Q: What Are The Symptoms Of A Malware Attack?
A: This almost entirely depends on the skill level of the malware developer. Malware crafted by a skilled developer will be invisible to the end user, and invisible to the network administrator for quite some time. There have been malware attacks against governments (who presumably have fairly qualified IT & Network Administrators) that have been active for years before being discovered.
If a malware is created by a developer of less than high skills, then the malware most likely creates problems similar to any buggy software – performance degradation, crashes, screen artifacts, the computer operating incorrectly.
This is why it is important to:
- Have a quality antivirus (antimalware) installed on every device.
- Have a quality firewall active on the network and each device.
- Never log in as an administrator (that gives administrative privileges to malware or hacker on your system).
- Enable application whitelisting. This is important because even the very best antivirus only catches 99.9% of the known malware. Whitelisting will stop the unknown from launching.
- Have your modem, router, computers, phones, and tablets put through a monthly security and maintenance audit.
Q: Are passwords so complex I can’t remember them really more secure?
A: Nobody ever said you had to remember passwords. You just need to create strong passwords.
“Strong password” is a term defined differently by different government agencies, cybersecurity groups, and IT admins. For my clients, it is defined as:
- Minimum of 15 characters.
- Recommended but not required, a mix of upper, lower case, numeric, and special characters.
Now, I can barely remember where I parked my car, much less the 1,387 passwords in my life. But most people can remember two or three strong passwords.
Install and use a password manager. There are many to choose from. My personal preference is LastPass.
The password manager will remember almost all of your passwords and challenge questions for you. You just have to remember:
- Your computer login password.
- Your phone login password.
- Your password manager password.
Now you can use ridiculously long and complex passwords, and have no need to remember them!
Q: What are creative ways to combat cyber risk in a large organization?
A: By “creative ways” are we to assume trying something different, doing cybersecurity in a way that others are not doing?
That may be brilliant at an advertising agency or creating a new startup organization, but when the enterprise’s security and privacy are at risk, perhaps following best practices (as specified in the NIST 800–171, the ISO 27001 and 27002, as well as guidelines published by Apple, Google, Microsoft, et al.) is a wiser career choice.
Q: How can you shut down the people who make malware?
A: How do you stop criminals?
Generally speaking, you can’t. Oh, sure, you can pass laws, catch the criminals, put them in jail, let them out, and some continue to lead a life of crime, while new criminals are made every day.
Those who make malware are criminals. They are hunted down as such, and on occasion are caught, prosecuted, and jailed for a time.
But as with all crime, that is only part of the solution. Each of us must be proactive in our cybersecurity and privacy. And like the old joke: How fast do you have to run to escape a charging bear? Just a little faster than you! Make your systems difficult enough so that malware and cybercriminals give up on you, and move on to the next victim.
Q: How do you start to write a book?
A: There may be as many answers to this question as there are authors.
In my case, clients had been asking me to write books for my classes for over 20 years. I tried many times, but I couldn’t get past the first page. I was completely blocked and unable to get a foothold due to the enormity of the task in front of me.
But once someone gave me the most simple of advice, it all came together: How do you eat an elephant? One bite at a time.
- Bullet point your main ideas.
- Move the bullet points around until there is an arc and logical progression.
- Take one bullet point at a time, expand it, adding additional bullet points.
- For each of these secondary bullets, expand into a conversational language.
- Repeat steps 3 & 4 for each bullet.
- Once this has been done, a book is in front of you. It may be very rough and require significant editing – but most good writers have even better editors behind them (I consider myself fortunate to have the best editor I’ve ever met).
Q: I got an alert that someone is watching what I’m browsing. How can they do that?
A. A web browser will not display such a message. It is most likely that a compromised website you visited tossed that at you just like any other pop-up message or advertising. It is also possible that your browser has been compromised, with a plug-in or other item introduced to create these pop-ups.
I’ll bet there was a phone number to call for assistance, or a button to click to purchase a solution to this “problem”.
So, let’s verify all is in good shape, and we can write this off to a rogue web page:
- Open the browser.
- Verify that your homepage is correct.
- Select Security. Verify Warn when visiting a fraudulent site, and Block pop-up windows are enabled.
- Select the Extensions tab. If there is an extension present that you don’t recall installing, remove it.
- Quit the browser.
- Open the browser.
All should be rainbows and unicorns!
Q: How are we able to say words without thinking about what we’re saying next?
A: I’m not a physiological psychologist or neuroscientist, so I can’t answer directly, but I’ll offer another question: WHY do some people say words without thinking about what they are saying?
Q: How do You Respond When Someone Sends an Email Stating that they are Now Misses Instead of Mister?
A: This really depends on if you want to be a decent, compassionate human being, or something a few steps below a jerk.
Q: How do I Protect a Computer from Malware and Other Threats?
- Never log in as an administrator, always login with a non-administrator account.
- Should malware or a hacker gain entry to your computer, they will likely be able to take on the power of the currently logged-in user. If you are logged in as a non-administrator, they can cause damage to your data, but not the system or applications. If you are logged in as an administrator, they can do anything.
