By Gloria Austin
Staff Writer
There are very few households that do not have some sort of technological device from a smart phone, iPod, iPad to laptop. Today’s world is connected through the World Wide Web (www) or Internet. There are many benefits of having such knowledge at a touch of a key, but there are many dangers that lurk, as well.
One of the more public incidents was when the computers in the Houlton Police Department were infected with a virus, shutting down access to all documents and programs. The Houlton Police Department was one of a handful of departments in the state impacted by a virus called “ransomware.” It is just like it sounds. The virus, which typically enters a computer’s system through an email attachment, encrypts computer files until a ransom is paid. The fee, based on how much data is seized, goes up in increments if it is not paid in the required timeframe.
If “hackers” can find their way into secure main frames, where does the ordinary user stand? Doug Boreland of VirtualTech takes a look at how such viruses impact personal computers.
“We love the Internet, and all of our connected devices. We really do,” said Boreland with a smile. “Humankind has been transformed so much in a very short period of time. We call it the technology age or the information age.”
Boreland said he laid eyes on his first computer in 1980. It was a VIC-20.
In 1986, Boreland was entering his junior year of high school and embarking upon his first programming course, which happened to be on the Commodore Super PET.
“I instantly fell in love with programming,” he said. “Math and sciences were my favorite classes, so this was a natural fit. I had always been a logical thinker and computers were 100 percent logical. The only reason they would fail in software would be either by incorrect programming or incorrect input. In computer jargon, we call it GIGO. Garbage In, Garbage Out. I loved being able to make a computer do pretty much anything I wanted.”
When Boreland became interested in his lifelong career of computers, there were not as many “pitfalls,” as he calls them back then.
“These pitfalls increase both in numbers and their ability to disguise themselves as legitimate processes, whether that be an e-mail, a video you download or a link on the Internet,” he explained. “I have been a programmer since 1992 upon graduating from Computer Science. I also was a bit of a hacker back in college — but not in a dangerous way.
“Today, one aspect of hacking is what we call phishing,” Boreland added. “That is an attempt, through many possible means, to obtain important information such as sign-in credentials. It wasn’t called phishing back then and I’m not sure how prevalent, if at all, that it may have been. But in 1991, while in college, I wrote a phishing program that in a matter of minutes, obtained the usernames and passwords of all of my classmates. The application was written in pure Basic. I never did anything like that again — but it certainly helped me understand very early on, how easy it could be to do so.”
Boreland warns that today’s things are more sinister than just “fooling” around with a phishing program and he should know. He owns and operates VirtualTech at the Fishmann Mall in Houlton. Besides his retail sales and hardware repairs, he deals with many infected computers.
“The most complex and devastating/costly I’ve seen in the last few years is Crypolocker, or current variants like PCLock and very recently, PCLock2,” he said. “The latest being the worst, it targets 2,583 file extensions. The earliest malware only targeted text files, office documents, pictures, and a few others. Without recovering the private keys (hosted on a server somewhere outside of the country), or paying the ransom, which can be as high as $700, your files will forever be lost.”
Boreland noted that society does not have and will not have, until approximately the year 2030, the necessary processing power to decrypt any encrypted files (at this level) using brute force attacks.
“In email, this malware can appear to be a PDF file with a receipt for a recent order you may have placed,” said Boreland. “Upon opening it, you will see nothing; nothing will happen, the document does not open. If this happens to you, and you have not seen anything else odd up until that point, you have a very small window to avoid encryption of your files.”
That scenario involves calling a trained professional, like Boreland immediately, and possibly setting up a house or business visit.
If this should happen, Boreland outlines steps to follow.
“Do not shut your machine off. Once you do, and it is powered back up, that is when encryption begins. Then it is too late,” he said. “Do not delete the email. If for any reason the machine is powered down by accident, or has to be powered down, all is still not lost. Someone who knows computers inside and out can remove the threat without even turning your machine on.”
Even the most harmless looking email can be hiding a dangerous secret. Boreland warns people to look at their emails carefully — especially if it does not seem quite right — even if they appear to be from friends or loved ones.
“An obvious example might be an email or Facebook post from your 80-year-old grandmother exclaiming that you’ve won $15,000 or that you can go on a party cruise for only $50 a night,” Boreland used as an example. “Less obvious might be a link from Fedex claiming your package could not be delivered and to click on the link to inquire further. You may have even been expecting a Fedex delivery soon. I do not know if the timing is coincidental — but it certainly makes it more difficult to know if it is legit or not. Many times, if you ‘hover’ over a link, either in a web page or your favorite email client, you can see where you will be directed to before you click on it.”
For example, a Fedex link should start with something like https://www.fedex.com. A phishing link might be http://www.f3dex.com or http://ww1.fedex.com.
“At quick glance you might not see the difference, but it is critical that you do,” said Boreland, who could go on about risks and there are many today.
Boreland recommends Microsoft Security Essentials since it is a great free choice. A good malware scanner is essential to have as well. A great choice here is Malwarebytes.
“Do not double up on either virus scanners or malware scanners — one of each is enough,” said Boreland. “Anything else slows your machine down. In addition, if you have multiple running, and any one of them do not encrypt the virus strings themselves, they can also trigger false positives in the other applications — again slowing things down.”
As a final protection, backups are critical. The choices for backup software can be overwhelming, even more than choosing virus protection. And then many of those choices can be complicated to use, or even to get configured.
VirtualTech also has written backup software that is easy to use. Once it is setup (which is a matter of one or two clicks), the backup begins automatically.
To learn more about how to protect yourself in the computer age, call Boreland at 521-5214.