Number 263 - April 2005
Keep Bad Guys Out of Your PC
by Heather Newman, Detroit Free Press
Don't think you're safe from hackers unless you use these four ways to fool them.
Seven in 10 computer users are victims of cyber break-ins each year. You should buy a firewall and turn your computer off when not using it.
   Hacking is only hilarious when it happens to a Hilton.

   If someone broke into your computer, they probably wouldn't get Eminem's phone number (as hackers who got into T-Mobile's phone system most likely did from socialite Paris Hilton's phone book last month).

   And they're not likely to get personal information on at least 140,000 other people (as hackers who broke into financial information broker ChoicePoint's databases did last month).

   But they could get things that are much more valuable to you:    
  • Your financial information.
    •    
  • Your passwords to sites and programs
    •    
  • Your e-mail address to deluge you with spam


    •    While it's unlikely that rings of hackers would target you specifically, you still need to take precautions if you operate a computer that's connected to the Internet, especially if you have a fast, always-on connection like a cable modem or DSL link.

       While hackers might not go out of their way to target you, they're always generically sniffing for opportunities to mess with people's data--and you might be more vulnerable than you think.

       Think it can't happen to you because you're not a big business like Bellevue-based T-Mobile or a celebitry like Hilton ? Think again.

       The National Cyber Security Alliance, based in Washington, D.C., estimates that seven in 10 Americans who go online are the victim of a cyber security or privacy incident each year.

       Here are four things to do:

    1. Build a wall of defense.
       Your first and biggest line of defense is a firewall. That's a program or piece of hardware--both have the same function, though they operate differently--that stops information requests from coming into your PC that you didn't authorize. They also stop the flow of data into and out of your PC unless it was a site that you requested to see.

       Hardware firewalls, which are typically built into routers that hook up to your cable modem or DSL adapter, are the best choice for fast Internet customers. They provide strong support, even stealthing the ports of communication hackers use--meaning that outsiders don't know that those ports to your PC exist.

       Consider the Netgear line of routers, but most of the top brands serve the same function. It's worth it to use a router--even if you don't have multiple PCs or a home network--if you leave your computer on a lot.

    2. Turn off your computer.
       It's hard to hack your PC if it's not on. If you don't have a hardware or software firewall, you can reduce--though not eliminate--the risk of unauthorized intrusions by turning it off when you're not using it.
       Check your owner's manual. Some PCs are set to turn themselves on when the network card that connects to the Internet detects activity. You'd want that option turned off.

    3. Stick with dial-up.
       Yes, it sounds odd to stick with an outdated link to the Web. But software firewalls are the best bet for dial-up customers because you don't use your Internet connection as often and because it's harder for hackers to find you when you do.

       Unlike always-on Internet connections, dial-up users get assigned a different Internet address every time they call in. Just as people who make crank phone calls can't find you if you don't have a phone number, it's a lot tougher for hackers to target you without a consistent Internet address.

    4. Watch what you load.
       Start worrying about the second source of access to your machine--programs you load on your hard drive, accidentally or on purpose. A particular danger is adware or spyware, programs that gain access to your machine through a Web site or an e-mail.

       For instance, you might run across a pop-up window that looks just like a system error that requires your attention. But it's no error--it's somebody who wants to plant a program on your computer to make it serve up their advertising, or worse.

       You need two lines of defense here.

       First, you should have a constantly updated anti-virus program (it must be updated regularly, or it won't detect the new viruses that come out), which should be set to scan incoming and outgoing e-mail to avoid having your PC be used to spam others. Norton AntiVirus and McAfee VirusScan are two common options.

       You'll also need an anti-adware program to keep an eye on software that tracks your keystrokes, serves up ads and otherwise collects information you want to remain private or sends you information you don't want Ad-Aware (www.lavasoftusa.com) works well, but there are lots of others.

       
    It's a Spamdemic


       In a survey the National Cyber Security Alliance conducted with America Online last year:
       
  • 63 percent of those polled said they'd gotten a virus on their computers.

    •    
  • More than half of those polled said they had been attacked by spyware programs (which track passwords and other sensitive information you type) or adware programs (which flood your computer with advertising pop-up windows).
    •   Number 263 - April 2005