Five steps you can take to better protect your Windows computerRecent security concerns have been keeping your local IT professional rather busy lately, including a hacker program designed to hold your data for ransom, and a new vulnerability in Internet Explorer that can let unwanted people into your system. Rather than waiting for your IT person to step in, and hoping that nothing happens in the meantime, there are a few simple things you can do to keep your system running -- and keep destructive people out.
Earlier in January, IT professionals were thrown for a loop by a new piece of malware called Cryptolocker. After it infects your computer, Cryptolocker takes all of your data, encrypts it with a private key that is known only to the hackers, then informs you, via a pop-up window, that you have only 72 hours to pay for the key to decrypt the data or it will be gone forever.
Originally demanding only $100, the ransom has now increased to $300 and new variants are popping up; currently, the only known remedy other than giving into the demand is to eradicate the virus, hoping that you have up-to-date backups of all your data.
At the same time, Microsoft engineers have been surprised by a vulnerability in all existing versions of Internet Explorer. Earlier this week, the company issued a security advisory and temporary workaround via its "Fix it solution," and will issue a more complete patch in the future.
This vulnerability can be used to create a backdoor to your computer. A potential attacker will trick you into visiting a compromised website though phishing emails or by re-directing traffic from a legitimate website to the compromised site. Once you've visited the website using Internet Explorer, the attacker can worm into your own computer at any time.
Eradicating this malware, protecting other users from it, and ensuring that basic Microsoft software programs are free from harm is a top priority for many IT professionals this month. In the meantime, it turns out that there are five easy things that the average person can do to help your IT department -- or your computer-savvy teenager -- protect your Windows machine.
Often, when you buy a new computer, or if you've had yours for a while, you're so consumed with getting connected to the internet that you skip through perhaps the most important step in ensuring your computer's safety: turning on the automatic Windows Update. Luckily, for new Windows 8 users, automatic updating is turned on by default, but for people with previous versions of the operating system it may not be.
Step 1: For Windows 7 users, click the Start button at the bottom of your screen, then select "Control Panel," and then "System and Security." If you've chosen to arrange your Control Panel by icons rather than category, you would click on Windows Update directly, skipping the next step.
Step 2: On the next screen, under the Windows Update category, click "Turn automatic updating on or off."
Step 3: On the next screen, make sure that the option "Install updates automatically (recommended)" is selected. You should ensure that updates, when available, can be installed every day at a time when you know you will be at your computer and the computer will be on.
Below that are additional options to review; read and consider these choices carefully. Remember, more control over your computer's security process is better than less. Click "OK" when you're done making your changes.
If you clicked on the Windows Update icon directly, on the next screen you would click "Change settings" on the left, and then follow the previous step as directed; the same or similar principle applies if you are still using Vista or even Windows XP.
Step 4: Speaking of the Windows Update screen, on the second Tuesday of every month (aka "Patch Tuesday"), you should always check to ensure that non-critical updates (aka "optional updates") have either been applied or ignored, as per your preferences. On Patch Tuesday, you should also check to see if other often-used programs have updates, such as your anti-virus software, Adobe Flash, Adobe Reader, and Java.
Step 5: The most critical step is to perform regular backups of your data to at least two sources, one online and one offline. Seagate's Backup Plus Portable is still a good option, but there are many other services and other external hard drives available that could be best suited for your needs.
The sad news is, that while IT professionals are constantly vigilant and continually working to counteract these kinds of attacks, malicious attacks are becoming more and more sophisticated. The reality is, that you can't always guarantee that you will be fully protected from a cyber-attack, these five simple steps will ensure you did everything you could.
Photo: Drew Coffman