The New Year is often a time to make a new start. Unfortunately, that includes viruses, worms, adware, spyware, and all the threats that pose a risk to your PC. In 2003, you have plenty to worry about, and experts warn, those threats aren't always what you expect.
Although viruses spread predominantly through e-mail, they can enter your system many ways. Any sort of file transfer is susceptible, as are application holes. The chief security mistake is to concentrate on Outlook and other e-mail applications, an antivirus vendor suggests. Still, that's always the place to start.
"End users at home are really the only ones who will be victimized by e-mail worms. For businesses, it's easy to block executable attachments," says Roger Thompson, TruSecure Corp.'s technical director of malicious code research. "You don't even have to worry about scanning those attachments for viruses once you make the decision to block all of them."
Thompson acknowledges it isn't as easy for home users to stop the stream of e-mail threats.
"All they can do is keep their antivirus software and firewall up to date," he says. "And they have to keep their operating system patched. They should go to Microsoft's Windows update site and apply patches all the time." Those patches are vital to protect both home and business users from a new wave of threats, he says.
"We're so focused on e-mail worms, and sure, those threats will still be there, but the new threats are coming in elsewhere. It's not a case of an attachment anymore, it's vulnerability exploiters that pose risks."
These vulnerability exploiters, as Thompson calls them, are threats similar to the Code Red worm, which didn't have an e-mail component. Instead, they spread via the Internet and company network, searching for vulnerabilities in servers, operating systems, and browser software.
And those vulnerabilities seem to be increasing exponentially. Microsoft, for example, patched more than 80 vulnerabilities in its Internet Explorer browser last year. However, as many as 30 IE vulnerabilities remain unpatched, Thompson says. These holes--as well as the ones for which patches are available but were not applied--could let malicious code make its way onto your PC or network.Potential Threats Abound
Another area of increasing risk is intentionally malicious files posted on the Internet, masquerading as legitimate downloads. Adult newsgroups are particularly dangerous, Thompson says. Many of the files that users download, believing they are .jpeg or .mpeg files, are actually remote access Trojan horses that allow the creator complete access to your PC.
You may download the file, and when it doesn't display a picture or play a song, you think it doesn't work. In fact, it could be installing a backdoor on your PC, which alerts the creator when you're online and allows him access to all the contents of your PC. In addition to reading your files, the Trojan's creator could also use your PC as part of a distributed denial of service attack, aiming the resources of your system and thousands of others at a certain Web site in an effort to knock it offline, Thompson warns.
Another growing potential risk is adware. While it doesn't harm your PC, it can invade your privacy, Thompson says. Users often unwittingly download such software with other applications, including some of the popular file-swapping programs. It watches every Web page you visit and creates a profile of you and your interests, so that it can serve you specific ads tailored toward your interests.
Wireless and instant messaging viruses aren't truly a threat yet, says Thompson. Still, he notes, virus writers are trying to target instant messaging systems, and he expects they will succeed.
While Thompson's forecast for 2003 may sound like doom and gloom, he emphasizes that PC users can do plenty to stay safe. Home users should still worry about mass-mailed viruses, but look beyond e-mail. If you keep your antivirus software up to date, install and maintain an updated firewall, and constantly patch your software, you should stay safe. And, of course, you should never open executable attachments if you're not entirely sure of the contents.
While it's easier for businesses to block executable attachments, it's more difficult for them to constantly patch the software across their entire network. The key, Thompson says, is to configure the network properly. "You have to harden the inside of your network to keep the vulnerabilities out," he says.
Configuring a network is easy enough if you know what changes to make, Thompson says--though he admits that his statement is a bit like saying, "it's easy enough to make money in the stock market if you know what stocks to buy." It may not be easy, but with a little time and attention, the effort to protect your network or your PC will be worthwhile.