Do
you properly protect YOUR computer?
Let's see if you pass the test!
Complex
operating systems (like Windows and Vista) and application
programs (like word processors, spreadsheets, web browsers
and email clients) provide unintended
opportunities for outsiders to gain control of your desktop
or laptop computer. These are the vulnerabilities that
prompt vendors to provide security patches and upgrades.
If an outsider
gains some control over your computer, you
will probably not notice any immediate impact on your ability
to do your work. Hackers have realized that there
is more to be gained by being quiet and subtle while they
get their work done on your computer. The less suspicion
they raise, the longer they can continue to use your computer.
You
may be surprised at the variety of things that hackers will do with
your computer:
install a "keylogger" that monitors
your keystrokes, keeping track of things you type
that look like some sort of authentication sequence (username/password,
bankcard/PIN, BannerID/PIN, Name/SSN, etc) and will periodically
report that information back to some home base somewhere
else in the world.
scan your stored
files (documents, email messages, temporary files,
web browser cache, etc) for similar authentication sequences
and report home.
scan your email
messages and addressbook for
email addresses to send home for spam list building.
cripple or disable
your virus protection or spyware
protection or automatic patching.
use your computer
to send spam, phishing or virus
email messages.
use your empty
disk storage as a drop-site to share pirated software,
games, music or video - some of it could be pornographic.
use your computer
as a jumping point to gain access
to other computers within the
USU network
launch a distributed denial
of service attack on a victim (this is a coordinated
attack from many computers - maybe thousands so that each
attacking computer isn't generating a really noticeable
amount of network traffic).
install a proxy
server that allows outsiders to use your computer as a relay making
their attack on others look like it is from you.
password
guessing attacks directed at other computers.
they are always
finding more tricks.
So,
how do they gain access to your computer in the first place?
1
A
known but unpatched vulnerability in
your computer operating system. USU's network is continually
being scanned and probed for computers that have unpatched
or out-of-date software or operating systems. When they
find a way in, they quietly enter and begin their work. Some
scans and probes we can detect and interrupt, many we can't.
3
Unused
special-purpose services that have been left on or available
on your computer during installation. The prevailing
strategy of vendors has been to turn on all their neat services
so that they will be ready in case you ever need them. But
services that you don't need, or don't even know about, are
just services that hackers can use against you. Do you need
to share the files on your computer with other computers?
Do you need to allow FTP access from outside? Do you need....
All of these services should be turned off by a knowledgeable
system administrator if you don't need them.
2
A
vulnerability in one of your application
programs. These vulnerabilities often require you
to use that program to open a file containing
exploit code for that vulnerability. A Word document,
Excel Spreadsheet, Powerpoint presentation or even what is purported
to be a simple image file could all contain macros or executable
code that will do something that you don't want, don't expect
and don't even recognize, on your computer.
4
Exploratory
web browsing. There
are all sorts of enticements to click
on stuff that is really designed to gain control of
your computer. There are even websites
that will give you something bad as soon as you get there.
Your web browser needs to be configured to be suspicious, to
refuse to do some of the fancy stuff, or at least ask you each
time first. And then you need to be cautious about what you
approve.
5
Likewise, unexpected
email can bring the same hazards. USU's email firewall
blocks over 95% of incoming email these days, but there
are always new tricks being used to sneak some mischief
through. You need to think of the email firewall not as your
protection from mischief but just as your protection from the
overwhelming quantity of it. You must still be cautious and
skeptical of unexpected messages. Unfortunately, this skepticism
needs to extend to some of the forwarded messages from your
more naive friends.
POP QUIZ QUESTION #3:
How many ways could
a hacker get into your computer:
What
can you do to protect your computer, your information, and the university's
information
Be
sure your computer has the ongoing support of a computer
technology expert, either
yourself or your departmental guru or the IT
Service Desk, to keep the operating system and applications
patched and up to date. (If you have a local guru, ask for
a comforting explanation of how your needs are being met.)
A firewall should
be installed and configured appropriately
for the uses you will make of the computer.
Unneeded
system services should be shut down.
Do
not store confidential
or identifying data on your hard disk or portable
storage devices (floppies, CDs, thumbdrives, PDAs) after
your need for the data has been met. And remember that simply
deleting a file doesn't really mean that it is gone
from your storage.
Your
access (and the administrator's access) should be protected
by a strong password. Here
are some tips about creating and using a strong password from
our friends at Stanford University. For a hacker, an "easy
to guess" password is one that is in his list of millions of
passwords. He can set another computer to work overnight testing
lots of passwords on your computer, and that brings me to another
recommendation:
A cold computer is
a secure computer. If you don't want your computer to provide
after-hours services to others on the internet, turn
it off at the end of your
work day! It will save power, too, and will not harm
the hardware.
Even though the internet
connection is a major avenue for misuse of your computer, don't
neglect the physical security of your computer. An
unauthorized person at the keyboard or an unlocked door or
window can result in a loss of stored confidential information
or hardware.
Be
an internet
skeptic! Don't
fall for those too-good-to-be-true enticements on web pages
and in email.
POP QUIZ QUESTION #4:
Which is the most important
thing you can do to protect your computer?
Let
me repeat the take home lesson from all this:
With
the increasingly complex and hostile environment on the Internet,
your goal of using your computer to get your job done must
be matched by an equal goal to insure that your computer is NOT used
by others to accomplish their mischief.
Don't
put your private information and job security as well as the university's
resources, information and reputation at risk!
Where
is the "Submit" button?
There
isn't one. If you've read everything carefully, I'm
sure you got all the answers right!
You
may be surprised at the variety of things that hackers will do with
your computer:
