Malware – It Can Happen To You
Gone are the days where a firm can buy virus protection and your computers were protected from all that is bad. Computer security is not what it used to be - a one stop shop. From whole disk encryption to encrypted email, computer security cannot be taken lightly.
Consider the case of a firm that had more than $300,000 wired from one of their trust accounts to a bank in Russia due to a malware infection on a computer. Unfortunately, the bank that wired the funds did not catch the wire in time to stop it, and the firm is suing the bank. Most importantly, the law firm is now facing a $300,000 plus trust account shortfall.
What can you do to prevent something similar from happening to you?
What is malware?
Malware is short for malicious software; software that intends to do harm to your computer. It comes in many varieties - fake antivirus software, software that hides all of your programs and data from you, key-logging software to capture passwords and PIN numbers, and software that turns your computer into a part of a bot network (think Star Trek’s Borg), just to name a few.
Malware is not new, but it is becoming more prevalent with the wide use of credit cards, online shopping and online banking. Malware is typically put on your system to do something - get your credit card number, get access to your bank account and/or make your computer part of a larger network to work collectively. Other instances of malware are purely destructive just for the sake of being destructive.
How do you know if you have malware?
Sometimes you will know immediately that your computer is infected. Other times, little clues will give it away. Sometimes, you don't know at all. A few of the warning signs to look for include:
- The computer does not seem to be behaving as it should.
- The computer is slower than it used to be.
- Strange messages are popping up on your screen.
- Your internet browser is redirecting you to sites other than the one you requested.
- You cannot access the Internet at all.
- Messages appear telling you that you have viruses or your hard drive has failed.
In more extreme cases, your computer can boot, but all the programs and your documents have disappeared.
How do I check to see if I have malware?
A number of different malware scanners are on the market these days. Many of them are still free and can be downloaded from the internet. They also have paid versions that can continue to scan your computer for potential infections. Once downloaded, these programs work like virus scanners and scan for malware. My favorites programs include:
- SuperAntiSpyware - http://www.superantispyware.com/
- Spybot Search and Destroy - http://www.safer-networking.org/index2.html
- Malwarebytes - http://www.malwarebytes.org
Unfortunately, the malware programmers are aware of these programs too, particularly Malwarebytes. They are programming their malware to disable or prevent installation of these programs. A tool I recently discovered that helped with a malware infection that disabled all of these malware scanners was an online scanning tool from ESET - http://www.eset.com/us/online-scanner/ – that allowed me to repair the issue without using the typical malware tools.
If malware is found on your computer through a scan and the malware cannot be cleaned or removed, please contact an IT professional for removal to prevent data loss. It may require scanning in Safe Mode, more drastic cleaning measures, or reinstalling your operating system.
What do you do to prevent it?
Much of the malware that is infecting computers today is a result of visiting websites that have been infected. The malware has been attached to legitimate websites and when visitors visit these sites they become infected. Unless you intend to stop using the internet it can be difficult to avoid, so you must think defensively.
Computer security begins with virus protection. It is the standard in security, but while the protection is great to have, virus protection does not help if your computer is not regularly scanned for viruses (and malware) and the virus/malware patterns updated. This requires a current subscription to virus/malware protection, confirming that your software is up to date, and confirming that a weekly scan for viruses and malware is taking place.
Today, virus protection software programs have morphed into what many software providers are calling "Total Security." It is virus, malware and Internet protection rolled up into one. It may be a good option when choosing or updating your virus subscription, but be aware that some of these products can make your computer become slower and slower. My personal favorite right now is Kaspersky Total Security – www.kaspersky.com . It is a good mixture of protection and not too much bloat.
In addition to total security protection, there are a number of other prevention measures that can be used to avoid malware:
- Maintain good passwords and change them frequently. Consider using an online password saving service like Last Pass to populate and save your passwords for you. Be sure to use different passwords and not the same one everywhere.
- Enable the scanning of external devices (USB drives and external hard drives) if you use them frequently outside of your computer.
- Never open email attachments that look suspicious. Ever.
- Maintain good and frequent backups. Many malware infections require that the operating system be reinstalled to prevent re-infection. An online backup solution like Carbonite, MosyPro or other automated backup solution is preferable.
Just as some firms have a lock on their office door as well as an alarm system with motion detectors, protecting yourself from malware takes more than one level of security. In the end, it is critical that you protect your computers to keep you, your data, and your trust accounts from harm.
Pegeen Turner is the President of Turner IT Solutions, a Raleigh-based legal technology firm. Her firm works with small and medium-sized law firms as they start-up as well as firms that need help maintaining and integrating legal technology into their practice. In addition, she helps firms understand the risks of cloud computing and how to incorporate cloud computing into their practice. pegeen@turneritsolutions.com, www.turneritsolutions.com , #pegeenturner
About the Author
Pegeen Turner
pturner@legalcloudtechnology.com
www.legalcloudtechnology.com
Twitter: @pegeenturner
Pegeen Turner, President of Legal Cloud Technology, a Raleigh-based legal technology firm, works with small and medium-sized start-up law firms, firms that need help maintaining and integrating legal technology into their practice and helping firms understand cloud computing.