Many of us have heard the horror stories of cyberattacks and viruses that take over our computers, encrypt the files, and hold them for ransom until you “pay up.” It’s certainly a scary thing, and something that everyone should be aware of. There are steps you can take to protect yourself, but even being vigilant doesn’t always prevent the most malicious of viruses from attacking your computer.
One of our trusted Tuesday Tip contributing directors, Robert, recently let us know about a malvertising campaign that occurred early last week and affected major sites such as the New York Times, BBC, MSN, and AOL. The malware used vulnerabilities in those pages to gain access and was hidden in the form of advertisements. When these advertisements hit users, the page is redirected to servers which host the malware. From there, a tool attempts to find any back door into the user’s computer. If it gets in, it will install the crypto-locker software where it will begin encrypting the hard drive and hold it for ransom.
You may ask yourself how you can protect your computer if such major websites are being infected by malware. That’s a valid question, and there are certainly some precautions you can take to decrease your “attack surface,” or the number of points at which an attacker can enter your computer’s environment.
You can uninstall extensions such as Adobe Flash, Oracle Java, Microsoft Silverlight, and other third-party browser extensions. Many websites require these extensions and users need them to be productive, so the best option is often to use them on an as-needed-basis if possible. Next, try to keep your browser and computer as updated as possible by installing updates when they become available. Additionally, I have had an ad blocker activated on my Chrome browser for multiple years now and it has worked quite well to block ads from webpages. The name is AdBlock. It is a free extension, but they strongly encourage donations. By minimizing the number of ads served to your browser you will be limiting the opportunity for malvertising to make its way onto your computer.
For additional strategies to help keep your computer secure, you can check out the Department of Homeland Security’s great list of tips by visiting Protect Myself from Cyber Attacks. You’ll find more details at the website, but here are the basics:
- Never click on links in emails.
- Never open the attachments in emails unless you are expecting them and know what they are.
- Do not give out personal information over the phone or in an email unless you are completely sure of the legitimacy of the request and the identity of the person asking.
- Set secure passwords and don’t share them with anyone.
- Keep your operating system, browser, anti-virus and other critical software up to date. Security updates and patches are available for free from major companies.
- Verify the authenticity of requests from companies or individuals by contacting them directly.
- Pay close attention to website URLs.
- For email, turn off the option to automatically download attachments.
- Be suspicious of unknown links or requests sent through email or text message.
Last week, we also learned of a new form of the crypto virus. It was an email of a mock invoice with a Word document attached. It was sent by an unknown person to users who typically don’t receive invoices. If you receive something like this and you are suspicious at all, please do not open it. If you have a trusty Support Desk like the one at Network 1, forward the message on to them. They are the experts and can ascertain if something is legitimate. If you don’t have a trusted engineer you can send it to, you are better off deleting the email. If the person really needs an invoice paid from you, you’ll get a follow-up email or even a phone call!
We have written many Tuesday Tips on security, so feel free to browse back through them to learn more about how to protect yourself. Most recently you can read about Password Protocol, Medical IT Security Trends for 2016, and IT Best Practices for Law Firms. This is an area where the more information you have, the better.
With multiple years’ experience working with clients in many industries, Kate brings her skills and positive attitude to benefit Network 1’s team, clients and partners. She strives to provide the best service and solutions to her clients so they can achieve greatness through Worry-Free IT.
firstname.lastname@example.org or 404.997.7653
Network 1 Consulting is an 18-year-old, IT Support company in Atlanta, GA. We become – or augment – the IT department for law firms and medical practices. Our IT experts can fix computers – but what our clients value most are the industry-specific best practices we bring to their firms. This is especially important with technology, along with regulations and cyber threats, changing so rapidly. We take a proactive approach to helping our clients use technology to gain and keep their competitive advantage.