Corpus Christi, Texas Linux User Group

But I am just a small fish.

Why do I need to worry about RansomWare or other types of computer viruses?

We all have more to lose than we might think. It is time we started practicing safe hex.

    Rules for practicing safe hex

  • Keep your computer and all of your software up to date.
      • I created a short bash script called doupdates to handle everything related to updates for me. 
      sudo apt-get -y update
sudo apt-get -y upgrade
sudo apt-get -y autoremove
sudo dpkg --configure -a
sudo touch forcefsck
      In Windows go to Settings / Update & Security
        Check for and install all available updates.
        Reboot and repeat looking for updates until windows does not find any new updates.
  • Use a virus scanner. There are many options. Do your homework and choose one that fits your needs.
  • Perform several types of backups.
      • I prefer Acronis because they have always provided modern data protection. The software supports both local and cloud file storage.

      Pull full (Disaster Recovery) system backups weekly and incremental backups daily.
      Keep a copy on local backup media that you disconnect from the computer when it is not in use.
      Keep a copy on the cloud where it cannot be affected by a natural disaster like fire, flood, earthquake, etc.
      I also keep backups of all system settings that can be applied at nt time.

  • Employ a firewall and properly configure on your computer.
    It is harder to hack what yu can't see.
  • Use host-based and network-based intrusion detection systems.
  • Compartmentalize all web browsing.
    • Use a virtual machine (VM) to perform all general browsing.
        • Configure each VM so "clipboard" and "drag & drop" resources are not shared with the host machine.
        Remove all shared folders to the host as well.
    • Use SSH to perform secure file copy instead of setting up shared folders with the host machine.
    • Finally, setup a VM to perform penetration testing on the host. Patch and close all vulnerabilities on the host.

Backup and Recovery

Purchase a backup solution for all of your windows machines. I prefer Acronis for MS Windows backups. The folks at this company have provided a complete solution for many years. Their current offering provides a complete cyber protection package. It combines reliable backup with proven anti-malware technology, their unique cyber protection solution effectively safeguards all of data, apps and systems.

If you choose, you can use a disk cloning utility called Clonezilla to create offline backups of your data. Mirror imaging. Disk cloning. All‑in‑one recovery drives. It’s easy to ensure your data is available for recovery, no matter what happens. Remember, only an offline backup can save your data from a successful ransomware attack or a hardware failure.

Bad Actors

Wikipedia defines confidence tricks as exploits against characteristics of the human psyche, such as credulity, naïveté, compassion, vanity, irresponsibility, and greed. Think about everything you have on your computer right now. Maybe it is photos of your children or parents. Do you manage your money online or keep expenditure and investment documentation on your computer?

The bad actors on the world wide web are out there looking for the common person, a little fish, because they are more likely to get away with extortion. Occasionally they land a really big fish like a large company or governmental organization. The results are the same. Data is lost, stolen, or compromised. The tools they use vary from simple research on social media to sophisticated penetration tools that have the ability to shred months of hard work while looking for an un-patched and improperly configured computer or a hidden back door.

Fear and Deception.

Ever get one of those emails that declare you have been selected by a Nigerian prince who needs your help to smuggle large sums of cash to the U.S.? All he needs is your bank account number and password to move the money. Then your account is emptied.

Look, you got a job offer for a position you did not apply for in your email. Your new employer needs your bank account information before you start work. Oops, no job, and your money is gone. Scams pop up ll the time on Facebook, Twitter, Linked-In and all other social media where people gather online. Use your common sense. It is your best ally. If you see a notice that you need to update your browser or media player software while online do not simply click on the link provided on the screen. More than likely there is a hacker trying to get you to install a trojan program so a bad actor can infiltrate your defenses. Key loggers and other softwre that bypasses anti-malware defenses are common payloads. The newest threat that may be delivered by a trojan is Ransomware. If you catch one of these, your best bet is to completely wipe your hard drive, reformat it, then restore from an offline backup. It is either that or pay the hacker to recover your data.

Hackers can either create web pages that are loaded with viruses or sneak their malicious software onto legitimate websites via the advertisement stream. All it takes is for an unsuspecting person to visit the infected website and the computer is infected.

Don't let the bad actor get away with extortion.

As I mentioned before, "compartmentalize all web browsing." Protect your bare metal computer by using a virtual machine (VM) for all of your web browsing. Use separate VMs for going to the bank, social media, and general browsing. Never reuse a password or passphrase as protection from data loss when an online account is compromised. Passphrases that mean something to you are easier to remember and harder to crack. Never use open wi-fi networks for important browsing as they are easy targets and make sure your home wi-fi is encrypted with a very strong password with greater than 40 characters. Finally keep an offline backup of everything as a last line of defense in the event your computer becomes compromised.