- Keep OS and applications up to date.
- Most updates are about patching a security vulnerability.
- Install quality antivirus software (I like Bitdefender).
- Depending on which authoritative source you wish to believe, there are up to 40,000,000 malware in the wild. It is not a matter of if one will find its way to your device, only when, and how often. A quality antivirus helps to prevent this.
- Install quality anti-malicious website software (I like trafficlight from Bitdefender).
- Most antivirus applications do not check for malicious websites, so a separate utility is used.
- Enable application whitelisting.
- Even the very best, most effective antivirus can catch 99.9% of known malware. That leaves around 40,000 known malware that it won’t catch. We have no idea how many unknown malware will walk right into your system. With application whitelisting turned on, the only applications that can launch are those specified. And a virus won’t be on that list.
- Download software only from the developer or as in the case of macOS and Chrome OS, from the Apple Store or Chrome Store.
- Most of the other sites are a cesspool of malware and infected applications.
- Never let someone use your account.
- You don’t know where they are going. You don’t know what they are doing. And if you have ever been through a divorce, you already know that even those you love and trust the most can sometimes be trouble.
- Make all passwords “strong” (minimum 15 characters. It’s ok for them to be easy to remember, easy to enter).
- A current-generation laptop computer can generate around 100,000,000 password guesses a second. It doesn’t take long to break a password. The longer the password, the exponentially longer it takes to break it.
- Use a different password for each website.
- The bad guys bank (literally) on the fact that most people use only a couple passwords. When one of your online accounts has been hacked (I’ll be you $1 that at least 1 of your accounts has already been hacked), the bad guys get your email address and at password that you use. They will then test this combination at banks, online retailers, credit card sites, etc. until they find a high-value target that uses the same password.
- Use a password manager to remember your passwords (I like LastPass).
- Because if you use a different password for each site, you can’t remember them! Let technology do it for you.
- NEVER use email for sensitive information.
- Email can be made end-to-end encrypted and secure, but most people aren’t up to the task. Instead, use an end-to-end encrypted secure instant messaging service. I like Wire and Signal.
- NEVER use a landline or cellular phone for sensitive information.
- Use an end-to-end encrypted secure voice service. I like Wire and Signal.
Q: How Do I Install a Firewall on a Home Network?
A: The DSL or Cable router that comes with your service will have a firewall. To access and configure, you will need the administrator username and password. This is often on a label attached to the unit, along with the URL to directly access the device.
However, the security of these firewall is a point of debate. The devices are very inexpensive, in wide use, with known vulnerabilities and hacks.
Although you can purchase a firewall all by itself, usually the better option is to install a 3rd-party quality router with firewall. There are at least a dozen well-known brands. Stay away from “consumer-class” devices, and go with “business-grade”. It won’t cost much more, but the quality difference can be significant.
I’m partial to the router made by OpenMesh – the G200. Even better when paired with their A62 Wireless Access Point.
You will still need your DSL or Cable router to connect you to the Internet. To get better performance, call your broadband provider, ask them to change it from Router to Bridge mode after you have your 3rd-party router in place.
Q: What Type of Person Always Believes They do Nothing Wrong?
Q: Should a Child be Allowed to Use the Internet to do Homework?
But never allow them to use electricity. That is the devil’s work.
Q: Can I Hack Any Group of My Friends?
A: My bet is that any group that has as a friend someone who would post such a question can be easily hacked.
But still, you shouldn’t do so.
If you have to ask why, you’ll never understand the answer.
Q: How Do You Verify a Gmail Account?
A: If you mean how does one verify that a gmail account belongs to who it claims… no method is available that is reasonably accurate.
There are options to vet ID. If the sender has been assigned a class 3 S/MIME certificate, a background check is done to issue the certificate. In this case, you have reasonable assurance the person behind the email is who they claim to be.
But exceptionally few people do this.
You can use encryption, such as 7zip, and provide the password to the person in person, so you know the right person has the password. The two of you can then exchange encrypted email that only they can read.
Q: Is It Possible For a Virus To Wipe Out All the Information on the Internet?
A: This is very much like asking is it possible for a virus to wipe out all of humanity on the planet.
Even Ebola doesn’t have a 100% kill rate.
In the case of a computer virus, the virus would need to be compatible to run on 100+ different operating systems, able to read and write to many different storage device formats, and act fast enough so that it is able to attack worldwide so quickly no defense mechanism could be put in place (probably faster than 24 hours). It would also need to impact backups of backups of backups. Of which, most are read only – so cannot be erased, encrypted, or changed.
I’m sure there are at least a dozen other major hurdles it would have to overcome.
Overcoming one or two of these issues is easily doable. Overcoming all of them? It is not within the reach of technology as we know it today.
Q: How do I know who’s monitoring my calls on iOS? I keep hearing beeping sounds in calls.
A: It is almost inconceivable that the sound you are hearing has any association with possible monitoring of your phone. The reasons is there isn’t any reason for a penetration device or process to introduce noice on the line.
