Nescient IT Services • managing information technology for you
37 Victoria Gardens • Eastbourne • East Sussex • BN20 8NJ • (01323) 738 120
Proprietor: Paul Larkin
Home Page  |  Business  |  Residential  |  Links   |  Contact  |  About

Nescient IT Services - Computer Security

Computer Security: the Real Threats


Computer Security The malware threat is real. It is not always the world-shattering problem sometimes outlined in the pages of the press; nor is it always the non-existent "urban myth" suggested by others. Nescient IT Services take the malware threat very seriously...

So, what is malware?

From Wikipedia:

"Malware, short for malicious software, is software designed to secretly access a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. Software is considered to be Malware based on the perceived intent of the creator rather than any particular features. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program"

And in English?

Exclamation MarkIt is enough to know that malware is something that you do NOT want on your computer. You didn't ask for it, it gets in the way and causes trouble.

You can avoid malware ...

Stop Sign... by installing security software which provides good protection against known threats. This is where Nescient IT Services can help.

There are literally millions of different types of malware infecting more computers than you might expect. In fact in a recent survey 48% of 22 million scanned computers were infected with malware. As part of our Malware Protection service we will scan your computer to check for any infected files.

Removing Malware

If your PC has been infected with malware, we will do our utmost to get rid of it.

Once malware is removed your computer is still not immune from further threats. To protect your computer at all times, security software should be installed on your PC. If at anytime your computer comes into contact with a known malware infection, the software should fix, quarantine or delete it before any damage is done.

Security programs are sometimes badly configured and out-of-date and will do little or nothing to protect the systems on which they're installed. There are many options for virus protection software, and we will discuss with you which is the best option for your circumstances. We will install and properly set up the right virus protection for you, and will work with you to ensure that it is kept up-to-date.

Types of Malware Threat

Over the last couple of years there have been several new types of threat to your computer and your files which have become increasingly popular with the "malicious element" of the Internet community. These threats take advantage of systems security weaknesses, many relying on confidence tricks to entice the user into unwittingly infecting their computer.

Trojan HorseTrojan Horse programs are impostors - files that claim to be something desirable but, in fact, contain a malicious element. A very important distinction between Trojan horse programs and traditional viruses is that they do not replicate themselves. Trojans contain malicious code that when triggered cause loss, or even theft, of data. For a Trojan horse to spread, you must invite these programs onto your computers (for example, by opening an email attachment or downloading and running a file from the Internet).

WormsWorms are programs that replicate themselves from system to system without piggy-backing or hiding inside another file (a host file). This is in contrast to viruses, which requires the spreading of an infected host file. The entire worm file will travel from computer to computer, often without you having to do anything other than have your PC connected to the internet. It is essential to reduce the number of ways that data can make its way onto (or off) your computer to reduce the chance of successful worm at tacks.

AdWareAdWare. A software application that can display advertising banners while the program is running or via some other triggering mechanism is called AdWare. Ad delivery systems are most often integrated into free applications as a way for developers to recover costs or generate revenue. A critical eye has been placed on AdWare systems since in many cases, in addition to downloading ads, they may also upload user information collected without explicit permission.

SpyWareSpyWare is a general term for a program that surreptitiously monitors your actions. While they are sometimes sinister, like a remote control program used by a hacker, software companies have been known to use SpyWare to gather data about customers. The practice is generally frowned upon and can be used for criminal purposes or to gather information for marketing companies (some people might say this is the same thing!)

SpamSpam is essentially unsolicited email. It is the email equivalent of all that junk mail that comes through your letter box with the letters, birthday cards and cheques that you actually want! If your email address gets on to the wrong mailing list then you will be included with thousands of others to receive indiscriminate advertising messages.

The most unpleasant side of spam is the recent increase in mass emails which invite you to buy counterfeit goods, bogus qualifications, prescription drugs or pornography. These type of emails can be very offensive and often illegal. But why is it called 'spam'? SPAM® is a type of canned luncheon meat which dates back to the 1930s. The name SPAM® is derived from 'Spiced Ham' or 'Specially Processed American Meat'. In the 1970s Monty Python's Flying Circus® immortalised the SPAM® product in a well known sketch. A customer wants a meal but has to have 'SPAM® with everything'. There is no choice, SPAM® comes with your meal whether you want it of not. And there is your link. Spam email is email that you get whether you want it or not!

PhishPhishing. Phishing is achieved by redirecting or misleading you from a genuine website to a fraudulent one by the use of a malware program or a confidence trick. In a phishing attack, for example, a fraudster spams the Internet with email claiming to be from a reputable financial institution or e-commerce site. The email message urges the recipient to click on a link to update their personal profile or carry out some transaction. The link takes the victim to a fake website designed to look like the real thing. However, any personal or financial information entered is routed directly to the scammer and can then be used for criminal purposes.

HackersHackers. A hacker is someone that illegally gains entry to your computer for malicious purposes from the internet. Once full access is gained, a hacker can view any file on the computer. If your computer was to be accessed by a hacker, all your personal information would be open to them, for example: passwords, confidential documents etc. Most people aren't careful enough about their connection to the Internet. The chances of suffering from an ‘attack’ from some type of Internet hack are rising, especially when you connect to the Internet using high speed connections (like cable or ADSL).

VulnerabilitiesVulnerabilities. Windows® is the most widely used computer operating system. Both Microsoft® and Bill Gates are not popular in the malicious hacker community. These two facts make Windows® and other Microsoft® products (Internet Explorer, Microsoft® Office etc...) the most obvious target for hackers. It is not uncommon for one or two new "loop holes" which allow hackers into your system to be admitted by Microsoft® each month. If you do not shore up your system by applying the latest "critical updates" to the key Microsoft® products you are leaving your PC vulnerable to attack. We can make sure that all the obvious routes into your PC are protected. For the not so obvious routes we recommend a firewall.

Hacker Protection - Firewalls

FirewallA Firewall is piece of software (sometimes on dedicated hardware) that filters all the communication going into and out of your computer and compares those communication attempts to a list of rules to see if the communication should be allowed.

Most people are surprised when they discover that their newly installed personal firewall reports that their home computers are getting scanned or probed from the Internet multiple times per day.

Nescient IT Services has had good experience of personal firewalls and their installation. Some personal firewalls are not very secure. Some are even downright insecure, providing only a false sense of security, which may be even worse than having no firewall at all! Some start only when you log onto your computer. This means that, depending on the kind of Internet connection you have, you may be exposed to the Internet before you log on.

As with Virus protection, when installing a firewall it is essential to choose the right tool for the job and to use that tool well. Nescient IT Services can help you get it right!