Humans learn by trial and error, don’t do it with your computer security!
Throughout our lives, we acquire skills by practicing and failing – over and over again – until we finally master whatever it is we’re trying to accomplish. Since the advent of video games, we’ve played games of daring – from Pong, to Pacman, to the latest immersive Role-Playing Games. Each of these games has an underlying premise: almost everyone will lose until they practice enough to survive and solve the game. Of course, this behaviour didn’t start with electronic games. The “do over” is common in many situations. The game of golf, in particular, is famous for its “mulligan”. So, what does any of this have to do with Computer Security?
We’ve had constant reinforcement that mistakes will happen, and when they do, we simply have to hit the “reset” button and try again. Unfortunately, it is that cavalier attitude that is our worst enemy when it comes to Computer Security. Computer viruses were first discovered in the 1970’s; but personal computer viruses were introduced in 1981.
Since then, virus writers have become experts in “social engineering” – thinking up all sorts of ways to fool people into infecting their computers. The common thread in most security breaches (of which viruses are only one example) is that the victim was either too trusting or too curious.
When it comes to Computer Security, there is no such thing as being “too careful”. Casually opening an email attachment because you recognize the sender’s name, or finding a USB stick on the ground and inserting it into your computer to see what’s on it can lead to a disaster from which there may be no “do over”.
Things were bad enough when viruses infected your machine, causing annoying popups or downloading useless junk. At least, those types of infections could be cleaned up and your computer given some measure of protection with anti-virus programs.
But these days, a growing number of viruses will silently invade your computer, scramble the contents of your important data files, and then display a ransom demand – pay up, or you’ll never see your data again!
The dilemma here is overwhelming. Instinctively, we try to avoid paying a ransom – rewarding criminals for their bad behaviour. Yet, in some extreme cases, the value of the information relative to the value of the ransom makes it seem worthwhile. It’s akin to settling a lawsuit, despite knowing you’re not at fault, because the cost to fight the allegations will be more than the value of the win.
The whole situation can be avoided by taking two important steps:
- Learn to curb your trusting ways and curiosity when it comes to computers; and
- Make sure you install and regularly use good quality backup software to safeguard the irreplaceable information on your computer
Remember, there are no mulligans when it comes to Computer Security.
If you would like me to address any particular questions please use our Contact Form and send your request to the Computer Security columnist.