The magazine of the Melbourne PC User Group
Computer Viruses and The Home User  
 Michael Mullerworth

Internet Security tends to focus on e-Commerce (online trading, Internet banking. etc.) and on the integrity of data in corporate systems. But it is becoming more important for home users as the corporate world tightens its security systems, especially after the widespread threats of viruses such as Code Red and Nimda and then the events of September 11. Malicious virus creators are now turning their attention to the more vulnerable personal computer.
 
Recently, in the last quarter of 2001, the Melb PC Internet Help Team (iHelp) experienced an epidemic of such infections, mainly with the W32 Badtrans.29020 virus. It became apparent that many Melb PC members have no anti-virus protection whatsoever, and are poorly informed about both the risks and the protective measures available.
 
Why The Concern?

Why should we be concerned about home user protection? Imagine exploring the Internet and the use of e-mail as travelling about and mingling with other people. We all accept that illnesses like influenza can be easily spread by near contact, and not long ago it was shown anthrax could be spread by surface mail. Similarly, every connection to the Internet and every e-mail received exposes you to possible computer virus infection.
Sooner or later everyone is likely to encounter an intrusion. It is like opening your front door to an unknown person knowing that it might be dangerous, without the benefit of a security screen door, a peephole, or a security camera. Commonly the infecting agent is a part of or is piggy-backed onto a legitimate document or program, and it activates when downloaded and opened. Macro viruses in a document can be activated the moment you open that document, completely beyond your control. Viruses in attached files, either executable programs or "scripts" can be activated when you click on the attachment. The built-in danger may be a virus, a worm, a Trojan or a zombie. Some are merely mischievous, others may damage your system severely. Many spread further by way of e-mails to all the names in your address book. Therefore, any method of control is of great benefit not only to you, but to all your contacts.

Should You Rely Upon Someone Else To Protect You?
 
In commercial enterprises and large institutions the organisation may scan e-mail for viruses and inappropriate content. This has limitations and may result in legitimate mail and attachments being rejected or deleted. Also, it does not prevent infection while viewing Web pages. In general terms, just as community policing does not stop malicious or criminal activity, there will always be dangerous Web sites and e-mail with attachments containing extremely dangerous content.

What Can You Do?
 
First, accept responsibility for your own protection. Just as you should be aware of health risks when travelling and take appropriate precautions (e.g. immunization, antimalarials, or antibiotics), or secure your home against intruders whether you are there or not, you might do the following to protect your computer:

  1. Install and maintain Anti-Virus Software. This is both an alarm system and a defence. It may search for and destroy the offending item or immobilize it (quarantine or deny access). Some antivirus programs scan all incoming mail. It is important that the software be kept updated, as new viruses appear frequently. Daily updates are ideal, at least once or twice a week acceptable. 
  2. Open attachments only after scanning them with your up-to-date antivirus program. Some people delete all attachments, or open only those from a known and trusted source. But, you can never be sure! 
  3. Update your browser and e-mail client. Security loopholes (vulnerabilities) are constantly being found in most popular software and exploited by virus writers. Corrections (known as patches) are required and responsible software publishers will make these available when a flaw is discovered. Hackers are actually sometimes helpful in exposing flaws in these programs. That assists in the protection process, but you must download and install the available patches for them to be effective.
  4. Password protection of important data, or of access to your machine. Added security for data. You may also disable file sharing on Networks. 
  5. Install a Firewall. This is a barrier between your computer and the Internet and it will enhance antivirus protection. But, it may interfere with Internet use if not suitably configured. Recommended for those with continuous Internet connection (cable or ADSL) or on Networks. Useful for protecting data and programs from unauthorised access, or to prevent any Trojan or other programs from sending information from your machine out to an unknown site.
Your computer security starts at home and is completely in your own hands.

 Reprinted from the March 2002 issue of PC Update, the magazine of Melbourne PC User Group, Australia

[About Melbourne PC User Group]