The overwhelming probability is you are hearing normal line noise.
That said, calls are monitored or devices penetrated all the time by your phone company, the government, criminals, kids, and there is always that whackadoodle ex. Because there isn’t a good way to know if you or your device is a target, the solution is to use encryption tools.
I like both Signal or Wire for voice calls, and Wire for instant messaging. Both offer point to point military grade encryption – the gold standard. Once you start to use quality encryption tools, you can sleep a bit better at night.
Q: MAC addresses are coming up on my network. How do I block them?
A: Every device that is able to access either ethernet or wi-fi has a unique MAC (Media Access Control) address. Although the MAC address is hard-coded into the network chip, it can be spoofed.
Any quality router will include the ability to turn on MAC Address Filtering. Once activated, enter the MAC addresses of your own devices as “allowed”, and then disallow any other MAC address from the network.
Now retrace your network security:
- Are your WiFi passwords strong?
- Have you changed your WiFi passwords recently?
- Are your network communications encrypted using WPA2 AES?
- Are your storage devices encrypted?
- Are there ethernet jacks that can be accessed by others without notice?
Q: What are the limitations of an antivirus in protecting a PC?
A: First and foremost is an antivirus (anti-malware) is limited to protecting against only malware. Malware is just a minor player in the cybersecurity arena.
They are limited to protecting only against the malware they have been designed to recognize. Even the very best protect against perhaps 99.9% of known malware. Depending on whose numbers you believe, there may be more than 100,000,000 malware in the wild. That leaves at least 10,000 known malware even the very best don’t protect against.
As to how many unknown malware are in the wild? Nobody knows.
And then when they come up against malware they know about, they are limited in how well they eliminate the threat, and limited in saving any damaged data – or preventing data from being harvested.
A solution that works more reliably than antivirus is application whitelisting – specifying which applications may run. Then, should malicious code find its way into your device and attempt to run, it is automatically blocked as unauthorized.
Once the malware issue is dealt with, then you can turn your attention to the other security and privacy issues your device faces; email hacking, instant message hacking, phone call monitoring, man in the middle attacks (notice women rarely get in the middle of this) (sorry, it had to be said and I was just standing around), social media (it’s own kind of malware), storage device encryption, Multi-Factor Authentication, Disaster Recovery and Business Continuity Planning, etc.
Q: What Wi-Fi system is recommended to cover 1,000 users per month.
A: It’s not so much the users/month, but the maximum number of concurrent users, and the bandwidth of your internet connection that are limiting factors. Your available budget is also a factor.
For example, let’s say your internet bandwidth is 100Mb/s. If you have 100 concurrent users, that is 100Mb/s divided by 100 users, or 1Mb/s/user. That is barely adequate to maintain a connection.
So the first challenge is to have adequate internet bandwidth, based on the maximum number of concurrent connections, and how much minimum bandwidth you wish to allocate per connection. A good number to start with is 5Mb/s. This will allow a stable connection and tolerable browsing speed.
The next challenge is the maximum number of users connected to an access point. Consumer-level access points can typically manage from 10-50 concurrent connections. At some point, they will refuse any additional connections. Professional/Enterprise-level devices will be able to manage up to 250 concurrent connections.
However, even if you purchase a high-end unit capable of 250 concurrent connections, if the access-point is capable of a maximum of 1,300Mb/s throughput, that is 1,300/250 or 5.2Mb/s per connection. And that 1,300Mb/s rate is only available when the connected device is within a few feet. As the distance between the access point and the connected device increases, the available connection speed drops quickly. At an average distance of 100′, the average connection speed may drop to 1Mb/s.
The solution used for large conference halls, sports stadiums, (even Apple Stores) is to have many access points spread around the area, all connected via ethernet to a centralized router, each using the same SSID (Wi-Fi network name), operating as a wired mesh network. Have an adequate number of access points so that none are ever pushed near 50% capacity.
As an example, An Apple Store may have 20-30 Wi-Fi channels running on high-end Cisco Access Points to cover just one store.
Q: How can I stop other people from seeing what I’m doing on my tablet when using their WiFi?
A: The same easy answer to many cybersecurity questions – install and use a Virtual Private Network (VPN).
When using VPN all of your communications are encrypted between your device and the VPN server in the cloud. This makes it (almost) impossible for anyone (but the VPN host) to view your online activity.
There are thousands of VPN providers available. Many, if not most, or not ethical–particularly those that offer services for free. There are several dozen factors to consider when choosing a VPN provider, these are the ones I believe are most important:
- Operate in a country that supports cyber security, and is outside the reach of government intrusion.
- They keep no logs of your activities.
- They offer IKEv2 protocol (the most current, and perhaps most secure), or OpenVPN ( and open source protocol that has proven itself to be secure).
- Offers at least a one-day free trial to test if their product is fully compatible with your device.
- Is priced within your budget.
You will likely be paying between $30 and $80 per year for 2–6 devices that can connect to this one account.
Among my personal favorites are: NordVPN.com, Perfect-Privacy.com, and VPNarea.com