Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Tips to avoid being bit by CryptoLocker (and what to do if you are)

Kim Crawley | Dec. 4, 2013
InfoSec Institute's Kim Crawley details CryptoLocker, the latest in scareware, and offers suggestions for avoiding infection.

Unfortunately, I'm concerned that users of Windows Vista, 7, and 8 have been lulled into a false sense of security. That's because those Windows client operating systems create a back-up partition under the "D:" logical drive. Usually, the D partition will only back up the operating system, if it works at all. But aside from things that can physically destroy your hard disk, there is Windows malware that can cross over from your C partition onto your D partition. Additionally, there's malware that can infect your BIOS, so your PC won't even boot.

If you have a Windows 8 OEM machine with Secureboot, you're still not safe from BIOS malware, in spite of what Microsoft says. My fiancé and I have personally created Secureboot-infecting malware that works, as we've tested it. I'm afraid all that Secureboot does is what I believe Microsoft really intends to do, which is to make it very difficult to install other or additional operating systems on your PC, namely Linux distributions. That's a violation of your user rights. When you buy a PC, you should have every right to install whichever OS you choose, in place of or in addition to Windows.

When you read this article, please spread the word, whether you personally use Windows, or whether your coworkers, family or friends do. Don't open email attachments you don't trust 100 percent. Don't open double extension files, such as .pdf.exe. Don't click on banner ads to download programs. Don't click on banner ads that look like legitimate download links on the same web pages as actual legitimate program download links. Those are most often seen in BitTorrent search engines like The Pirate Bay or IsoHunt, but they're also found on legitimate program direct download link web pages on websites like Softpedia. Be careful, when running Windows installation programs for legitimate programs, to not allow it to slip in extra malicious programs such as the Ask.com toolbar, or WeatherBug. Be wary of web pages for downloading programs for free screensavers, avatars, emoticons, or free games, usually for poker games, but not always.

Run a legitimate antivirus program. If you're going to pay for it, I recommend Kaspersky, for Windows or Mac OS X. For freeware antivirus shields, I recommend ClamWin for Windows, or ClamAV for Mac OS X, Linux, or Unix. In my professional opinion, the ClamAV programs you can install for free are at least as good as the Kaspersky programs you pay for.

For smartphones and tablets, Lookout is available in the App Store for iOS, in the Google Play Store for Android, and in the native stores for BlackBerry and Windows Phone. That's the best option for mobile devices until there are ClamAV programs available for those platforms.

 

Previous Page  1  2  3  4  5  6  7  Next Page 

Sign up for CIO Asia eNewsletters.