In popular vampire mythology, it is claimed that vampires cannot cross the threshold of your home uninvited. I’ve heard the same theory bandied around in relation to computer viruses. It isn’t uncommon to hear reasonably tech-savvy people downplay the chances of malware (malicious software) reaching your computer uninvited. It would be nice if it were true, but unlike vampires, computer viruses and attacks are not mythological. They are usually developed by people with criminal intent and unlike vampires, they do not care whether you have invited them in or not.
There are a lot of vampires in the media right now and it seems a good time to make it clear why treating viruses like vampires just won’t do.
1. Vampires need to be invited in.
There are computers connected to the internet that scan for unprotected computers in order to exploit them. The least you should have is a firewall to stave off this kind of attack. Still, a firewall alone is not enough.
2. All it takes to discourage vampires is garlic.
A firewall on its own is not enough to protect you from all threats and neither is that free anti-virus your friend recommended to you. The people behind computer attacks are often pretty smart people and they have money as motivation. They’ve found more ways in this connected lifestyle to compromise your personal computers and gadgets than traditional anti-virus can tackle alone.
3. Vampires can’t walk around in clear daylight.
If you’re actually going to use your computer for web browsing then you need protection against malicious entities that can be hiding behind perfectly legitimate web pages. It’s not just sites touting free downloads, music lyrics or pornography that pose a danger; sometimes large and trustworthy organizations have their pages stealthily hijacked. All it can take is a visit to the web page for you to have been stealthily hijacked, too.
You also have to consider what kind of email you are receiving and whether they are really clean. Not all spam mails are poorly worded stories about troubled Nigerian princes. Some malicious messages can look like they are from a company or person you know.
It’s not just e-mails that can lead you to believe your friends and colleagues are out to get you, either. You might also get an innocent-looking malicious link if someone you know has had their Facebook, Twitter, or instant messenger account compromised.
It is also worth remembering that you can get infected without being connected. Be careful of what you are plugging into your computer. USB “memory” sticks, music players and external hard drives are common tools and can all have viruses on them.
4. Vampires can be eliminated with a simple stake through the heart.
Cleaning up a system that has been infected may not be as simple. If you’ve been subject to a really bad infections you can lose irreplaceable files or have to revert your computer to its original pristine condition, losing everything on it in the process. You can’t easily restore the damage done to trust between yourself and friends or business partners if you inadvertently send them infected files, either.
For those of you who want a little more than my word on the matter, I’ve hunted down a few interesting links on the subject and staked them to this page:
A day in the life of an average user, Gabor Szappanos (Virus Bulletin, Jan 09)
You have to register with Virus Bulletin to read this, but I found it worth the time. This article puts an anti-virus company’s claim to the test, concerning how much malware the average computer user is bombarded with during a day of computer use. Gabor finds that, in his tests, the computer user was infected by a successful network worm attack at an average rate of every six minutes and he recorded 34 attacks that were a result of simply being connected the internet.
Botnets and How to Avoid Them, University of Calgary.
This is a succinct guide to protecting your computer and yourself, and what it is that you are protecting yourself from.
A firewall alone is not enough, Rik Ferguson (InfoSecurity Magazine, Oct 09)
This article is a technical, business-oriented statement of the very same thing I am trying to communicate with this blog post.
Malware Statistics Update, Niels Provos (Google Security, Aug 09)
Google provide some data on how many malware sites are out there.
If you know of any more good research on this subject, please let me know.
Cheers,
Melody-Jane
Facebook
Twitter
RSS
E-mail
10 Comments
“…and neither is that free anti-virus your friend recommended to you.”
I wonder if user’s would find it helpful if you explained why “it is not enough” and then told them what is enough.
“A day in the life of an average user” is only available to registerd users. It might be better to restrict links to freely available information.
I’ve up until recently been of the opinion that free versions would be lacking, but I don’t think I can stand by that anymore. They may be lacking in features, but the components in themselves are, as it seems, not.
Hence the thing that is the problem about going for the free is to assemble the components and get it cooperating (antivirus, software firewall, anti-spyware, etc.), which yes, is something which might trip up an inexperienced user, and of course that’s a benefit of using the commercial “internet security” suites.
However, I think I’m not anymore prepared to claim free antivirus solutions worse.
1. use *NIX
2. monitor and log network activity
3. never give root privileges to any process you don’t know
1.Use *NIX
is not 100% solution, using *NIX only reduces window malware attacks BUT NOT Botnets (surprise! Botnet for *nix exist!), phishing and other social engineering attacks, etc.
Thanks for the really informative and important post written in a way we can understand and digest!
Firewalls make my system slow! yes! even the F-secure one
Thank you, Nazeen.
I’d love to know which version of F-Secure you seemed to have trouble with. We made a lot of performance improvements for our latest Internet Security 2010, did you try that yet?
We do also have a great support section on our website, if you ever need it: http://www.f-secure.com/en_EMEA/support/
Hi
I use 2010
advantages of having a husband work in F-secure.. you become a test for the pdt 
Cheers
N
Thanks for the replies and feedback.
That little word ‘free’ causes such problems, right? I put it in there, because that is what often gets recommended and yes, some of them can be quite good quality. It’s as Arand says, it is just that anti-virus will only protect you from some of the threats that you face and not all of them.
Even F-Secure has some nice free services. There’s our browsing protection tool for checking a website is good before you visit our free health check tool, which checks if your computer is up to date, our online scanner so that you can double-check that your computer is clean and our easy-clean tool, which searches for hidden viruses (trojans) and gets to work on removing them.
http://browsingprotection.f-secure.com/swp/
http://www.f-secure.com/en_UK/security/security-center/health-check/
http://www.f-secure.com/en_UK/security/security-lab/tools-and-services/online-scanner/
http://www.f-secure.com/en_UK/security/security-center/easy-clean/
I wanted to retweet this article to my friends.No tweet burtons.thanks alot
Hi i am kavin, its my first time to commenting anyplace, when i read this paragraph i thought i could also make comment due to
this sensible post.
One Trackback
[...] Vampires on the threshold Are computer viruses like vampires? Or are they even worse! Melody-Jane explains. [...]