I was recently part of a very destructive malware attach that caused enough damage to some systems that was under my portfolio to ruin a few days. Luckily the infection was caught early enough to prevent it from being crippling but not early enough to prevent it from happening altogether. When the dust settled it was revealed that the infection was introduced by a simple and very preventable user error. The nature of the infection and the delivery method was such that there isn’t a preventative anti-virus or anti-malware solution that would have caught it. So how could it be prevented in the future? Education.
Education on how to use the Internet. Yes, the Internet is all around us and it is now integrated into our daily lives yet everyone needs to have a better understanding on what the Internet actually is and what it contains. Instead of writing a post about the incident that basically says “don’t click on email links you don’t trust”, instead I am going to write a series of posts that covers all the mainstream attack methods and detail out how home users and business users can take simple steps to reduce risk.
I can say with confidence that it has been almost 10 years since I have been infected on any personal system or device I have owned. This is not because of my IT security background, but more on my focus on how I use the Internet. Everything that I will be writing about over the next week are the steps I take when I get called by a friend or relative to clear a system that they got infected. When they follow my post-infection directions the rate of re-infection is zero.
Here are the topics I will focus on:
- Personal Email Use – Cloud service email and desktop based email clients
- Internet Browsing – Browsers, sites, how tell if a site is legit and/or secure
- Tools – Scanners, cleaning tools, diagnostics (all free, no additional costs)
- Infection – What do you do, how can you protect your data
- Scams – What are the latest scams and where you can stay on top of them
- Beyond the Computer – Identity Theft, Credit Card use, retail breaches
- Trust – What can you trust and what are flags to watch for to immediately toss out
- Education – Get the word out
I am going to try to format each of these posts as two sections. The first section is the descriptions, facts, links to sources. The second part I will build a simple grid that can be cut and paste, printed, send to friends, made into status updates. The more people know the less chance of infections happen to you and your data.
End of Line.
Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.