Malware, viruses, hacks, and anything else that may compromise your identity online, computer, or digital device.
Security and Privacy
Gordon is in the hospital, and wants to know if their public wifi is safe or should he use a VPN? Leo says that if it's using a wide-open network, then anyone can log in. It's a shared, public network. There are some risks, but your banking is safe because it's encrypted. The one thing to worry about is a "man in the middle" attack. Hospitals with public wifis could give the hospital the ability to watch what you do. That's when a VPN can come in handy. It will encrypt all traffic, by burrowing an encrypted tunnel to the internet.
Murray's home owner's insurance is now covering cyber-related incidents, including ransomware at up to $250k. What does Leo think? Leo says that's interesting because many insurance companies have declined to cover it because it's considered an "act of war" as part of a nation state's cyber warfare campaign. So Murray would have to read the policy very carefully to be sure there isn't an act of war clause that they can use to get out of paying any losses. Leo says that LifeLock will cover him up to $1 million with their backup service.
The Weather Channel went down this week for about 90 minutes due to a phishing attack and ransomware. Leo says that it's impressive that the Weather Channel came back up so quickly, but this is going to keep happening as long as people click on attachments.
Greg's wife has an iMac running El Capitan, but now the Safari app just goes to Yahoo Safefinder no matter what! Rich says that there's some malware on the browser, likely an extension. Rich recommends Malwarebytes, and give the iMac a scan. Also, go through the apps and see if there are any that are unrecognizable. CleanMyMac is a program that can also clear out malware. Greg can also look for a browser reset in the settings, which will wipe out everything and start over.
Sheldon hears about Amazon's listening in on commands with Alexa, but are they recording when users do a drop-in, or a phone call? Rich says that no, the system is designed to stop listening once the command is executed. Besides, if they were, that could kill the entire service if word got out that Amazon was recording the entire call/drop-in.
But an easy way to test it is to make a call, and then give Alexa a command, If it reacts, then it's not recording. If it doesn't ... well, there would be an interesting answer from Amazon about that.
Robert got bit by a phishing scam about being a workshop presenter. He clicked on a link to download an attachment and nothing happened. He realized what he had done and disconnected his desktop. Now he thinks he needs to reinstall? Leo says Nuke from orbit. Do not install from in-place. He should want to back up data, wipe the hard drive, and then reinstall Windows from a known, good source. But he should make sure to know if he actually has malware. If he has a WInMail.dat file attachment, that's from Microsoft and older Outlooks use it.
Fred is trying to import his contacts and calendars and gets a single PST file that he can't import. Leo says he can choose several different formats, including CSV. Fred also has a Dell computer and his free trial of McAfee has expired. Leo says GOOD! Get rid of it and use Windows Defender. It's one of the best AVS out there, and it comes free with Windows 10. You don't need anything else.
Leo says that while 2018 was the year Ransomware, 2019 is even worse. Arizona Beverages got hit by ransomware last week. The attack shut down sales operations for days, scuttled their networks, and servers. The network was hacked and encrypted, targeted by hackers with a ransom note posted to their website. Leo says that Arizona struggled with trying to rebuild their operations for five days. Most of their servers hadn't been given security patches in years and their backups didn't work.
Louis travels with his iPad and would like to know if there's a VPN for iOS. Leo says you have a few ways to go. Leo says that 220.127.116.11 is an app that isn't strictly a VPN, but it changes the DNS to give privacy from an ISP. The benefit is that it doesn't slow users down. But if customers want something to completely protect them at a public space, Leo says to purchase ones like ExpressVPN, or NordVPN. Both are offshore and don't log user activity. There's also Tiny Hardware Firewall as another option.
David wants to know about securely sending attachments to clients with Exchange. Leo says that he prefers to send a link to the file saved in the cloud. It's secure, HIPPA compliant, and much easier than sending attachments, which can be notoriously insecure. Leo recommends ShareFile from Citrix. David can also set it to expire, use a password, and other security guarantees. It makes email smaller and more secure.
Free options include FireFox Send by Firefox, where David can send files up to 2.5gb.