Arm Your Computer Against Identity Theft

If you want to safely and confidently surf the Internet, use these security measures to protect yourself.

December 2003
The Bush Administration recently issued a 65-page document entitled “The National Strategy to Secure Cyberspace.” While protecting Federal agency information is the major focus, the report states that home-computer users are an integral element in the war against hackers, identity thieves, terrorists or anyone intent on hijacking American hard drives. The implication is clear: The more dependent we become on the Internet, the more damage can be done by sending and receiving information via our computers.

 

“The likelihood of becoming a victim of identity theft via an online attack is growing as hackers are becoming more persistent and difficult to stop,” says Jim Doyle, president of Internet Crimes, a company that trains high-tech investigators. "Today, many people install alarms in their homes to protect themselves from burglars, yet people have been slow to adopt important safety measures on their home computers. Unfortunately, we are beginning to witness the fallout of that behavior." That's not just hype. In 2001, computer viruses, worms and Trojan horses caused $12 billion in damage to the U.S. economy with the help of unsuspecting users.

The crux of the problem is the public's lack of sophistication. As computers get easier to use, applications are growing more and more complex, and the percentage of Web surfers who truly understand the security implications of logging on to the Internet is shrinking. Meanwhile, the booming market in home networks is turning legions of casual surfers into de facto, and virtually untrained, network administrators. The resulting knowledge gap has created a huge array of systems ripe for attack, and, true to form, an entire industry has sprung up to exploit those PCs. Here are some of the weapons that have been developed to invade home computers:

Viruses are a piece of programming code disguised as something else that causes an unexpected and usually undesirable event. It's often designed to be automatically spread to other computer users. Viruses can be transmitted as attachments to e-mails, as downloads or be present on a diskette or CD. The source of the infected e-mail, download, or diskette you've received is often an unwitting co-conspirator. Some wreak havoc as soon as their code is executed, while others lie dormant until circumstances cause their code to be executed by the computer.

Worms are a self-replicating virus that does not alter files but resides in computers' active memory and duplicates itself. It can arrive in the form of a joke program or software. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, which slows or halts regular computer tasks.

 

Trojan Horses are a program that neither replicates nor copies itself but contains apparently harmless data that can damage or compromise the security of your computer, such as ruining the files on your hard drive. Typically, a person mails a Trojan horse to you in the form of a joke program or type of software. Sophisticated viruses and worms often replicate themselves by mailing email messages, with a Trojan attached, from an already infected computer. These malicious programs find email addresses to send to by using the infected computer's address book. Novice web users are especially susceptible to these kinds of attacks, because they aren't likely to suspect attachments that are attached to emails from the computer of a friend which may be infected with the virus or worm.

 

Spyware is technology that aids in gathering information about a person or organization without their knowledge. On the Internet, it is put on someone's computer and relays information to advertisers or other interested parties. Most often, it hides behind other software as you download it. If you're a heavy user of post-Napster file-sharing programs like Morpheus or Kazaa, both known distributors of spyware, you're probably already infected.Cookies allow Internet site owners to personalize websites for users and to keep track of their identities when they log in but can also be used to track some web usage. Once on your PC, spyware can sequester itself deep inside your operating system in what is known as the registry files. Anti-virus software won't spot it because it looks like something you chose to install.

Adware refers to any software application in which advertising banners are displayed while the program is running. It often includes spyware code that tracks your personal information and passes it on to third parties.

These malicious tools are spreading faster than can be catalogued. For example, would-be virus writers can download virus-creation tool kits and use standard scripting tools to paint a worm to a custom e-mail virus. Most virus attacks are more irritating than diabolical. On the scale of damage wrought, the worst may kill your hard drive or send everyone you know the potentially embarrassing contents of your My Documents folder. That is trivial compared to things that a malicious cracker could accomplish. Keystroke monitors and backdoor viruses, for example, can be used to scrape important information such as password lists, checking-account numbers, and credit-card information off one or multiple machines. Thieves are far more likely to target corporate Web sites and databases than sift through your hard drive looking for one or two credit-card numbers. But they may be able to grab thousands of credit-card numbers from a corporate site.

It is also important to be wary of doing any sensitive computing task, such as logging into your bank, from a cybercafe or other public internet terminal. Malicious users, using the computer before you, may have installed keystroke monitoring software on these computers to record your passwords.

