New Targets

Stay on Top of Security Threats

By Jennifer Martinez

Computer technology is constantly changing. Now, more than ever, we're using sophisticated software, operating systems (OS), and Internet access. We appreciate the freedom technology brings us. But new technologies can sometimes leave us open to attack.

What makes our operating systems vulnerable to attack from hackers? Sometimes, a particular combination of different technologies doesn't work together properly. Or an oversight in the creation of our software leaves us vulnerable to intruders.

But there are steps we can take to close these holes in our operating systems. The trick is to stay ahead of the hackers.

Types of attack
The tools intruders use to troll for vulnerabilities are becoming increasingly sophisticated. Equipped with the knowledge and details of a specific security hole, intruders now have the tools and techniques to scan hundreds of thousands of systems on the Internet, searching for those with unprotected vulnerabilities.

And when the hackers find a way in? They unleash Trojan horses, worms, and viruses. Many of these contain keystroke logging and backdoor functionality, which allows hackers to manipulate our computers from a remote location. We can lose all our important information, including our identities and finances.

So we need to stay smart. We need to protect our computers, our personal information, and our families. We need to install patches before intruders use details of an exploit to gain access to your system.

Develop a strategy
Most patches are delivered to your computer over the Internet. It's true. The very medium hackers use to attack your computer is the same one developers use to deliver anti-threat technology. But security firms can use the Internet just as effectively as hackers. What's most important is that you download the patches as painlessly and as regularly as possible. Here are a few methods you can try:

Check into purchasing a service contract from your OS vendor to provide you with patches, upgrades, and other customer assistance.

Visit the website of your OS or software manufacturer for patches and upgrades.

Microsoft Windows offers an automatic update feature with its OS. It's free and will activate any time a new Windows patch is released.

Subscribe to advisory and alert lists. These will alert you to any new software updates or patches that are released.

Sign up for independent bug-tracking sources, such as the CERT Coordination Center's Advisory List or the BugTraq mailing list.

Patch early and often
A patch can be an upgrade (adding increased features), a bug fix, a new hardware driver, or an update to address new issues such as security or stability problems. You can download most patches for free. In some cases, only registered users may get certain upgrades. At other times the only way to upgrade is to purchase the newer version at a discounted upgrade price (requiring a reinstallation of the program). Usually, you can install a patch over the top of an existing program.

Apply patches, monitor updates, and make necessary upgrades to operating systems and software. Manufacturers of operating systems and software often release security patches as they find and fix problems.

Run antivirus software and keep virus definitions current. Make sure security patches are up-to-date.

Apply the latest security patches to email clients and web browsers.

When identifying vulnerabilities, make sure you don't overlook systems that are perceived as "less critical." Many intrusions enter through seemingly less-critical holes. After the intruders gain access, they will use that entry as a springboard into more critical applications. Remember, anything that is exposed is mission-critical.

As a preventative measure, back up your system and data at least once a month. Create two backups each time, storing them in separate places, one of which is outside your home. And make sure you have an emergency recovery disk as well.

Conclusion
There will always be new vulnerabilities-no matter how current your operating system or software is. Keeping your computer up-to-date by installing patches is the best defense against intruders. It's a relatively easy solution to a highly preventable security problem.