Secure IT Foundation

How did I get a virus?

Posted on: October 1, 2011

One of the most common questions asked, is how did I get a virus on my Windows computer? Simple answer – human error.

To get a virus to infect your computer you had to do / not to do one or more of the following scenarios:

  1. Use Windows with no firewall and never update Windows (Windows XP Service Pack 2 or older, ME, 98, 95 users – that means you). The virus is sent by bad people to every computer on the Internet. Your lack of a firewall allows the bad code to enter your computer and without any other security the code will run. The computer is then in the control of the bad guys.
  2. Use Windows with a firewall, update Windows occasionally, but have no Anti Virus software. The firewall stops the bad guys code but you receive an email or instant message with an attached file, from person known or unknown (doesn’t matter!). You open email and double click on the attachment. Bad guys code runs, no Anti Virus which may stop the code, bad guys have control of your computer.
  3. Use Windows with a firewall, update Windows occasionally, use up to date Anti Virus software, but also use Internet Explorer to browse the Internet. You visit a web site. The trusted web site receives adverts from a third party but bad guys manage to get their bad code sent as an advert to all web site visitors of the trusted web site, including yours. Firewall does not help as you want your computer to communicate with the Internet. The bad guys code is new so not stopped by your Anti Virus software. Your Windows is not fully up to date and the bad guys use a known problem with Windows to get their code to run. The bad guys have control of your computer.
  4. Use Windows with firewall, up to date Anti Virus, Windows is fully updated, and you use Firefox. The bad guys publish a new message on FaceTubeHive which links to their bad website, under excuse of a funny / rude / surprising / adult / flash video (delete as appropriate). You click on link to see the mentioned funny / rude / surprising / adult / flash video (delete as appropriate). As you have never updated your Adobe Flash Player, the bad guys’ code uses a known problem with the software and the bad guys have control of your computer.
  5. Use Windows with firewall, up to date Anti Virus, updated Windows, updated Office, updated all installed applications, use Firefox instead of Internet Explorer with Adblock Plus and NoScript plugins. However you wanted to speed up your old computer / remove viruses from your computer / remove spyware from your computer (delete as appropriate) and clicked on a link to software that claimed to do just that. Guess what, the software is a fake and the bad guys wrote it. It is new code so not detected by Anti Virus software, and now the bad guys have control of your computer.
  6. You use Windows with firewall, up to date Anti Virus, updated Windows, updated Office, updated all installed applications, use Firefox instead of Internet Explorer with Adblock Plus and NoScript plugins, hardened to equivalent of Secure IT Foundation Standard Level 4 (highest!). Your kids use the computer and want to play a new game, they click randomly on links in Google / use eMule / use Bittorrent / use Limewire (delete as appropriate) and download bad guys’ code. They double click on the file and it goes to run. The kids are prompted to enter the administrators password which they do not know. They moan and whine, so you give in and enter your password for them. The bad guys’ code runs and they now have control of your computer.

It should be:

You use Windows with firewall, up to date Anti Virus, updated Windows, updated Office, updated all installed applications, use Firefox instead of Internet Explorer with Adblock Plus and NoScript plugins, hardened to equivalent of Secure IT Foundation Standard Level 4 (highest!). Your kids use the computer and want to play a new game, they click randomly on links in Google and download bad guys’ code. They double click on the file and it goes to run. The kids are prompted to enter the administrators password which they do not know.

  • They moan and whine so you contact your IT Security professional and ask is this file safe to run. They check and say yes or no. You listen and kids may or may not have a new game to play. If not, you explained it was a computer virus and not a real game. You even told them the example of a Xmas present with a loaded mouse trap inside to explain that all that looks shiny may not be what it looks like. If you must demonstrate use your own fingers!
  • You have some IT knowledge, upload the suspicious file to http://www.virustotal.com, and it comes back clean. You test it in a virtual computer using VMware or similar and find no problems or suspicious firewall traffic. Nothing happens, kids get new game the next day.

Anything less than full security all the time, is all it takes to give your computer to the bad guys.

Even with the highest level of security there are no guarantees and occasionally the bad guys get lucky and write code that goes through all defences. Only up to date backups will save you then, assuming you do make backups.

Prepare for the worst and you should be ok. Hope for the best and it won’t be ok. Security can be so simple.

SB

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


  • None
  • Coldwind: Couldn't agree more. I downloaded a piece of software just now, disabled the 'toolbar' 'offer' (which fortunately for me has become a reflex); but co
  • ModemJunki: I only discovered this today - I had updated the firmware to the latest out of habit, and I could STILL access my TrendNet cams on the local network w
  • PrentOS – a Simple Secure Computer « Secure IT Foundation: [...] September 2010 we said it was time for a brand new start to computing, well it is starting to take shape… [...]

Categories

%d bloggers like this: