Protect your device from malware and hackers
Table of Contents...Loading Table of Contents...
Regardless of your broader objectives, keeping your device healthy is a critical first step down the path toward better security. So, before you begin worrying too much about strong passwords, private communication and secure deletion, for example, you need to make sure that your computer is not vulnerable to hackers or plagued by malicious software, often called malware, such as viruses and spyware. Otherwise, it is impossible to guarantee the effectiveness of any other security precautions you might take. After all, there is no in point locking your door if the burglar is already downstairs, and it doesn't do you much good to search downstairs if you leave the door wide open.
Accordingly, this chapter explains how to maintain your software and use tools like Avast, Spybot and Comodo Firewall to protect your computer against the ever-present dangers of malware infection and hacker attacks. Although the tools recommended in this chapter are for Windows, which is the operating system most vulnerable to these threats, GNU/Linux and Apple OS X users are also at risk and should still adopt the tactics presented below.
What you can learn from this guide
- More about the nature of a few of the specific threats that malware poses to the privacy and integrity of your information, the stability of your computer and the reliability of other security tools
- How you can use a number of recommended tools to help protect yourself from these threats
- How to keep your computer secure by updating your software frequently
- Why you should use freeware tools, to avoid the dangers associated with expired licenses or pirated software, and popular FOSS tools, where possible, to enhance your security
Introduction to malware
Assani is a human rights activist in a Francophone African country. His two teenage children, Salima and Muhindo, have offered to help him with some routine computer work he has been asked to do. After seeing the state of his computer, they offer to teach him the basics of how to keep it healthy and functional. Assani also likes the idea of using Free and Open Source Software, but he's not sure whether that would be more or less secure, so he asks for their advice.
There are many different ways to classify viruses, and each comes with its own set of colourfully-named categories. Worms, macroviruses, trojans and backdoors are some of the more well-known examples. Many of these viruses spread over the Internet, using email, malicious webpages or other means to infect unprotected devices. Others spread through removable media, particularly devices like USB memory sticks and external hard drives that are frequently used to exchange data. Viruses can damage, destroy, or infect the information in your device, including data on external storage. They can also take control of your device and use it to attack others. Fortunately there are many anti-virus tools that you can use to protect yourself and those with whom you exchange digital information.
There is an excellent freeware anti-virus program for Windows called Avast, which is easy to use, regularly updated and well-respected by anti-virus experts. It requires that you register once every 14 months, but registration, updates and the program itself are all free-of-charge.
There are various other well-known commercial anti-virus programs as alternatives to Avast. Clam Win is a FOSS alternative to Avast. Although it lacks certain features that are important for a primary anti-virus program, Clam Win has the advantage that it can be run from a USB memory stick in order to scan a device on which you are not allowed to install software.
Tips on using anti-virus software effectively
Do not run two anti-virus programs at the same time, as this might cause your computer to run extremely slowly or to crash. Uninstall one before installing another.
Make sure that your anti-virus program allows you to receive updates. Many commercial tools that come pre-installed on new computers must be registered (and paid for) at some point or they will stop receiving updates. All of the software recommended here supports free updating.
Ensure that your anti-virus software updates itself regularly. New viruses are written and distributed every day, and your computer will quickly become vulnerable if you do not keep up with new virus definitions. Avast will automatically look for updates when you are connected to the Internet.
Enable your anti-virus software's 'always on' virus-detection feature if it has one. Different tools have different names for it, but most of them offer a feature like this. It may be called 'Realtime Protection,' 'Resident Protection,' or something similar. Take a look the Avast Guide to learn more about how to scan your computer for virsuses and infections.
Scan all of the files on your computer regularly. You don't have to do this every day (especially if your anti-virus software has an 'always on' feature, as described above) but you should do it from time to time. How often may depend on the circumstances. Have you connected your computer to unknown networks recently? With whom have you been sharing USB memory sticks? Do you frequently receive strange attachments by email? Has someone else in your home or office recently had virus problems? For more information on how best to scan files, see the Avast Guide.
Preventing virus infection
Be extremely cautious when opening email attachments, any files received (e.g. over Instant Messaging like MSN, Skype, etc.) or downloaded from the Internet. It is best to avoid opening any files received from an unknown source. If you need to do so, you should first save the attachment to a folder on your computer, then open the appropriate application (such as Microsoft Word or Adobe Acrobat) yourself. If you use the program's File menu to open the attachment manually, rather than double-clicking the file or allowing your email program to open it automatically, you are less likely to contract a virus.
