Security threats to beware of in 2003

The New Year is often a time to make a new start. Unfortunately, that includes viruses, worms, adware, spyware, and all the threats that pose a risk to your PC. In 2003, you have plenty to worry about, and experts warn, those threats aren't always what you expect.

Although viruses spread predominantly through e-mail, they can enter your system many ways. Any sort of file transfer is susceptible, as are application holes. The chief security mistake is to concentrate on Outlook and other e-mail applications, an antivirus vendor suggests. Still, that's always the place to start.

"End users at home are really the only ones who will be victimized by e-mail worms. For businesses, it's easy to block executable attachments," says Roger Thompson, TruSecure Corp.'s technical director of malicious code research. "You don't even have to worry about scanning those attachments for viruses once you make the decision to block all of them."

Patching the Problem

Thompson acknowledges it isn't as easy for home users to stop the stream of e-mail threats.

"All they can do is keep their antivirus software and firewall up to date," he says. "And they have to keep their operating system patched. They should go to Microsoft's Windows update site and apply patches all the time." Those patches are vital to protect both home and business users from a new wave of threats, he says.

"We're so focused on e-mail worms, and sure, those threats will still be there, but the new threats are coming in elsewhere. It's not a case of an attachment anymore, it's vulnerability exploiters that pose risks."

These vulnerability exploiters, as Thompson calls them, are threats similar to the Code Red worm, which didn't have an e-mail component. Instead, they spread via the Internet and company network, searching for vulnerabilities in servers, operating systems, and browser software.

And those vulnerabilities seem to be increasing exponentially. Microsoft, for example, patched more than 80 vulnerabilities in its Internet Explorer browser last year. However, as many as 30 IE vulnerabilities remain unpatched, Thompson says. These holes--as well as the ones for which patches are available but were not applied--could let malicious code make its way onto your PC or network.

Potential Threats Abound

Another area of increasing risk is intentionally malicious files posted on the Internet, masquerading as legitimate downloads. Adult newsgroups are particularly dangerous, Thompson says. Many of the files that users download, believing they are .jpeg or .mpeg files, are actually remote access Trojan horses that allow the creator complete access to your PC.

You may download the file, and when it doesn't display a picture or play a song, you think it doesn't work. In fact, it could be installing a backdoor on your PC, which alerts the creator when you're online and allows him access to all the contents of your PC. In addition to reading your files, the Trojan's creator could also use your PC as part of a distributed denial of service attack, aiming the resources of your system and thousands of others at a certain Web site in an effort to knock it offline, Thompson warns.

Another growing potential risk is adware. While it doesn't harm your PC, it can invade your privacy, Thompson says. Users often unwittingly download such software with other applications, including some of the popular file-swapping programs. It watches every Web page you visit and creates a profile of you and your interests, so that it can serve you specific ads tailored toward your interests.

Wireless and instant messaging viruses aren't truly a threat yet, says Thompson. Still, he notes, virus writers are trying to target instant messaging systems, and he expects they will succeed.

Staying Safe

While Thompson's forecast for 2003 may sound like doom and gloom, he emphasizes that PC users can do plenty to stay safe. Home users should still worry about mass-mailed viruses, but look beyond e-mail. If you keep your antivirus software up to date, install and maintain an updated firewall, and constantly patch your software, you should stay safe. And, of course, you should never open executable attachments if you're not entirely sure of the contents.

While it's easier for businesses to block executable attachments, it's more difficult for them to constantly patch the software across their entire network. The key, Thompson says, is to configure the network properly. "You have to harden the inside of your network to keep the vulnerabilities out," he says.

Configuring a network is easy enough if you know what changes to make, Thompson says--though he admits that his statement is a bit like saying, "it's easy enough to make money in the stock market if you know what stocks to buy." It may not be easy, but with a little time and attention, the effort to protect your network or your PC will be worthwhile.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Liane Cassavoy

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?