There are ways to fight cyber criminals

There’s a silent war going on at your desk, right under your nose. It could include large scale attacks on large corporations, spam distribution, digital subterfuge and the hijacking of your personal property.

These scams make millions of dollars for cyber criminals — and you could be helping them!

Your Internet-connected personal computer is the battleground. And the weapons being used are viruses, spyware and other well-engineered, nasty programs designed to compromise and take advantage of your computer.

Years ago, viruses were digital nuisances. They were tools of digital narcissists, young, usually male programmers who were out to prove their programming prowess. Virus authors showed off their intelligence by creating wildfire digital infections that would advertise their presence, sometimes with a gloating message.

Today’s malware writers have changed their tactics. Viruses are no longer tools of ego-centric renegades. They now infect unprotected computers, nestling themselves deep inside a system, deploying tactics to conceal themselves. The endgame for a virus writer is to deploy a “bot”, a program that acts like a digital worker bee.

Digital army of bots

Once installed, it waits for a command from its creator via the Internet. It can be instructed to deploy an attack on a remote computer by sending a stream of data packets at it. When thousands of bots are commanded together in what is called a “botnet”, the digital army has the power to overwhelm major computers owned by large companies. Security experts call this technique a “distributed denial of service” attack or DDOS. It is used by cyber criminals to extort money from companies. Many targeted companies pay the ransom because the cost of an outage of their servers would be far more expensive.

The bot can also deploy a spam-mailing engine. Implanted on your computer, it imports spam messages and e-mail lists from its creator on the Internet and then floods the Internet with unwanted e-mail advertising. Since the spam flow originates on thousands hijacked computers, it’s very difficult to stop because it’s almost impossible to find the original source.

Malware writers also create programs called spyware to implant electronic snoopers on personal computers. These programs track what you do on your computer and harvest identity information.

Spyware steals identities

This snoop software can include a type of program called a “keylogger” which records your keystrokes. The eco-system that supports identity theft is highly organized. Freelance malware programmers use their tools to steal your personal information from your computer and then sell it to criminals who exploit the data.

“It is no longer a cottage industry. It is funded by crime rings,” explains security expert Ron Nguyen, Director of Consulting at FoundStone, a division of the security company McAfee.

Curiously, malware has become so effective that there is an inventory problem. “There’s a glut of stolen identities. So if yours is stolen, it may not get used for six to nine months down the road,” said Nguyen

The freelance malware writer receives $1 for each identity they sell to digital crime syndicates.

It’s your fault

This loathsome economy can be blamed both on computer owners and companies like Microsoft. You bear the responsibility of defending your computer from viruses and spyware. (The good news is I’ll show you how later in this article.)

Microsoft also has a lot to answer for. The most targeted type of computer are the ones that run the operating system Windows XP. It was designed at a time when Microsoft was focusing on ease-of-use and mass-market high-speed Internet connections were becoming common place. Malware writers saw an opportunity and exploited the poorly defended Windows XP personal computers. Microsoft defends itself by claiming it’s a natural target, because the majority of the world’s personal computers run its software. Pundits argue that Microsoft’s security features on Windows XP were extremely lax.

After more than 100,000 unique viruses and millions of spyware-targeted Windows-powered computers, Microsoft responded with Service Pack 2, a large digital repair package that cleaned up the worst security vulnerabilities on Windows XP computers. It wasn’t a panacea, but it went a long way to staunch the flow of malware.

To its credit, Microsoft made security a priority when it designed its new operating system Windows Vista, which was launched in January. Months after its release, Vista appears to be holding up well against any newly designed malware.

What YOU can do

To defend against malware infections, you have several tools at your disposal.

1. Anti-virus: Your first job is to install an anti-virus program. Norton Anti-Virus and McAfee VirusScan are market leaders, even though they tend to be hard on system resources like memory and processor power, reducing system performance. Savvy computer geeks prefer to use products like Eset’s NOD32
   and the well-designed F-Secure Internet Security
   . There are also two very good free anti-virus programs: AVAST and AVG. Both do a great job of defending against infections.
2. Anti-spyware: While anti-virus products offer some protection from spyware, you’ll want to install a separate anti-spyware utility, too. No one anti-spyware program catches all infections, so the best approach is to install two or three competing programs. There are several free anti-spyware programs available on the Internet including Microsoft’s Windows Defender, Spybot Search & Destroy and Ad-Aware. Installing two of these can drastically increase the detection rate of spyware. Adding and scanning with a third commercial anti-spyware product is also highly recommend for complete protection. Two that many see as the best among the best include PestPatrol – now called: CA Anti-Spyware 2008 and Spyware Doctor.
3. Firewall: A firewall is a program that acts as a digital wall between your computer and the Internet. It stops traveling viruses (called worms) from penetrating your computer as well as nosy humans (called hackers). Windows XP and Vista both have built-in firewalls. When you install Service Pack 2 on Windows XP, it switches on. Vista’s firewall comes switched on by default. Third-party firewalls are also available in security suites from Symantec and McAfee. Zone Alarm Pro is also recommended. A home-network router (a switch box used to share the Internet with several computers) also has a built-in firewall. It increases the defenses of the computers it shares the Internet with.
4. System Updates: Windows XP and Vista have a feature called Windows Update which downloads and installs security fixes from Microsoft automatically. Set this program to run on a regular basis and allow it to install fixes as they arrive.

Macs are secure

Now, if you own a Mac computer from Apple, a lot of this advice is unnecessary. Certain firewall protection never hurts, of course. One is built into the Mac OS X operating system. There are also anti-virus programs available for the Mac but they are largely unnecessary. There are very few viruses written for the Mac and of those that are in circulation, not many spread easily. Spyware is also almost non-existent on a Mac. Both viruses and spyware have trouble infecting Mac systems because Apple engineered a feature that requires a human to type in a password before any software can be installed or before any settings changes can be made.

Microsoft took note of this and engineered a similar feature called User Account Control into Windows Vista. It demands that a computer user approve changes and new software installations when they are initiated. That stops malware from installing themselves or invisibly changing system settings. It’s largely why Vista has been mostly impervious to malware since its release.