Menu

Dr. Malware, or how I learned to stop worrying and love the Internet

0 Comment


Viruses, Worms, Trojans, Ransomware… they go by many names but they all mean the same thing. For now we’ll just call them all malware, short for malicious software. Malware is any computer program that does something we don’t like. It is kind of like the definition of a weed. If you didn’t plant it and you don’t want it there, it’s a weed. Your weed may be someone else’s flower, although that isn’t often the case with malware.

Whatever it’s called, most people have the same reaction when they hear someone was “infected”. You did something you shouldn’t have and now your computer is broken. Except neither of those things are true. With very few exceptions, malware is going to affect how the software on your computer functions, not the computer itself. This is good news because software is much easier to fix than hardware. More importantly, getting infected with malware doesn’t mean you did anything wrong. One of the most common ways malware is spread is when a bad actor creates an ad with malware in it and then submits that ad to an advertising service. This very legitimate advertising service then shows the ad on Facebook and Google and a hundred other sites where it is viewed by well-behaved internet users who can now be infected. So getting infected doesn’t mean you did anything wrong, but this also means you can’t protect yourself by just staying on “safe” websites.

You can do a lot to protect yourself though. It’s pretty easy, and free, to do. Here is a list of helpful tools and practices that can protect you and your computer.

Antivirus Software

This is important if you are using a Windows PC. If you have a Mac you can skip this section. Antivirus software looks at the programs installed on your computer and compares them to the “signature” of known malware. It will usually scan files you download from the internet and can be set up to scan your computer on a regular schedule. “But wait!” I hear you saying. “If it scans the files when I download them, why would I need to scan them AGAIN every week?” Good question, the answer is that the antivirus software can only find malware it already knows about. So you might get infected with something which the antivirus vendors have not seen yet (this is what we call a Zero Day attack. Sounds cool right?) but once the malware is identified, the vendors will update their “Definitions” meaning the list of viruses they know to look for, and when they re-scan your computer they will find and, hopefully, eliminate the malware.

Malware is just like any other program. The Windows version won’t run on a Mac and vice-versa. Most malware today is written for Windows. The good news is that Microsoft provides a very good antivirus program for free. The program is called Windows Defender and it comes free with all modern versions of Windows. Microsoft has some very simple instructions on how to enable and use Windows Defender.

https://support.microsoft.com/en-us/help/17464/help-protect-my-computer-with-windows-defender

Don’t use an admin account

This one is also MOSTLY for Windows people, but Mac owners should read this one as well. Both Windows and Mac have two basic kinds of accounts. Administrator accounts are more powerful and allow you to do things like install new software and make changes to security settings on your computer. User accounts usually cannot do these things. Since most malware needs to be installed or change settings to have any effect, using a regular user account when doing things like browsing the web or playing games can drastically reduce your risk of being infected. The best idea is to have one or more user accounts on your computer and to use these all of the time. You should have one or two administrator accounts and only use these when you need to make changes or install new software.

Macs have the same two kinds of accounts, but in Mac OS X it is a bit safer to use an admin account all the time. This is because whenever you try to do something that actually requires your admin permissions, you will need to type in your password. This next sentence is important for both Mac and Windows users:

 When you get a pop-up message, you MUST actually read the words in the message!!!

The message should very clearly explain what is about to happen and what program initiated the request. If it doesn’t, or you don’t understand it. Say No or click Cancel. Malicious programs can sometimes control the text in these pop-ups so sometimes you’ll see a pop-up like this:

Related image

In this case, the text may be misleading or just an outright lie. Notice the grammar in this example. If you get a pop-up like this and you have any doubt about the validity, click Cancel or No or Don’t allow.

Browser configuration

This issue is probably going to be covered in a future post, but for now, there is a very good summary over at UC-CERT about why and how to configure the major browsers for online safety, https://www.us-cert.gov/publications/securing-your-web-browser

Adblock plugins

As we mentioned earlier, one of the most common ways bad actors attack our computers these days is through ads. Additionally, ads are one of the main way our online activity is tracked, for good or evil. One of my favorite Adblocking plugins is AdBlock, https://getadblock.com/.

Leave a Reply

%d bloggers like this: