Club Functions‎ > ‎Our Digital Club‎ > ‎

Our Digital Club, Part 5 - Computer Malware

posted Jul 23, 2015, 12:04 PM by RotaryofNorristown   [ updated Aug 30, 2015, 2:41 AM ]

Computer malware can ruin a PC, a website, even an entire company.  Malware is forever becoming more and more sophisticated and more dangerous.  And it is more prevalent now that web sites are used to spread it. At the same time, new, more advanced tools are developed every day, but can they keep up?  The stakes are high with the discovery of the latest ransomware such as Cryptowall.  A company or municipal government agency could be devastated.  Security experts agree the best defense against malware is good computing behavior.  Our club dedicated a program to a computer malware discussion and some tactics to defend against it. As good as anti-malware software may be, the best assurance of complete and clean recovery is restoring the computer to factory state and restoring data from a clean backup.

The entire program reviewed infamous viruses from the past, as well as the latest dangerous ransomware viruses.  Here are a few highlight slides from the program on July 23rd, 2015 ' The World Nastiest Computer Malware' 

Computer viruses were the original malware.  But they represent only one type of malware threat.

Among the famous viruses discussed here is a new one.  If you are a Gmail user, you need to be aware of the Gmail Filter Virus.  It's not a virus exactly but more a hack.  Once your account password has been compromised, the hacker creates a series of spam forwarding filters in your account and then logs off. Once you're compromised,  changing your password alone will leave the filters in place which continue to forward spam. And check your automated email signature feature. Hackers will hide spammy links there which get stamped on every email you send.

How do I avoid getting malware ?
*Your computing behavior
Log in as a standard user, not an administrator
Dont download software from unknown sources
Dont open email attachments from unknown persons
Don’t click on email links to access any websites
Ignore UPS and USPS email around the holidays saying we have your package, and “so called” fines from law enforcement & EZPass in email
*Apply patch updates from Microsoft & Apple (Windows updates 2nd Tuesday)
*Use security software (anti-malware/anti-virus) & keep it up to date
*Backup your valuable data and cycle your backups
*Consider uninstalling Adobe Flash & Java (old tech)

How do I know if my computer is already infected ?
*Computer is running exceptionally slowly
*Computer is locked and you cant access it
*Random mouse movements or messages popping up on their own (appears haunted)
*You type a specific web site address into the browser but you are taken to something looking different
*You see pop-up ads but you’re not browsing the internet
*Friends complain of spam from you (you might simply be hacked)
*Your computer talks to you

What if I am infected ?
*Stop backing up (corrupted data)
*Update your Antivirus Software definitions
    Try Microsoft's tool first. It is self booting and can detect rootkit viruses on the hard drive.
*Download the Microsoft Safety Scanner tool

(Similar to monthly Malicious Software Removal Tool)

*Run the Safety Scanner setup, agree to license EULA,  burn a boot CD
*Boot from the CD and scan your system
    Now use your antivirus software in manual mode.
    When booting from your hard drive, some viruses disable normal system functions in order to
    discourage removal as well as launch some self initiating re-infecting system processes.
*Disconnect the computer from the internet & networks
*Boot in ‘Safe Mode (Hold F8) until beep
*Manually perform a full scan using your antivirus software
    If all else fails or you wish to be absolutely certain . . .
*Last Resort…backup your data, restore your computer to factory state, reinstall your application software and restore your data. Only solution 100% reliable.

Apple Macs can get malware as well as PCs, there just arent nearly as many Mac viruses.

The free anti-virus solutions are often just as effective, but they usually don't include all the extras.

Most experts agree that you should decide how much work you would be willing to redo (in terms of time)  in the event of a disaster. Whatever that time span is, that should be your backup frequency.  e.g. if you are willing to recreate your data updating done in one week, than a weekly backup might be sufficient.
Also, you don't really have a backup unless it meets the criteria of the 3-2-1 Backup Rule.

Here is the link for the Western Digital 1 Terabyte My Passport Ultra very fast USB 3.0 drive (comes with backup software and hardware encryption) at Amazon for around $70 (although 500gb would probably be large enough). It can automatically password encrypt your data using the highest AES256 standard and it does it in hardware not software, so it is lightning fast. USB 3.0 is downward compatible to work with computers with older USB 2.0 ports.

The issue with cycling backups.. what if the infection is in the process of corrupting or encrypting data while you are backing up?  You will be backing up bad data.  You need to go back far enough to be sure the data is clean.

There is no substitute for strong login passwords.  Also 2nd factor authentication ought to be the norm. The goal of the 2nd factor is to further prove that it is really you logging in and not someone else remotely logging on with your password.  Some logon schemes authorize only your computer.  One way they do this is by requesting a pin code on the screen which they texted to your cell  phone, the first time you log on to that computer.  If you have both the password and the pin (from your phone) they assume it is you. Or they may use biometric technology such as voice recognition.   If your bank does't have 2nd factor authentication and you do online banking, change banks.

Our Digital Club is a collection of Rotary social media and computing topics published at the Rotary Club of Norristown website