All Systems Go: Keep computers safe from attack

Oct 29, 2018 by Jason Roberston

All Systems Go: by Jason Robertson

IT administrators swear by this motto: “Always ensure your software is fully updated.” If we never download updates  and patch our products, the system will be vulnerable, and those vulnerabilities are easily exploited by hackers.

And it’s not just updating the computer that’s important – we must also update Java and Flash.

About a year ago, there was a hacking competition for the Mac OS, which is very secure. On Day 1, they had just the Mac with the base operating system, and no one could hack it. On Day 2, they installed all the approved Mac OS apps, and no one could hack it. On Day 3, they installed all other apps that you would normally find on a Mac, and one of them was Adobe Flash. A hacker was able to gain full access to the computer based on a Flash vulnerability.

Adobe has since released patches and updates, but their software consistently gets hacked and makes computers vulnerable. If we don’t use Flash or need it,  it’s best to remove it.

Kill and remove viruses

Updates are nice, but we also want something to kill and remove viruses This is where anti-virus software comes in. There are two main types: residential and commercial. The commercial versions allow for central control and reporting, which means admin can centrally deploy. With commercial, there is a licensing period for updates; after the license expires, the commercial anti-virus software will still work but will not get any new updates. With residential anti-virus software, when the license runs out, the software stops working.

Most people favor free versions of software, but when it comes to free anti-virus software, be sure to download the free version — and not a virus.

Block data theft

Besides viruses, there is malware, or spyware, to watch out for. What is the difference between malware and a virus? Viruses are usually self-replicating and try to damage to your computer – kill the operating system, corrupt files and  cause data loss. Spyware does not cause harm. It collects usernames, credit card info and passwords, harvesting as much sensitive information as it can, then upload that data to its server.

Anti-virus companies don’t usually include anti-spyware products. Always install an anti-malware program, such as  Microsoft Defender, Spybot Search and Destroy, or Adware (Malwarebytes). Defender and Spybot Search and Destroy are both free. In my experience, the free versions are generally better than the versions that are paid for.

Build a wall

Firewalls can be software or hardware. They keep hackers from getting into your network from the internet. A firewall can be installed on the computer as software, or a hardware firewall can be built into the modem/router. But remember, just because it’s built in doesn’t mean it’s turned on.

All apps/programs that access the internet use ports to communicate to the internet; the firewall blocks that port from outside access. Firewalls are great because they keep hackers from getting into our network, but be a little careful as they also could keep us from doing what we need to do.

MacAfee SiteAdvisor, or WebAdvisor,  is a free tool to make sure we don’t go to websites that host viruses and spyware. It works by having a database of all the bad websites, and preventing or warning us from going to them.

‘Suites’ not a good idea

In order to sell us more products, the major manufacturers of anti-virus software have created “internet security suites,” which are packages with everything included: anti-virus, anti-malware, firewall and SiteAdvisor. It sounds like a good idea, but it’s generally not. Most companies do one thing well, but not everything well. With internet security suites, they try to do too much and end up hurting the end user, locking down the computer so much that it can cause more headaches than it’s worth. Security suite software can block users from legitimately accessing the internet, and often users will have no idea how to gain access to the internet from their computers again. Let each vendor do what it does well, and avoid the suites.

Privileges and permissions

Proper use of privileges and permissions is important. Every operating system ever built has login options with different permission levels. A “root user” in Linux can do anything. In Windows,  there is the “user,” who cannot install software and change programs, and the “administrator,” who has full control.

It’s always a good practice to create a user account with only user permissions, rather than letting everyone log in as administrator. Why? When a virus comes into a computer and the virus activates, it will have the permission level of whichever login is active. If the user is  logged in as admin, the virus will be able to do anything it wants – self-replicating, installing itself into auto startup and login, editing our registry – and it can be a real nightmare for those not experienced with removing and killing processors and cleaning the registry.

Browsers are not born equal

The main internet browsers are Internet Explorer, Firefox, Chrome and Safari. My advice is to not to use Internet Explorer, as it allows a computer to connect to other computers in a way that other browsers do not. Internet Explorer offers a lot of functionality – we can use active X programs to create little programs within Internet Explorer, and it allows us to remotely control a computer from other computers – but this functionality also offers a lot of security holes. With Internet Explorer, a hacker could go straight into the computer.

In contrast, there is not a lot a hacker can do with Firefox, Chrome or Safari. Since they mainly browse the web, the worst that can happen is that the user will be sent to a different website.

Quick recap

Vigilantly tending to the basics will help keep all computers on board safe from attack. Make sure all updates are done; use a reliable anti-virus, anti-malware and firewall; set user-only permissions; surf the internet using SiteAdvisor; and try not to use Internet Explorer unless absolutely necessary.

Jason Robertson, director of technical crew placement agency Robertson ETOS (www.robertsonetos.com), has more than 17 years of combined AV/IT and ETO experience on board megayachts. Comments are welcome below.

Topics:


Related Articles

Yacht sinks in Australia

The 135-foot (41m) M/Y Seafaris caught fire and sank off the coast of Australia on Oct. 3, according to news reports. Eight crew and eight guests abandoned ship and

Fire extinguishers recalled

Fire extinguisher manufacturer Kidde, in conjunction with the U.S. Consumer Product Safety Commission (CPSC), has initiated a voluntary recall to replace certain Kidde fire extinguishers. A faulty …

Crew Eye: Doing a safety check

Crew Eye: Doing a safety check

Stew Marissa Van Niekerk performs a monthly safety check of the Drager SCBA (self-contained breathing apparatus) aboard M/Y The Big Blue, a 138-foot (42m) custom expedition yacht launched by …

Managing diesel engine emission gases complicated

Managing diesel engine emission gases complicated

For more than a century, the diesel engine has been the workhorse for many industries around the world powering large trucks, farm tractors, locomotives, construction and mining equipment and …

Marina del Rey marina renovated

Washington-based Bellingham Marine has renovated the Harbor at Marina Bay marina in Marina del Rey, Calif. Previously known as Bay Club Marina, the marina reopened this summer. The entire …

Tips for yacht crew to survive long hours, hectic duties

You have finally finished a 12-hour shift. It might be the first of the season or the fifth in a row. You flop into bed, start scrolling on your