In the real, physical world, we (our assets and our actions) are on display – to about the degree we want them to be. We have a sense of how deeply we want to be known and by whom. We can generally tell from another’s gaze, questions, or actions whether we are being scrutinized excessively, and for most of us there are aspects of our life that we’d prefer remain secret. We learn as part of growing up what configuration of “privacy” to establish and what security measures we will use to enforce that privacy.
Our expectations for privacy in the cyber-world are similar. But in the cyber world, we are less equipped to know who is scrutinizing us, what they are focusing on, and what their motives might be, in part because we know less about the security tools available to us. In the cyber world, we evolve a degree of transparency that we offer to friends, relatives, and others and by elimination a preferred depth of opacity about certain personal information.
The following is a first part of series on understanding of basic cyber-privacy and pragmatic security to protect it.
Cyber-transparency is relatively easy to achieve – just post your information for all to see. But cyber-opacity can be difficult to achieve depending upon who is pursuing your information and how you and others act to protect it. You do not achieve privacy merely by “not putting information on your computer.” Banks, schools, courts, doctors, myriad government agencies, and your acquaintances will database some information about you. Their inclusion of parts of your personal information may be with benign intentions, but once stored, anyone else exerting enough effort can obtain it. Your travel plans may be safe with your parent, but if your friend’s sociopathic friend can see them while viewing his Facebook account, then a stranger knows when your home will be empty.
This first blog will focus on the importance of antivirus software. One efficient way to protect your personal computer-based information is to use a privacy and security suite to cover the most common automated attack vehicles; viruses and worms. Vendors such as Microsoft, Norton, McAfee, Apple, and others offer these products and they are generally effective, realistically priced, and require little skill on your part. For personal Computers, Microsoft operating systems have built-in security that is reinforced by its free (yes free) Microsoft Security Essentials. Apple’s MAC OS seems to have good built-in security against virus and worms that’s kept current by automatic operating system updates. McAfee, Norton and others offer security suites competing with Apple and Microsoft. Using the internet without a well-regarded security suite will leave your personal information and computer open to people who wish you harm – don’t do it. Given the high costs that can result from security breaches, none of the popular security suites seems overpriced.
As an example of how numerous and aggressive these nuisances are, an early draft of this article was being written on a laptop using a hotel chain’s free (and unsecured) Wi-Fi internet access. The laptop’s security suite reported that within the first minute, more than 20 viruses and worms were repelled as they attempted to invade the laptop. The only website visited was the hotel’s, so the attacks must have come from the hotel or from computers using the hotel’s Wi-Fi network, likely from the unsecured public computer in the hotel’s lobby.
The main danger that the typical home-user security suites don’t cover is “social engineering” approaches used by scammers to induce you to reveal sensitive information (e.g. bank account, and social security numbers) or behave in unsafe ways (e.g. install malicious programs or participate in fraud). Social engineering can come through postal mail, email, short messages or telephone. Interactions with merchants, or information exchanges with friends and relatives on social media such as Facebook, YouTube, Twitter, LinkedIn, and Second Life, are probably less dangerous than postal, email or telephone interactions because of the non-public forum in which the criminal’s pitch can be delivered.
Here are three major threats to your computer that give sufficient reason why anti-virus software is absolutely necessary:
- Virus Contagion. Viruses are attached to an executable file, which means the virus may exist on your computer but can’t infect your computer unless the malicious file launches. People unknowingly spread a computer virus by sharing infecting files or sending emails with viruses in emails. Your security suite should detect and remove viruses if it is kept up to date. Most suites automatically download the latest virus, worm and “trojan horse” signatures to deal with the problems before they can spread.
- Worm Spreading. A worm takes advantage of file or information transport features on your system, allowing it to travel unaided. The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out thousands of copies of itself, creating a serious problem.
- Large-scale hacking. Hackers motivated by economic gain or political ambitions can attack some of the largest companies. When they attack banks, credit card companies, and retailer customer databases, they are generally collecting customer account information that would allow them to directly drain accounts or conduct identity theft to sustain theft over time. If they don’t use the information themselves they may sell it to other criminals or exchange it for ransom from the company. In another instance, hackers broke into a major newspaper’s site to commit political mischief – posting a faked report of a political leader’s death. You may become a victim of these large scale hacks, but there is little you can do beyond argue that the attacked companies are liable for your damages as they could and should have had better security protections.
These examples show why anti-virus software is one of most important steps you can take to protect your digital information and security. Please look for my next blog, which will deal with other online nuisances.
Alan Daley is a retired businessman living in Florida. He follows public policy from the consumer’s perspective.