Don't those hackers have anything better to do? No. Gone are the days when viruses were written in their bedrooms by teenagers without girlfriends for the sheer joy of vandalism. There’s money to be made in attack software. You might remember the May 2017 “WannaCry” attack that took out 200,000+ computers in 150+ countries, most notably the UK National Health Service that forced some hospitals to reroute incoming ambulances to other hospitals. Similar attacks are still going strong. Later in 2017 we learned Equifax delighted criminals by offering up sensitive personal information about 143 million people who were not even their customers. Late 2018 we learned Marriott offered up maybe 500 million guest records.
Big attacks like Equifax and Marriott make the news. You probably haven’t heard about countless small businesses getting hacked every day, but it happens. Way too often, and way too often with far greater pain than Equifax paying penalties that amount to what they consider petty cash; a number of execs dumping stock during the six week delay between discovery of the breach and announcement of it, and a year and a half later only two of them getting indicted for insider trading; and its CEO being allowed to “retire” with a paltry $90 million exit gift plus eight-figure annual ongoing benefits. The rest of us? 60% of attacked small businesses have not lasted six months.
Safe Computing Practices
With unsolicited attack via the internet getting harder as software quality and defensive technologies improve, attackers' easiest entry is via taking advantage of gullible users by luring them to click evil links and open evil email attachments. You can protect yourself from many attacks simply by being conscientious with passwords, email, and web sites. See our article on Safe Computing. If you don't invite them in, they can't do their mischief.
Beyond safe practices, you need a mix of defensive technologies.
Traditional anti-virus products keep a database of known viruses and other types of destructive software, collectively known as “malware,” but with 100,000 or more new pieces of malware created daily, how do you keep the database current? You can’t. You need more sophisticated malware protection than those outdated products.
The modem/router supplied by your Internet Service Provider (ISP) includes a rudimentary firewall that protects from some well-known, simple attacks. You need a lot better than that.
- Criminals keep inventing new techniques for attack. Your firewall needs to keep up with them.
- DNS is the internet equivalent of a phone book. (Remember phone books?) When you ask for , DNS translates the name to an “IP address” that looks like or . It's possible for malicious software to tell your computer to use a rogue DNS server that sends some or all of your requests to not what you asked for.
- Too many seemingly-desirable web sites have a dark side. While you're looking at their advertised content, they can be silently downloading attack software onto your computer that might get past your anti-virus. There are directories of such troublemaking web sites and IP addresses. It's wise to block all outbound connections to them, rather than trusting your defenses.
- Just as you want to keep your little ones off web sites for big kids, you want to stay away from naughty and illegal web sites, and you might want to keep certain individuals or your entire staff off time-wasting sites like dating. And you might want to restrict access to your bank, social media, and other business-related web sites to appropriate personnel.
A more sophisticated firewall than what ISPs provide or what's in most Wi-Fi routers can take care of those and other vulnerabilities.
It's handy to be able to install any piece of software you like, but if you can, so can an evil or compromised web page, email attachment, USB stick, or CD/DVD. There are a number of configuration options that are configured by default more for convenience than for safety. We review those options and configure them for your desired balance of convenience v. safety risk.
Criminals keep discovering new ways to attack, and software producers do their best to update their software so as not to be vulnerable to those attack methods, a cat and mouse game. The May 2017 WannaCry attack took advantage of a bug in Windows that Microsoft issued a patch for in March. All 200,000 victims had failed to install that patch. Unfortunately, similar attacks are still going strong due to naïve users and people who should know better still not having installed that old patch.
The Equifax attack was against non-Microsoft software that almost no small businesses run. Some software, most notably Adobe's Flash video player, is riddled beyond repair with attack opportunities. Adobe issues patches as soon as vulnerabilities are exploited, sometimes multiple times in the same week, but that's draining Lake Michigan with a teaspoon. That sitting duck led Steve Jobs to ban Flash from iPhones and iPads, which forced most video distributors to switch to safer display methods, but Flash is unfortunately still out there. Our computers keep yours updated, Microsoft and major non-Microsoft products, including Flash if you still use it.