It is Black History Month, but it also contains Groundhog Day, Valentine’s Day, President’s Day (remind me, why did we decide to smoosh all of those birthdays into only one day?), and let’s not forget my favorite: National Margarita Day (2/22). For a short month, this is chock full of “days.”
What’s all that have to do with computers and security?
Quite a lot!
Every day, there is another announcement of some form of threat to your security: a data breach here, a ransomware attack there, new forms of malware, some other scheme for mining cyber-currency from your computer or smart phone, and even more sinister, the ever-present phone calls from “flaming idjits” that tell you about a problem with your computer that they have detected and called to help you fix. Please! That one just makes me angry. (Although you might be amused at the sheer number of individuals whom I’ve told to engage in physical acts that would require contortions beyond the ability of most…)
I know that no one can be kept on “high alert” day after day without getting weary of it. It is tough for me, and it is a major aspect of my job. I am always pleased when one of my clients gets an email and forwards it to me to ask, “Is this legitimate?” or “What should I do about this?” That means you’re staying on your toes and looking out for your own safety. That’s what I want you to do; that’s what I need you to do.
However I don’t know how many others are getting emails and continuing down the path of – there’s no other word for it – ignorance, and clicking on that link. Because, despite all of the protections that I’ve put in place on your computers, there is still the risk that if you click on a link in an email something bad could happen.
So what should you do if you are attacked?
1. First of all don’t panic, although that’s what most people do.
2a. Simply pull the Ethernet cord from the back of the computer (there’s a little hitch to squeeze in before you unplug it).
2b. Business owners, you need to make sure the affected computer is no longer communicating with the server.
3. Do NOT turn off the computer! You will lose any forensic information that is available. I’m going to need that data to help remediate the problem.
4. Call me immediately, and use your phone to send me an email with a photo of what’s on your screen so that I can identify the exact nature of the problem.
5. Let me handle this for you – it is not a “DIY” (do it yourself) project! Don’t start “Googling” for the fix! Some Russian firm with 500 employees wrote the malware and will charge $79.95 to your credit card to fix the solution they created in the first place. And it won’t get fixed – you’ll simply be scammed…
6a. After I have assessed the damage, and if it is necessary, you can reach out to the local police and to your insurance company.
6b. For business owners, this is a reminder to make sure you get, or review, your cyber-liability insurance policy.
There, some “tough love” on Valentine’s Day. I hope that you don’t have to go through any of this, and can simply relax and enjoy National Margarita Day with me.
Thanks and safe computing!