Malware prevention can be a bit tricky because it can require knowledge which is not necessarily difficult to follow, but may not yet be widespread in scope. If you follow the below advice, you will greatly reduce your chances of contracting malware that leaks your data. Before listing the steps, we will have a brief look at some goals of malware prevention but first let’s cover two definitions:
Malware – I define malware as:
any software that conducts unwanted, potentially malicious behavior and/or whose intention is to damage or harm a device.
In addition to the major viruses, worms, ransomware, and other severe infections, my version of malware includes spyware, adware, bloatware, and “crapware” which may not necessarily “harm” a device, but which still steal data and annoy the user. It includes the two words “potentially malicious” because without it, the definition would include getting shot in Call of Duty for example.
All information stored about you, the user, including all intellectual property.
Note: “All” includes so-called “anonymous data” as even anonymous data can be used to profile users.
Tiered goals of malware prevention
Priority #1 – Prevent malware altogether. Zero malware on the system or on disk is the ideal situation and goal that we strive for.
Priority #2A – Prevent the irrevocable destruction of sensitive data such as hard or solid-state drives being wiped, destruction of specific directories on drives, and/or corruption of in-memory data which causes loss.
Priority #2B – Prevent malware from transmitting sensitive data to unauthorized persons and/or devices.
Priority #3 – All other goals including Preventing malware from hindering system performance (using up system memory and CPU cycles) as well as stopping unwanted behavior such as popup ads or redirects. For all intents and purposes, since malware is unauthorized in the first place, any usage of these resources can be considered as “hindering system performance.” Thus, this goal can be simplified as “remove it from the system.”
Note these are tiered goals, meaning that tier 2 goals require that tier 1 goals have already been breached. Also note that Priority #2 has two parts, A and B, because the importance of these two is generally subjective and to be decided on a case-by-case basis by the victim. For example, a victim who has had photos of a deceased family member permanently destroyed from a system may consider 2A to be more important than 2B – any sensitive data that may have been transmitted during the attack. Whereas, an organization which has had its entire system left intact after an attack, but which has had its valuable secrets compromised and sent to an external server may be more interested in 2B.
All of these considerations are important in malware prevention efforts because we must structure the priorities of how we conduct our day-to-day interaction with our devices around them in order to employ an effective prevention strategy. These tips are meant to be shared with your friends and family as well, view data security as a team effort because it’s less effective if only one person in the group is being proactive about this, with the rest not.
Tips to address the above goals
- Stick within a circle of as few websites as possible. The less you go clicking on links to sites that you’ve never been to, the better. This doesn’t mean don’t do it, but this means know that whenever you do, especially if it is not a well-known and mainstream site, you assume a small risk. Just have this in the back of your head.
- Don’t open attachments or click links in emails that are from people that you don’t know or haven’t known very long.
- Don’t open attachments or click links in emails from people who you do know if they seem out-of-place or out of the blue. The email could be from their computer or account – which has been compromised by malware or hacking.
- Use good anti-malware software and keep it up to date at all times – Just like everything else in life, each reputable security suite/anti-malware system has its ups and downs, and yes, false positives happen and sometimes these programs can bog the system down a bit. But what’s more important to you? All your money, identity, and private data potentially being compromised, or a reduced risk with a little bit of annoyances every so often? The choice is yours.
- Keep your applications up-to-date; this includes your operating system as well. – A lot of people don’t understand that the updates are not just there to annoy you, steal more of your data (well, they may be sometimes, depending on the company :P), force you to reboot, and take your disk space just because it’s fun. What often happens is an exploit researcher or criminal has found an exploit in the system and in some cases has already caused damage to other people. The software developers can stop this by patching the security hole if you update your application. If not, well, you are walking around naked in a dark alley with whatever assets you have on that machine because as soon as these exploits go mainstream, it is very trivial for your system to be attacked, especially without proper and up-to-date security software such as Microsoft, MalwareBytes, Norton, McAfee, Kaspersky, Avast!, AVG, etc… In fact, this is the very reason why many software firms are now simply forcing auto-updates on their users, or setting auto-update as the default option when the application is installed. If you hear about a breach for a particular application, open the tools, options, or about menus and make sure it’s updated next time you use it.
- If it doesn’t need to be networked, disconnect it – There’s a saying that goes “The only perfectly secured network is the one that doesn’t exist.” I.E. If you disconnect a device from communicating with other devices (including external storage as well), then it also relieves any liability that the device could receive malware and/or transmit it to other devices. In practice, this means, especially if you’re on public wi-fi or in a less-than-ideal environment, get on the network, do your business, then get off. If you somehow end up with malware on your machine, but you’re not networked, then you eliminate the ability for the malware to send your data or control over to a hacker somewhere on the Internet. Also note that somenetwork cards, especially in laptops, can be physically turned off by using a switch – so if you suspect your system may be sending off private data, cut off the net!
- Unhook devices that are not in use – Besides just saving space around the desk, if for example, you have an external hard drive or USB stick, and you plug it in and just leave it hooked up all day, then if you do get malware, it’s going to be able to get right into your backup drive or shared USB stick and infect that as well, potentially destroying data and/or infecting other computers in the process. That can’t happen if it’s not plugged in, can it? 🙂
- It’s not all about you – This is a big one. Modern malware can spread to your devices and like certain biological viruses as well, they can lie dormant… Either for long periods of time and do nothing… or they may never do anything to your system at all. For example, a botnet involves an attacker who sends thousands of programs all over the place which install themselves onto devices (not just computers… These could be Smart Scales, Smart Lighting, toasters, fridges, Smart anything, sensors, etc…) and they may not do any damage to the device, ever. But as soon as that attacker hits a button on his/her computer, a signal is sent to the infected devices and then those devices attack other computers that the attacker has specified. Meaning, your device is now a weapon used to bring down Twitter, Facebook, Google, the entire Internet, the Playstation network, or any other target. Not good.
And finally, DO NOT OVERWHELM YOURSELF WITH THIS LIST! If you are doing all of those things right now that I said not to do, I’d rather have you change a thing or two, than get overwhelmed and dismiss all of it. You could always fix these problems one at a time. :)That’s enough for this volume; tune in for the next one which will be listed under this tab. Please remember that this list is not exhaustive, and perhaps not all of these methods work for you and your situation, but I hope to have shed some light on at least one bit of information that you could put to use to help keep you and your family safe from malware. I think that’s one last important point. 10-15 years ago, I would have said “keep your device safe from malware but in an age where every single person is carrying a networked tracking device on their person at all times, we’re talking about actual personal safety here and this is only the beginning. Don’t be paranoid, just be informed. If anyone has any more tips to add to this list, feel free to comment or email me at todd at toddcullum research. Til next time.