11 hidden security threats and how to stop them
- — 26 January, 2010 02:45
Rogue Wi-Fi Hotspots
Free Wi-Fi networks are available almost everywhere you go. Attackers, however, sometimes set up a malicious open Wi-Fi network to lure unsuspecting users into connecting. Once you have connected to a rogue wireless network, the attacker can capture your PC's traffic and gather any sensitive information you send, such as your usernames and passwords.
Verify the network's name: If you want to connect to the Internet at a coffee shop or in another public place, find out the SSID of the establishment's network. The SSID is the name of the wireless network; it is broadcast over the airwaves so that your computer can detect the network, and as a result it's the name that appears in your system's list of available networks.
The SSID for a network at a McDonald's restaurant, for instance, might be "mickeyds." An attacker could set up a rogue wireless router in the vicinity of the McDonald's location and set its SSID to "mcdwifi" or "mickeyds2." Your computer would then display both names on the list of available networks--and the rogue wireless network might even have a stronger signal and appear higher on the list. Make sure that you connect only to the official network.
When in doubt, don't trust any open network. Most free wireless networks are unencrypted--and therefore unprotected. That means that the data traveling between your computer and the wireless router is susceptible to being intercepted and viewed by other parties that happen to be within range of the wireless network. Unless you have your own secure connection, such as a VPN (virtual private network) connection to the network at your office, you should avoid using public Wi-Fi for logging in to sensitive accounts (such as your e-mail or bank account); instead, limit your Internet usage in such public places to reading the news or checking for weather updates and traffic reports.
Weak Wi-Fi Security
If you're cautious, you've already secured your wireless network with a password to keep outsiders from accessing it or using your Internet connection. But password protection alone may not be sufficient.
Use stronger encryption: Several types of Wi-Fi network encryption are available, and there are some important differences between them. WEP (Wired Equivalent Privacy) encryption is the most common variety employed on wireless networks. If you have a WEP password in place on your Wi-Fi network already, you've taken a significant step toward protecting it from intruders.
But WEP can be easily cracked: Tools are available that allow even unskilled attackers to crack the code and access your network in a matter of minutes. WEP is still helpful, since most aspiring wireless-network hijackers are not dedicated enough to take the time to break in, but to be safe you should use WPA (Wi-Fi Protected Access) or its successor, WPA2. These encryption types resolve the weaknesses of WEP and provide much stronger protection.
Log in to your router's console and find the wireless-security settings. There, enable encryption and select either WPA or WPA2. Enter a password, save the settings, and restart your router--and you'll start surfing more safely.
Endangered Data Backups
You know that you should back up your data, especially files of irreplaceable items such as family photos, regularly. But while storing backups on an external hard drive or burning them to blank CDs or DVDs and keeping them in the closet will enable you to restore files easily if your hard drive crashes or corrupts, that approach also creates a portable--and thus easily lost or stolen--archive of your sensitive data.
Encrypt your backup data: Be sure to use a backup utility that allows you to protect your data with encryption, or at least a password, to prevent unauthorized access. If you want to take things a step farther, you can put your backup files on an encrypted external USB drive such as the Seagate Maxtor BlackArmor, a PCWorld Best Buy. You can also find external drives with biometric fingerprint scanners, such as the Apricorn Aegis Bio or the LaCie d2 Safe. (For reviews of these drives and others, see "Encrypted Drives Keep Your Files Safe.")
Use an online backup service: If you prefer, you can use an online storage service such as Microsoft Windows Live SkyDrive, which provides 25GB of storage space for free and offers a measure of security by requiring a username and password for access. Unfortunately, copying 25GB of data and keeping it updated via SkyDrive can be a time-consuming and cumbersome process. For a small fee, though, you can use a service such as Mozy, which includes tools to automate the process and to ensure that your data is backed up regularly.
Unpatched Software (Not Just Windows)
Microsoft's products have long been favorite targets for malware, but the company has stepped up its game, forcing attackers to seek other weak links in the security chain. These days, third-party products such as Adobe Reader provide attackers with alternative options for hitting your PC.
Install all security updates: You should have both a firewall and an antimalware utility protecting your system, but one of the simplest--and most effective--ways to guard against attack is to make sure that you keep your operating system and applications up-to-date.
Attackers have discovered that a considerable number of third-party applications such as Adobe Reader and Adobe Flash are present on virtually every computer and contain exploitable weaknesses. To guard against threats, you can use a program such as the Secunia Personal Software Inspector to scan your system, identify applications that have known vulnerabilities, and install the necessary updates.
Do your best to stay informed of existing flaws for the various applications you use, and apply appropriate patches as soon as possible. The About.com Antivirus Software site is a good resource to use in collecting such information. You can also check sites such as McAfee's Avert Labs Threat Library for the latest news on emerging threats.
Though attacking third-party products may be a path of least resistance, bad guys haven't given up entirely on Microsoft products. Windows users should have Automatic Updates (or Windows Update) enabled and set to download and install important security updates automatically. The automatic updates will keep the Windows operating system--as well as other Microsoft software such as Internet Explorer and the various Office applications--patched and current.