I am hanging around in the cyberspace since I was eight years old. Thus, I entered the cyberspace in the past sixteen years from different locations (most of the time from Germany), studying in the United Kingdom and working in Belgium – apart from the short term visits to other countries. I attended Local Area Network gatherings, conferences, university networks and a more occasions on which malware easily spreads. My point is, during all these times my private computer had only one virus infection (that is no demand for sending me malware, guys) and apart from that I have only seen and cured few infections on other computers. During my two months stay here in the Philippines I already encountered as many infections as I encountered during the past sixteen years of my life combined. Why is that?
1. My sample is too small and this issue only occurred by accident. I give you that.
2. The Pinoy culture is a hacking culture and therefore a lot of malware is created here. One example for that is the I Love You virus. May be, but the Internet connects all of us very fast, faster than it takes me to go somewhere else in my own city with my USB pen and infect another computer.
3. There is a lack of awareness. People are simply not aware or not interested in what is happening to their computers because it is only regarded as a tool. How ‘unimportant’ this ‘tool’ is, when it is damaged beyond repair without a proper backup will only be obvious when it is already too late. Plus, in my opinion, this lack of awareness is also part of the culture in the other countries I have been to.
I am not an IT expert, neither by profession nor by education but I think my awareness of risks is above average. If I meet someone who is asking me to copy some files on his USB pen and my antivirus program has to clean it first, it is not ‘really’ a problem to me. Of course it is annoying, and given the chance that an updated antivirus program is able to detect and delete it says a lot about the lack of awareness of the other person. It might happen. What I do not understand is the reaction ‘ok, I give you my other USB pen’, because the damage is already done and there is no sign of awareness or interest in it at all.
I am not saying that there is away to secure your information and communication technologies completely but there are some simply steps to do as much as you can do without a lot of effort:
1. Be aware – no software or hardware in the world can help you if you download and open every file which is sent to you via email, given to you on an USB pen or is saved somewhere in your network.
2. Be equipped – there are free and commercial products (firewalls, antivirus, malware scanners) you can and should use (again, not an IT expert – ask one who can tell which is really good and which is just a scam)
3. Be updated – software needs updates, you do not need antivirus software if you do not update it regularly. Regularly means not once a month but once every two days or when an update is available. Some with other programs you use: messengers, operating system, PDF reader… update them.
4. Be backed up – even if you follow these instructions there are a lot of things which can happen to your computer (for example a crazy ex, livin’ la vida loca with a hammer and your beloved laptop), so back up your stuff on a regularly basis.
5. be smart – walking around in Metro Manila with your opened $2000 Macbook in order to do whatever totally useless stuff is not smart.
Everything I talked about applies for personal use. Companies have to do a lot more, but this would be another article. However, some of these steps should also be followed in your professional life. Just take one example: sometimes your IT cannot do anything about it, when you bring your own infected USB pen to the office and copy files. You can only hope that the software is up-to-date and configured in a way that it always scans your pen when plugging it in. Even then, you might have started a cascade of problems. In this article I am also not talking about direct attacks against a company. Just by accident, business networks may get infected, data loss will happen and even a public relations disaster might occur. I mean: Will you ever trust again a company which sent you spam emails or even worse emails with attached viruses? I am not sure about that. Apart from a lot of other positive and negative things (see for example Don Tapscott or Lawrence Lessig on the ‘New Economy’ or ‘Digital Economy’), this is one downside of the New Economy. The New Economy heavily depends and relies on information and communication technologies – and this again would be not only one article but a series – and therefore malware can easily bring you down.
What is my point? National and International Policies in the past few years are focusing more and more on the issues of cyberwarfare, cyber attacks, corporate espionage and these alike. On the other hand, information and communication technologies education is also fostered in school and other institutions. The latter mainly deals with how to use a computer or office programs or whatsoever. What they are less likely to talk about is the issue of information and communication technologies security in general. There should be a higher awareness of that issue. If you condemn the programming of malware in national or international treaties it does not mean that you really help the victims. You can only help them when you set up programs for them to educate them. This must also be on the priority list of measures to take against the ‘dark sides’ of the globalization of information and communication infrastructures. Especially if you try to foster development in developing and transitory countries. Do not only teach them what information and communication technologies are and how to use them to foster economic growth – do also educate them in the sense of downsides, risks and awareness.
So: be aware, be equipped, be updated, be backed up and none the less – be smart!