October is National Cyber Security Month
In July 2011 Department of Homeland Security (DHS) Secretary
Janet Napolitano today joined President Obama, and others
from the Administration to highlight the need for a
continued commitment to working closely with businesses,
community-based organizations, governments at all levels and
the American public to enhance America’s cybersecurity.
Back here in the south Lake Norman community, we are in the
trenches every day removing malicious software (malware)
from user’s computers. Malware removal is a daunting process
that frequently takes several hours using proven methods and
How is extensive is the malware problem?
The propagation of malware is epidemic. The Internet can be
an unsafe place. Your data is at risk. Your right to privacy
is being violated. Your identity may be stolen. Or worse!
Cyber thieves are interested in capturing information about
you: your credit cards, social security number, banking
information. The intent is obvious, of course. The worst
part is that many security attacks can come from known
friends whose own systems have already been compromised.
The Internet has become a bleak place for people that do not
practice safe computing methods. Cybercrime is big business
these days–it’s no longer the domain of a surly miscreant in
a basement writing viruses. Now the bad guys are organized,
smart, and running their operations like a big worldwide
business for profit.
Most people are aware of the dangers, but not how to protect
I have antivirus software but somehow my PC has become
infected. Why didn’t the antivirus software protect my PC?
Most antivirus software programs cannot keep up with the
some 30,000 virus variants released every day. The bad guys
manage to change the “signature” of the malware to avoid
detection. Unfortunately, all anti-virus programs can give
you a false sense of security. This is not to say that you
should not have antivirus software, but you should not
expect it to be your best line of defense.
After you disinfect my PC, what can I do to protect it
Better user understanding of the threats is a challenge. We
constantly promote safeguarding with current Windows
Security Updates, reliable antivirus/anti-malware programs
and layered defense (least privilege a/k/a limited user
accounts). We strongly encourage the updating of third-party
software (such as Java, Adobe Reader and Flash) to more
secure versions. We promote defensive computing and Internet
surfing (stay away from questionable web sites) using site
advisors, such as Web of Trust.
In October, the Cybersecurity Awareness Campaign intends to
raise the level of understanding of the need for protection
of the PC to prevent threats from taking control, especially
when many households use their PC for bill paying, work
purposes and to retain personal information. Accordingly,
household users cannot allow their PCs to become
I keep getting emails from a friend who lives in Cornelius.
The email has a link to a strange website. What is going on?
I get similar emails from family and friends.
Eighty-five percent of unwanted emails are known to include
malicious URL link.
If you click on the link, your PC will become infected by a
backdoor Trojan program. It is unclear whether your friend’s
PC is infected or whether his name is being spoofed by
another compromised PC.
How NOT to Get Your PC Infected
Obviously, there are many ways to pick up a virus or other
malicious software. We have put together a list of the more
common methods of infection so that you know what to look
out for and avoid.
Never click on a link unless you know the target destination
is safe. Examples: Facebook links, Email, Instant Message,
suspicious websites and advertisements.
These are downloads of spyware, a computer virus, or any
kind of malware that happen without knowledge of the user.
Drive-by downloads may happen when you visit a website, view
an e-mail message or click on a deceptive popup window. Many
users click on the window in the mistaken belief that, for
instance, it is an error report from their own PC or that it
is an innocuous advertisement popup. In such cases, the
malicious "supplier" may claim that the user "consented" to
the download though he or she was completely unaware of
having initiated a malicious software download.
These are pieces of malware that take advantage of a
weakness in a web browser, e-mail client, Java, Adobe Reader
or Adobe Flash or the Windows operating system. They install
themselves without any user intervention whatsoever. Many
take advantage of older vulnerabilities in applications or
operating systems that don't have the latest updates
installed. This is why it is important to install updates
Infected attachments that arrive in spam emails can infect
machines then send emails to everyone in the users address
book. These spoofed email messages will contain some kind of
enticing story to get you to follow a link to a malicious
site or open an attachment which is actually the installer
for the malware.
The rise in broadband technology (always on, always exposed)
has enabled the increased the level of threats. Our message
covers the malicious threats derived from interactive
information sharing, and user-centered design, including
social networking and video-sharing sites.
Many local residents have begun to telecommute (work from
home). Accordingly, they need to address additional security
practices for business applications “in the cloud” and
Software as a Service.
In addition we aspire to keep our children safe, safe from
predators, safe from bullies, safe from the unknown threats.
Many software programs, which allow restrictions, are
available for parental control.
This is where you come in: Cybersecurity is