How can you protect yourself? The good news is that while such "cracker"-generated threats are multiplying daily, they are also relatively easy to combat with standard security practices. Here's what you can do:

Patch the Holes. A burglar who comes across a car with a security device like “The Club” is likely to move on to a less-protected vehicle. The same idea applies to Internet security. The first step on the road to safe surfing is to patch up your system, yet most PC vendors' default installation policies do not provide maximum security. This means that if you installed anything using the manufacturers' default settings, from the operating system to browser plug-ins, you can assume your system is full of holes. Keep this in mind before you enter any sensitive information. Currently, no standard set of practices ensures security by default so the safest thing to do is to establish your own set of security practices. Delete all user accounts as soon as you install the operating system, and then add new ones on a case-by-case basis, assigning access rights according to the principle "Deny first, and then allow." Remove unnecessary software by deleting it from your browser configuration and use passwords everywhere you can. Enable Windows' password protection. Use file-level passwords to protect important documents, and disable file sharing on the drive that holds your system files.

Consider Your Connection. Once your software is patched, it's time to consider your Internet connection and take specific measures to improve your ability to surf in peace. For a single computer that links to the Net with a dial-up connection, a minimum configuration should include antivirus software and a personal firewall. Also consider installing an Internet security suite. Virtually all of the major antivirus-software makers have expanded their offerings beyond strict virus monitoring to include script blocking, intrusion detection, personal firewalls, spam prevention, and adware/spyware protection. Slow modem speeds should not be used as an excuse to let your virus definitions fall out of date; despite how long it takes, you should run a manual check for updates and patches on a regular basis.

ISPs have also begun to address privacy and security issues but for dial-up accounts especially, it is better to deal with threats coming from their direction. Server-side antispam protection, such as EarthLink's Spaminator, keeps spam from hogging your modem connection, clogging your mailbox, and possibly releasing a virus or spyware. Improved spyware-detection, pop-up-elimination, and antivirus software are also in the works from EarthLink, and other ISPs have begun similar initiatives.

E-mail is not secure at the hardware level because a packet sniffer can read the stream if it's not encrypted. Sensitive e-mail should be encrypted using public-key encryption; you should also look for an ISP that uses secure password authentication. Surprisingly, Web-based e-mail such as Hotmail and Yahoo Mail is relatively secure, unless your machine has been compromised by a keyboard sniffer. While there are hacks for Microsoft's .Net Passport, you're still reasonably well-protected by the e-mail services' own efforts to keep out hackers. With the advent of ActiveX and Java scripts, any number of things can happen when you open an e-mail. Disable scripts in Internet Explorer, or at a minimum, set your browser to issue a prompt before running scripts marked "Unsafe." Also, if you use Microsoft Outlook to manage e-mail, close the preview pane before viewing a suspicious mailing so it doesn't automatically launch a virus.

Be Wary of Broadband. High-speed connections such as DSL and cable bring a new level of worry to home users, because along with higher-speed connections come higher-risk activities.Participation in peer-to-peer file-sharing networks which allow others to access a portion of your computer demands that you take steps to protect your system because using these networks increases the likelihood that unscrupulous users will exploit flaws in your security scheme to explore unprotected folders on your hard drive. While stand-alone antivirus and firewall applications can stop most malicious programs and scripts, the prevalence of spyware in file-swapping schemes such as Kazaa and Morpheus make the installation of a full-featured suite anecessity.

If you are sharing a broadband connection among computers on a home network, you should install a full-featured security suite on each machine and add an additional layer of protection in the form of a hardware router/firewall to protect the network as a whole. If you haven't done so already, upgrade your router/firewall to one that provides both Stateful Packet Inspection (SPI) and Network Address Translation (NAT).

Worry About Wireless. Wireless networks are relatively easy to set up and configure, extremely flexible, and fast enough to handle nearly any home or small-business task. But from a security perspective, the wireless situation is inadequate at best. Default settings for Wi-Fi networks frequently include administrator accounts preloaded with default passwords that absolutely must be deleted and changed.

Even when Wired Equivalent Privacy (WEP) is enabled, holes abound and are extraordinarily well-publicized. Hackers can get past WEP using published tool kits, and to make matters worse, there are Web sites that contain extensive maps of wireless coverage areas. That said, if you haven't implemented WEP on your wireless network, you are practically begging to be hacked. The majority of wireless hackers are simply looking for a free connection to the Internet, but basic network-security precautions -- limited file sharing, password protection, and encryption of vital files and folders -- become especially important if your network includes a wireless access point.

With a little bit of planning, it's not difficult to turn your Internet-connected computer or network into a relatively uninviting target. Luckily, “relatively” is the key word. Devote a relatively small amount of time and effort to patching software holes and hardening your network, and hackers will likely pass you by in favor of someone else's relatively unprotected system.

Back Up! This can't be stressed enough: Back up your PC. Regularbackup is the single most important thing you can do to secure your system and protect your data. You should run an automated backup script or use backup software that updates at least once a week, and you should test it regularly to make sure it works and is virus-free.

These methods can go a long way in protecting your files, your personal information and your computer's health. Plus, you'll also be doing the Federal government a big favor in helping them protect national security.

 

Internet Security Suites

McAfee Internet Security. The Internet Security 5.0 suite provides all-around protection, with Firewall and VirusScan protecting against most types of security breaches, including hack attacks and destructive Internet-borne viruses, worms, and Trojan horses. (You need to turn on the firewall yourself by using the configuration options, however.) The Security Check feature sniffs out ad-serving software and has the ability to block pop-up and pop-under windows. It can also prevent selected users from accessing certain applications, handy for parents who want to lock out children from online apps such as instant messengers.

Norton Internet Security. Norton Internet Security 2003 comes with intelligent intrusion detection that sniffs out suspect data transmissions and protects you from backdoor break-ins. It has also added a number of other security and privacy tools that make this firewall/virus-killer combo a great deal. The Norton Alert Tracker pop-up warns you if someone's trying to break into your PC. It immediately reports both illicit port scans and unauthorized attempts by apps to access the Net. In case of an unavoidable attack, the new Alert Assistant provides more information about any suspicious activity, including whether the program that's attempting to connect contains a digital signature, which signals that it's probably trustworthy. NIS 2003 also includes the full version of Norton AntiVirus 2003, as well as tools that block pop-ups, pop-unders, banner ads, unwanted cookies, JavaScript, ActiveX controls, and even outgoing personal info, such as your credit-card number. Norton Spam Alert, an antispam tool, helps minimize junk e-mail in your in-box.

 

Virus Protection

McAfee VirusScan. The 7.0 version stops viruses at all entry points to your PC - including e-mail, Internet downloads, shared disks, CD-ROMs, and synchronization with your PDA. Whether you have a dialup or broadband connection, VirusScan constantly watches the activity and behavior of programs running on your PC, and alerts you when it detects suspicious activity. It also provides instant updating via the Internet to ensure that your computer is protected from the latest virus threats.

Norton Antivirus. The latest 2003 version scans and cleans instant-message attachments as well as email messages. It removes viruses and automatically, without interrupting your work. The program detects and blocks worms and Trojan horses from being sent in your outgoing email to prevent them from spreading themselves through email address books.

 

Firewalls

ZoneAlarm Pro is an award-winning firewall for PCs that keeps hackers at bay with protection against worms, Trojans, spyware, and 47 types of malicious email attachments. ZoneAlarm Pro includes Cookie Control and Ad Blocking for a faster, safer Internet experience.

Netgear's ProSafe Firewall/VPN series. Firewalls that protect all computers on a home network that use broadband and/or wireless for their Internet connection. Netgear sells its firewalls on major computer companies' websites as well as at electronic and office retailers such as BestBuy, Curcuit City and Staples.

 

Anti-Adware and Anti-Spyware Tools

Ad-aware (for PCs) is thefirst software created to combat adware and spyware. If you own a PC, go to www.lavasoft.de for information on how to download their free adware scanner utility. The AdAware program scans your computer and turns up all the nasty pieces of programming lurking in the depths. For constant protection from adware, spyware, key-loggers, selected Trojans, and even pop-ups consider Ad-aware Plus.

Spring Cleaning (for Macs) is Aladdin Systems software equivalent to AdAware for Macintoshes.