The protection mechanisms have not changed for a long time but it is good to go over them once in a while:
Among malware, so-called ransomware has now become common. Ransomware is a program type that encrypts the user’s work files on the user’s local machine and sometimes also on the network disks available on the user’s computer. Decrypting the files might succeed if the user pays a certain sum to the maker of the malicious program, though it is not guaranteed it will happen even then. The payments are usually about 300 to 1000 euros per computer/username. Some of these programs also take screen captures, redirect the network traffic of the computer (or of the mobile device), steal files, e-mail, browser history or log (=record) the keys struck on the computer. The latter means the owner of the malware can collect e.g. usernames and passwords from the users. However, you can avoid all this by your own behaviour. The biggest information security threat is the ordinary user acting recklessly! Actually, it is relatively easy to avoid getting malware to your computer or mobile device (phones and tablets):
- Do not install unknown programs or browser extensions (especially not from unidentified sources) to your computer
- Do not run macros from the files which you have e.g. gotten in e-mail
- Do not install programs suggested to you in social media
- Keep your operating system and other software updated, install the security updates as soon as possible
- Make the back-up copies of your important files on a regular basis and keep them safe and separate from your computer – a backup won’t save your files if the ransomware can access it from your computer
Three examples malicious program spreading campaigns:
- In social media, you can see a funny video or another typical click-bite image link. When you try to look at the video, the site says you need to enable a video extension, font, program etc. If you accept that extension, you actually accept the harmful software code to be run on your computer, e.g. ransomware or other harmful programs.
- You get e-mail with an attachment that looks like a consignment note. In the message itself, you are asked to open or edit the file in question. When you open that file, there are instructions how the contents must be allowed, e.g. you need to run a macro. By doing so, you are running harmful software code on your computer.
- You get a program from a friend, or download it from e.g. Piratebay. The program will work if you give it a valid serial number. There’s a “key generator” with the program that gives you the key, but running the key generator, you pollute your workstation with malware.
About antivirus software
The aforementioned instructions do not mean the antivirus programs would be totally unnecessary. This kind of a programs still may save your computer if you have accidentally run a harmful program. Unfortunately, antivirus software are hopelessly in retard and often the malware campaign is already over at that stage when most antivirus programs would know how to repel a new malicious program.
At the Oamk Windows workstations, there is a protection software in use that is managed by the IT services. Furthermore, the e-mail messages will go through a virus scan. These offer moderate basic security. However, the behaviour of the users is way more effective and important that any technical solutions.
On your own computer, you can also use an antivirus program. Several information security companies offer virus control also free. Of course, it is good to remember the saying “If the product is free, then you are the product.” The companies might sell your information to the advertisers or they might also collect information about your computer. The virus protection programs function in the operating system with full rights and you those user conditions you probably didn’t even read, might mention that by using the program you agree that the program can gather any given information about your workstation and then relay it to the supplier of the program.
This is a popular comparison table of antivirus programs:
https://chart.av-comparatives.org/chart1.php
Our information security officer at the Oamk does not use antivirus programs himself but if he would use one, he says he would probably choose Avira personal edition, though he has not looked into what information it gathers about the workstations. Another option at home would be the F-secure online virus scanner. The scanner checks the processes and files on your computer when you just download the scanner program on your computer and then run it:
https://www.f-secure.com/en_US/web/home_us/online-scanner