Consider the possible risks before inserting removable media, such as CDs, DVDs and USB memory sticks, into your computer. You should first check that your anti-virus program has the latest updates and that its scanner is running. It is also a good idea to disable your operating system's AutoPlay feature, which can be used by viruses to infect your computer. Under Windows XP, this can be done by going inside My Computer, right-clicking on your CD or DVD drive, selecting Properties and clicking on the AutoPlay tab. For each content type, select the Take no action or Prompt me each time to choose an action options then click OK.
You can also help prevent some virus infections by switching to free and open source software, which is often more secure, and which virus writers are less likely to target.
Assani: I have a virus cleaner and I run it regularly, so I figure my computer is healthy, right?
Salima: Actually, just having anti-virus software isn't enough. You also need to protect your computer from spyware and hackers, so you'll have to install and run a couple more tools.
Spyware is a class of malicious software that can track the work you do, both on your computer and on the Internet, and send information about it to someone who shouldn't have access to it. These programs can record the words you type on your keyboard, the movements of your mouse, the pages you visit and the programs you run, among other things. As a result, they can undermine your computer's security and reveal confidential information about you, your activities and your contacts. Computers become infected with spyware in much the same way that they contract viruses, so many of the suggestions above are also helpful when defending against this second class of malware. Because malicious webpages are a major source of spyware infection, you should pay extra attention to the websites you visit and make sure that your browser settings are secure.
Assani: It all sounds like something out of a spy movie to me. Is my computer really infected with spyware?
Muhindo: Believe it or not, it's really common. If those programs you downloaded from the Internet haven't infected you, there's a good chance at least one of the webpages you've visited has. The fact that you use Windows and Internet Explorer makes it even more likely. If you've never scanned your computer for spyware, I bet you'll be surprised by how much is already installed on it
You can use anti-spyware tools to protect your computer from this type of threat. Spybot is one such program, and it does a very good job of identifying and removing certain types of malware that anti-virus programs simply ignore. Just like with anti-virus software, though, it is extremely important that you update Spybot's malware definitions and run regular scans.
Preventing spyware infection
- Stay alert when browsing websites. Watch for browser windows that appear automatically, and read them carefully instead of just clicking Yes or OK. When in doubt, you should close 'pop up windows' by clicking the X in the upper right-hand corner, rather than by clicking Cancel. This can help prevent webpages from tricking you into installing malware on your computer.
- Improve the security of your Web browser by preventing it from automatically running the potentially dangerous programs that are sometimes contained within webpages you visit. If you are using Mozilla Firefox, you can install the NoScript add-on, as described in the Firefox guide.
- Never accept and run this sort of content if it comes from websites that you don't know or trust.
Assani: I've heard that 'Java applets' and 'ActiveX controls' can be dangerous. But I have no idea what they are.
Salima: They're just different examples of the same sort of thing: small programs that your Web browser sometimes downloads along with whatever page you're reading. Web designers use them to create complex sites, but they can also spread viruses and spyware. You don't have to worry too much about how they actually work, as long as you have NoScript installed and running properly.
A firewall is the first program on a computer that sees incoming data from the Internet. It is also the last program to handle outgoing information. Like a security guard, posted at the door of a building to decide who can enter and who can leave, a firewall receives, inspects and makes decisions about all incoming and outgoing data. Naturally, it is critical that you defend yourself against untrusted connections from the Internet and from local networks, either of which could give hackers and viruses a clear path to your computer. In fact, though, monitoring outgoing connections originating from your own computer is no less important.
A good firewall allows you to choose access permissions for each program on your computer. When one of these programs tries to contact the outside world, your firewall will block the attempt and give you a warning unless it recognizes the program and verifies that you have given it permission to make that sort of connection. This is largely to prevent existing malware from spreading viruses or inviting hackers into your computer. In this regard, a firewall provides both a second line of defense and an early-warning system that might help you recognize when your computer's security is being threatened.
Recent versions of Microsoft Windows include a built-in firewall, which is now turned on automatically. Unfortunately, the Windows firewall is limited in many ways, for example, it does not examine outgoing connections. However, there is an excellent freeware program called Comodo Personal Firewall, which does a better job of keeping your computer secure.
Preventing untrusted network connections
- Only install essential programs on the computer you use for sensitive work, and make sure you get them from a reputable source. Uninstall any software that you do not use.
- Disconnect your computer from the Internet when you are not using it and shut it down completely overnight
- Do not share your Windows password with anyone.
- If you have enabled any 'Windows services' that you are no longer using, you should disable them. See the Further reading section for more about this
- Make sure that all of the computers on your office network have a firewall installed </li>
- If you do not already have one, you should consider installing an additional firewall to protect the entire local network at your office. Many commercial broadband gateways include an easy-to-use firewall, and turning it on can make your network much more secure. If you are not sure where to start with this, you might want to ask for assistance from whoever helped set up your network
Asani: So, now you want me to install anti-virus, anti-spyware and firewall software? Can my computer cope with all that?
