Stupid question, but is it possibke to get a virus simply by having your computer connected to the internet, if you NEVER visit web sites, and NEVER open e-mail attachments?
Stupid question, but is it possibke to get a virus simply by having your computer connected to the internet, if you NEVER visit web sites, and NEVER open e-mail attachments?
Stupid question, but is it possibke to get a virus simply by having your computer connected to the internet, if you NEVER visit web sites, and NEVER open e-mail attachments?
- Keep your systems updated. Desktops and laptops- Linux/Windows/Apple are pretty good at this. Smart phones are very uneven with most being poor. IoT devices (anything "smart" that connects to the internet like smart TVs, smart light bulbs, video cameras, etc.) are in general a spectacular failure at software patching which has resulted in some of the large recent malware attacks.
Stupid question, but is it possibke to get a virus simply by having your computer connected to the internet, if you NEVER visit web sites, and NEVER open e-mail attachments?
Not a stupid question at all. Simply admitting a point of ignorance and asking for help in remedying it.
GPAI7R and T.Lex gave good answers, but the world of info security is very daunting. Security is a question of degree. It is not a yes/no thing. Having good defenses against one attack (ex: not opening e-mail attachments) doesn't protect you from others such as the Internet of Things (IoT) device that is communicating without your knowledge from your network, gets "owned" by someone and then goes on to infect other devices.
Unfortunately, viruses (or the more general form "malware") has many routes towards getting into your system. Good practices are your best defense to avoiding attack or quickly recovering if you are hit anyway. The list if techniques to avoid/minimize malware is long, but here are some of the most significant techniques. These are oriented towards home users, but have a lot of overlap with business/organizational info security.
- A good *and* automatic backup system. Having to remember to manually takes steps to backup means that you won't do it nearly as often or regularly as you should. Bonus points for having a copy of your backups off-site.
- Put your home network/computers behind a router. Current routers have firewalls built into them that protect your systems from many attacks that try and reach you from the outside. (however, don't get fooled into believing that a tough front-wall will keep out all malware when there are windows, doors, electrical wiring, etc that allow opportunities for problems to enter your home). Bonus techie points for keeping any IoT devices on a network separate from your main devices and disabling WPS, UPnP and WAN-side admin access.
- Keep your systems updated. Desktops and laptops- Linux/Windows/Apple are pretty good at this. Smart phones are very uneven with most being poor. IoT devices (anything "smart" that connects to the internet like smart TVs, smart light bulbs, video cameras, etc.) are in general a spectacular failure at software patching which has resulted in some of the large recent malware attacks.
- Anti-virus/malware software has become a point of contention in the security community. They have developed to the point where security experts disagree on whether the benefits outweigh the problems. I still personally recommend them for Windows users, but don't use it with Linux.
- Use good passwords that are different from site to site. You know the drill- longer, more complex is better. Do not reuse your Google/Facebook/Twitter/Amazon/PayPal/etc passwords on other sites. A common hacker technique is when they compromise a site's account list, they try all of them at the major sites and will get a percentage of successes. Bonus points for using a password manager and having passwords that are so long/complex you could never remember them.
- Enable two-factor authentication (2FA) for any financial or otherwise important web sites. If you consider your Google/Facebook/etc. accounts important, then protecting them by forcing hackers to have something besides your password really raises the security bar.
- Do not open *any* attachments sent via e-mail, particularly unsolicited ones- PDFs, zip files, executables, Office files have all been abused as vectors to help malware get past your firewall.
- Use common sense- Someone you've never heard of wants to give you a bunch of money? Wants to sleep with you? Wants to sell your subscription drugs without your going to a doctor for a subscription? Wants you to "confirm" your login credentials or provide personal information and you aren't in the middle of creating a new account? Would you trust a stranger that said any of these things in person? Then don't believe them online either.
It sucks that there are so many things to know and practice to avoid Internet crime. And I've only hit the highlights- there are many additional practices and details that can increase your personal info security. However, if you just use the items above, you will make yourself a much harder target and one that can recover if things go wrong.
Your offline backup is very safe and good practice. It will be vulnerable only when connected to your computer to do a backup. So long as your computer is clean while the drive is connected then it should stay safe.How about this, I routinely back my stuff up on two different remote hard drives. One stays connected to the main CPU for convenience sake, but the other one I only connect to do a back-up and then I disconnect.
Is my dis-connected drive any more safe from malware or does it really make a difference?
ARS (and others) reporting that the latest ransomware wasn't ransomware. It was a wiper. Overwrote the master boot record sectors. Data irretrievable. Speculation that the ransomware part was a distraction and that a state actor was targeting certain systems.
Cameramonkey - what are next weeks lottery numbers?
MBR or MFT? MBR should be a simple recovery. MFT can be rebuilt/recovered if you have the right tools unless they also went through and wrote data to the disk. Granted recovery takes forever and a day and isn't foolproof.ARS (and others) reporting that the latest ransomware wasn't ransomware. It was a wiper. Overwrote the master boot record sectors. Data irretrievable. Speculation that the ransomware part was a distraction and that a state actor was targeting certain systems.
MBR or MFT?