Call Galen Huebner: 423-822-5210COMPUTER MEDICS HOME|ABOUT US|PC SERVICES WE OFFER|CONTACT US

Helpful Tips

NOTE: I will be adding additionals tips and noteworthy items here from time to time. Also expect to see changes in format and where this information may get placed. As I add more information, I will be looking for better ways to make it available. Thank you for visiting my site.

 

(04-18-12)

Danger, Will Robinson, Danger!! It's RANSOMWARE!!!

This was the warning from Robot on Lost In Space and in the case of this new infection it is quite appropriate for everyone. What should you be afraid of? Ransomware. This is perhaps the cruelist of all infections. Allow me to share a very recent story:

I am called in to assist a client who can no longer access her data. When she trys to click on a document, the following message pops up in a separate window: "Your files was blocked because of copyright violation, you can't access your files. Please visit sopacrystal.com for more information and follow step by step instructions." It then has a four line key code below it. The poor grammar using "was" is the first tip off that this is not from someone fluent in English.

For those who may recall SOPA stands for Stop Online Piracy Act. This is one of the bills that had been considered by Congress earlier this year. The hacker pretends to be a U.S. government agency out to make you pay for copyright infringement. The hacker's server, however, is not based in the U. S. but in Russia. When you go to the site, you have the option to click on one of two legal payment services, where you can pay the ransom of $130. Then you are told to wait patiently for the decrypting tool to be sent to you. The problem is that it will never come.

I requested GFI Laboratories, the makers of Vipre Security, to remote into this computer to see if they could get anything useful in order to create a defense. I don't believe they we're able to find everything they needed as the hacker's delivery system is removed right after encypting the documents. Since the decrypting key is held, in this case, by sopacrystal.com, there is no way to decrypt the files except through them. They're not, however, going to provide that to you regardless of how many times you pay them because they are not going to provide additional tracks that may help lead back to them.

My client's PC (minus some needed maintenance) is perfectly usable. The documents, however, though present will never be accessible.

The sad fact is that the client could have avoided this infection had Java been updated and the old versions removed. An older insecure version of Java was the attack vector used by the hacker. The Java update icon was even present in the System Tray, but it had not been clicked on to perform the update. Additionally, had a current form of back-up been made, this would not be such a tale of woe.

Again, this type of attack is what we call, "Ransomware." Let's do a quick recap:

• What does Ransomware do? Well it encrypts all of your documents (or the Master Boot Record of the hard drive) with 256 bit encryption and then demands that you pay a ransom to get your files decrypted so that you can access them again.
• What happens after you pay the ransom? Nothing. That's right, nothing. They never send you any tools to decrypt the data that they so ruthlessly take from you.
• Is there any other way to get your data back? No. Short of having a government super computer and waiting months or years to break the encryption, your data is just plain irretrievable.
• Now what can you do?

1. Perform all the Windows Security Updates as they come to you. With the XP operating system, this is a little yellow shield that appears in the lower right hand System Tray. With Vista and Windows 7 it will appear as a kind of aqua green icon with a gold Saturn-like ring.
2. Keep Adobe Reader, Flash Player, and Oracle Java updated. Java usually appears as an "orange icon with a tea cup" in the System Tray. And MAKE SURE there are no older versions installed by checking Add/Remove Programs.
3. If you have iTunes, you will most likely also have installed Safari and Quicktime. All of these must be kept up-to-date as they are sources for infection since security weaknesses are found in the older versions and can be exploited.
4. Please, please, PLEASE !!! have some method of backing up the data that is important to you either by manually copying your data to a USB Flash Drive or better yet using a "Clickfree" external back-up hard drive which will automatically back-up all your data files. You may certainly use other brands, but Clickfree drives make this the easiest in my opinion. Better yet, if you have Windows 7, you can make backup images of your entire hard drive for restoration when needed.

 

(01-23-2012)

MAJOR FACEBOOK VIRUS!

http://www.techrepublic.com/blog/security/facing-down-the-ramnit-virus-on-facebook-tips-for-protection-and-clean-up/7316?tag=nl.e019

I thought this was a very interesting article and worthy of note. It's somewhat technical, but read it to get the overall thrust and then comeback here and finish my thoughts.

The TechRepublic article makes use of the word, "Bot." It's meaning is discussed under my PC Services > Malware link on this site. What most customers don't realize is that bots very often escape Anti-virus shields and scans all the time. Now I personally shop and bank online. I know how to protect my computer. But for the average client  the potential for identity theft and subsequent recovery costs should be a real concern, not to mention the cost of cleaning the PC? Since all of us use the internet, we need to take certain precautions. The internet is now a mine field and the idea that using an Apple MAC or Linux machine makes you entirely immune is nonsense. In fact, I predict that Apple products will become under ever increasing threats due to the popularity of the iPhones and iPads. Android phones are also no exception.

While there are many tips that can be offered, I am only going to concentrate here on a rather extreme recommentation. I am often asked by clients how they can be 100 percent safe doing online banking.Outside of the normal counsel about unique passwords for every site, I give them this extreme recommendation.

1. Nothing is ever 100% safe.
2. Pick out a single clean PC dedicated only for online banking and/or bill paying.
3. NEVER use this PC for any internet browsing or for checking email.
4. If you use a USB drive, it can only be used on this PC alone. Do not bring those used on other PCs to this computer.
5. Don't share this PC on your network.
6. Due to router hijacking (particularly Linksys, Belkin, and Netgear) make sure your router admin password is strong and not using the manufacturer's default. Some routers have been hijacked and reroute your internet surfing through the hacker's servers.

Yes, this is extreme, but I actually have a few clients, who are doing this. Their other PC's may get infected, but at least this PC should be safe. The operative words of course are "should be."

Identity Theft is now big business and victims are growing. You only have to be a victim once to wish you'd protected yourself.

Now back to the primary article. Facebook is extremely popular. That's why hackers go after it. It's a great return for their investment. I won't tell you not to use Facebook, but let's get real. You know that it's a major risk for infection. Playing Facebook games, clicking on the advertisements on the right, opening emails from Facebook friends you don't know or clicking on suspicious links or attachments from emails of friends you do know puts you at risk. Simply put. It's like playing Russian Roulette. So how can you be relatively safe using Facebook? Simply avoid doing the things I just mentioned in this paragraph. Also, tighten your privacy settings within Facebook.

One last observation that should be obvious from the TechRepublic article, businesses should not allow employees to access Facebook on business computers. If you are a business owner and you allow your employees to cavalierly browse the internet, and particularly Facebook, you risk compromising all kinds of data and some may involve your customers'.

I wish the internet was safe, but it's not. As long as there is greed and corruption, men will find ways to exploit others. Your best defense is taking responsiblility and learn the safety rules of the computer highway. Learn the rules, practice common sense and if you're a business owner, enforce the security policies you put in place.