select the hotspot when you connect.
- When you’re on a public hotspot, you have no idea what infections other connected computers might have, or whether there may be a hacker prowling the network. Make sure your virus protection is up to date.
- Make wise computing decisions. Always avoid using hotspots for important communications or transactions.
Home Wireless – Are you the neighborhood Hotspot?
Home wireless networks are becoming increasingly popular, but they introduce additional security risks. If you have a wireless network, make sure to take appropriate precautions to protect your information. You don’t need to be an open wireless network – hotspot for the neighborhood. If people can hop on to your wireless network they can also “sneak” into the hard drives on your computers and steal your personal information. Do you have to worry about your neighbors using your wireless? Probably not, but do you leave your house unlocked at all times whether you are home or not because you are not worried about the neighbors breaking in? No, it’s the people you don’t know that you are worried about. It’s the same thing. It is probably not the neighbors you have to worry about. Remember activity legal or not legal traced back to your wireless access point, looks like it is coming from you.
What can you do to minimize the risks to your home wireless network?
- Change the access point password —wireless access points, are pre-configured with default administrator passwords. It is very important to change this password. The default passwords are easily obtained on the web. Changing default passwords is the first step in securing your wireless network.
- Restrict access — Require users of your wireless network to use a password to access the network. This password should be given only to people you want on your network.
- Encrypt the data on your network — look for an access point that uses WPA security. It is easy to set up and allows the use of passwords. It is compatible with both PCs and Macs.
- Change your SSID — This is the name your access point shows when users are connecting to it. Try and be creative with the name. Don’t use your family name, address or other name that would make figuring out where it is located easier.