Muhindo: Absolutely. In fact, these three tools are the bare minimum if you want to stay secure on the Internet these days. They're made to work together, so installing them all shouldn't cause any problems. Remember, though, you don't want want to run two anti-virus programs or two firewalls at the same time.
Keeping your software up-to-date
Computer programs are often large and complex. It is inevitable that some of the software you use on a regular basis contains undiscovered errors, and it is likely that some of these errors could undermine your computer's security. Software developers continue to find these errors, however, and release updates to fix them. It is therefore essential that you frequently update all of the software on your computer, including the operating system. If Windows is not updating itself automatically, you can configure it to do so by clicking the Start menu, selecting All Programs and clicking Windows Update. This will open Internet Explorer, and take you to the Microsoft Update page, where you can enable the Automatic Updates feature. See the Further reading section to learn more about this.
Similarly it is important to make sure that all of the other software installed on your computer is updated. In order to do it you first need to know what programs you have on your computer and perhaps uninstall those that are not essential (on Windows go to Control Panel and Programs or Add/Remove Programs). Then it is good to review for each program if it is the latest version, how can it be updated and will it update itself automatically in the future.
Staying up-to-date with freeware and FOSS (free and open source software) tools
Proprietary software often requires proof that it was purchased legally before it will allow you to install updates. If you are using a pirated copy of Microsoft Windows, for example, it may be unable to update itself, which would leave you and your information extremely vulnerable. By not having a valid license, you put yourself and others at risk. Relying on illegal software can present non-technical risks, as well. The authorities in a growing number of countries have begun to verify that organisations possess a valid license for each piece of software that they use. Police have confiscated computers and closed down organizations on the basis of 'software piracy.' This justification can be abused quite easily in countries where the authorities have political reasons to interfere with a given organisation's work. Fortunately, you do not have to purchase expensive software to protect yourself from tactics like this.
We strongly recommend that you try out the freeware or FOSS (free and open source software) alternatives to any propriety software that you currently use, especially those programs that are unlicensed. Freeware and FOSS tools are often written by volunteers and non-profit organisations who release them, and even update them, free of charge. FOSS tools, in particular, are generally considered to be more secure than proprietary ones, because they are developed in a transparent way that allows their source code to be examined by a diverse group of experts, any one of whom can identify problems and contribute solutions.
Many FOSS applications look like, and work almost the same way as, the proprietary software that they were written to replace. At the same time, you can use these programs alongside proprietary software, including the Windows operating system, without any problems. Even if your colleagues continue to use the commercial version of a particular type of program, you can still exchange files and share information with them quite easily. In particular, you might consider replacing Internet Explorer, Outlook or Outlook Express and Microsoft Office with Firefox, Thunderbird and LibreOffice, respectively.
In fact, you could even move away from the Microsoft Windows operating system entirely, and try using a more secure FOSS alternative called GNU/Linux. The best way to find out if you're ready to make the switch is simply to give it a try. You can download a LiveCD version of Ubuntu Linux, burn it to a CD or DVD, put it in your computer and restart. When it's done loading, your computer will be running GNU/Linux, and you can decide what you think. Don't worry, none of this is permanent. When you're finished, simply shut down your computer and remove the Ubuntu LiveCD. The next time you start up, you'll be back in Windows, and all of you applications, settings and data will be just as you left them. In addition to the general security advantages of open-source software, Ubuntu has a free, easy-to-use update tool that will keep your operating system and much of your other software from becoming outdated and insecure.
- <a id="#fr"></a>See the chapter on Malicious Software and Spam and the Appendix on Internet Program Settings in the Digital Security and Privacy for Human Rights Defenders book
- Keep up to-date with news about viruses on the Virus Bulletin website
- Learn how to determine which 'Windows services' are unnecessary and disable those you do not need
- Other toolkits from the Tactical Technology Collective can help you switch to using FOSS and Freeware tools for all of your software needs
- Download free bootable rescue CDs to scan your computer and remove the viruses, without starting Windows on your computer
- If you think your computer is infected with a virus or some other malicious software read Malware Removal Guide for Windows
- LibreOffice is the power-packed free, libre and open-source personal productivity suite for Windows, Macintosh and GNU/Linux
- See Ubuntu which is a fast, free and incredibly easy to use operating system. Ubuntu will work with your existing PC files, printers, cameras, music players and smartphones - and it comes with thousands of free apps