Pub. 2 2022 Issue 4

pay a price to have the files decrypted. This is commonly called ransomware, as the attackers hold your computer for ransom. Even if you don’t have anything of value on your computer you are afraid of losing, there is still danger. Some malware can spread from one computer to another on a network. Other computers on the network may contain important files that must remain safe. As if all of this were not enough, an attacker could use your computer to host amalicious website infecting the computers of all visitors withmalware. Your computer could spread malware all over the world without your knowledge! An attacker could even place illegal content such as child pornography on this website, and you are legally responsible for your computer’s contents. An attacker could also use your computer’s processing power to send spam emails worldwide. These emails may contain attached malware or links to malicious, malware-hosting websites. An attacker could also install malware that joins your computer to thousands or millions of other hacked computers worldwide to form a “botnet,” an army of compromised computers. This botnet could collectively overwhelm a target website (such as Amazon) and cause it to crash. This is known as a distributed denial-of-service (DDoS) attack. An attacker could use your hacked computer to generate revenue through cryptocurrency mining. Cryptocurrencies such as Bitcoin are completely digitized forms of money. Sometimes, attackers will try to induce people to visit websites that host pirated movies. While the victim is spending time watching the pirated movie, the website “hijacks” the victim’s Internet browser and uses its processing power to mine cryptocurrency. As you can see, a hacked computer is an asset to an attacker. Much more is at stake than your personal photos and text documents. Downloading and opening a malicious file or clicking a single link to a malicious website is enough to unleash the chaos described in the preceding paragraphs. There is, however, no reason to despair. You can take practical steps to protect yourself. First, be careful what you click on. Don’t click on links or open attachments from emails you are not expecting. Verify the origin of the message. Hover your mouse An attacker could also use your computer’s processing power to send spam emails worldwide. These emails may contain attached malware or links to malicious, malware-hosting websites. over a link before clicking it to see where it will take you. If the site is unfamiliar or looks suspicious, do not click on the link. Second, do not use passwords. Instead, use passphrases! The length of a passphrase is far more important than the complexity. Often, websites insist that you use a certain number of uppercase letters, numbers, and special characters. The length, however, is far more important. Use at least 12 characters. An example of a good passphrase is “DeskComputerPhoneBottle20!” Third, apply updates when they become available and do not repeatedly postpone them. Software vendors often release updates to fix critical security vulnerabilities. Fourth, use updated antivirus software. Fifth, Take regular backups of your important files in case of a ransomware attack. If you are the victim of ransomware, do not pay the ransom, as this encourages the attackers. Reinstall everything on your computer and restore your important files from the backups. Sixth, keep your webcam covered when you are not using it. Seventh, monitor your financial accounts for suspicious activity. A good credit monitoring or credit freezing service can help with this. Finally, do not enter sensitive information such as credit card numbers into a form on a website with HTTP in the address bar. Ensure the site uses HTTPS, which means your information will be encrypted when sent to the website. Remember that even though you may not store millions of credit card numbers on your computer, you can still be a target. Recognizing every computer has potential value to an attacker and taking the steps listed above will help you stay safe in the dangerous cyber world. ■ August 2022 | 23

RkJQdWJsaXNoZXIy ODQxMjUw