Often clients ask me why people do this? Why would someone write this type of software? Who has the time? The primary motivator is monetary gain!
Think about that! How much banking do you do online? What about using your credit card online? Accessing your email or other online services (i.e. Google Adwords, Amazon.com, PayPal, etc.)? Each unique set of credentials an attacker steals sell for $25 (the current online rate). Take for example UC Santa Barbara, its campus was infected with the Torpig Botnet for 10 days; during those 10 days the attackers stole nearly 300,000 set of credentials (usernames, passwords, etc.) from over 52,000 infected machines. In 10 days, the attackers potentially made over 7 million dollars by selling each of those credentials. I won't go into where you would go to sell this information, but it's big business. In addition, while your machine is still infected, its use is sold to others who want to use your PC to generate and send spam (a revenue generator as well); it's a vicious cycle.
The sad truth is that Windows PCs are the most vulnerable to these types of attacks because: 1) economies of scale (Windows PCs have over 90% market share, making it a rich target) and 2) inadequate security settings on those Windows PCs. No computer or device connected to the Internet is 100% safe (including Macs); if someone wants to get access and they put in the effort, they'll get in. Market share aside, Windows PCs are the easiest to infect because by default you are logged in as an administrator on the PC with full access. Linux & Macs don't run as the root user by default (by design). Microsoft has taken steps to remedy this problem with Windows Vista/7 with a feature called UAC; every time a program wants to make a change to the system, Windows will prompt you for permission. But then the question still remains: how do I know if it's safe to run this program? All this boils down to end-user education really. You can have the latest anti-virus/malware programs and the latest updates, but if you visit an infected website or open an email attachment with a virus (the two primary ways Botnets spread), chances are good you'll be owned!
How to Keep Safe Online
Protecting yourself requires a multi-prong approach - there is no silver bullet!
The first thing you should do is have anti-virus software installed and enable your firewall. Both Symantec and McAfee are excellent anti-virus solutions and industry leaders in this field. Microsoft has released a free solution called Microsoft Security Essentials (http://www.microsoft.com/Security_Essentials/), which will protect your Windows PC from both viruses and malware. Although, the idea of Microsoft policing itself may make some folks nervous. However, in my experience Security Essentials does a decent job and it's free. And while enabling your firewall is better than not having one at all, remember it's no guarantee. If someone wants to get in, they'll find a way.
Go download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam.php). This is the best solution I have encountered when cleaning up infected PCs. It's free for home-use and does an excellent job at detecting malware and Trojans. You can purchase a Pro version that will provide real-time protection so you don't have to run a scan manually each time you're looking for infections. Sometimes to remove stubborn infections you have to reboot Windows into Safe-Mode (restart Windows and keep hitting the F8 key until you get a DOS looking menu system; select any of the Safe-Mode options and let Windows boot as usual; then run Malwarebytes).
Keep your Windows OS updated. It's free and there is no reason not to install the free patches Microsoft provides for its OSes. Check your Windows Updates setting in Vista/7 in the Control Panel, of if you're on Windows XP and below go to windowsupdate.microsoft.com.
Use a safe browser. Stay away from Internet Explorer 6. In fact, if you're still using IE 6 go buy a new computer, or give me a call so I clean up your machine because chances are your PC is part of a Botnet. Internet Explorer 8 is a much safer browser than its predecessors; and Firefox, Chrome, and Opera are all worthy too. My only concern with third party browsers is their plug-in architecture, which themselves can have security flaws.
Implement OpenDNS in your home and/or business network. OpenDNS keeps you from unintentionally going to websites known to spread malware/Trojans, etc; plus you can filter the Internet sites users access on your network (i.e. block adult themes sites). The best part is this service is free! (Perhaps I'll do a video training on this topic if I garner enough interest).
Lastly, don't run your PC as an administrator, unless you absolutely know what you're doing. In a corporate environment the prudent thing to do is have 2 separate logins: one do to administrative tasks and a second one for everyday use.
These six steps will greatly minimize the attack surface of your computing environment. Stay safe!
Jacob Picart is an independent IT Consultant with over a dozen years of industry experience, including working with Windows servers (Exchange, IIS, DNS, Active Directory, etc.); network security (Cisco firewalls and routers); and Linux. Additionally, he serves as the Technical Director for Remnant Studios, a post-production studio specializing in 3D visual & motion graphics effects. His broad technological background, combined with his media and design skills, make him a sought-after consultant by companies who want to better align their technology resources to their business message. He earned his B.A. from San Jose State University and has served in a professional capacity in the industry for over 12 years.
Article Source: http://EzineArticles.com/?expert=Jacob_Picart
Article Source: http://EzineArticles.com/6060540
No comments:
Post a Comment