The Norman Transcript

February 22, 2014

Enhanced mitigation: Antivirus is not enough


The Norman Transcript

NORMAN — Back in “the old days” (for me, the early 1990s) when the Internet started becoming popular, most folks didn’t much care about things like computer viruses, email scams, online criminals or the Russian Mafia. Sure, there were problems here and there but, for the most part, we just merrily surfed away and had a good time.

The Internet has changed dramatically in the past 20 years. At least 90 percent of all email worldwide is spam. Over 60 percent of the “traffic” on the World Wide Web is “nonhuman,” generated, not by real people, but by “bots,” computer programs designed to travel all around the Internet and perform automated tasks, such as searching for email addresses to spam, copy website information, hack websites, steal credit card data, spread false advertising and other shady deeds. Those who ignore the rules of Internet safety are destined for disaster.

Over the years, products like firewalls, updates and antivirus programs, combined with a cautious attitude, have been the main tools of defense. Unfortunately, the Internet bad guys have become wise to the ways of these defenses, rendering them obsolete as stand-alone, “complete” security solutions. Antivirus programs can only be considered as one layer in your multilayered Internet safety strategy.

Some of the more modern and effective computer protection products examine what a computer is doing, and if it is doing it in the normal, expected way. Rather than depending solely on lists of known viruses and malware problems, these products look at how the computer is actually behaving. If abnormal behavior is detected, such as programs trying to modify themselves in odd ways, malicious Internet addresses being visited surreptitiously, or mysterious packets of information secretly flowing in and out of a computer, advanced computer protection products flag this aberrant behavior and force it to stop.

Microsoft makes one such free product called the Enhanced Mitigation Experience Toolkit (EMET). As Microsoft puts it, “EMET anticipates the most common actions and techniques adversaries might use in compromising a computer, and helps protect by diverting, terminating, blocking, and invalidating those actions and techniques.” EMET has been around for a few years, but using it was often considered beyond the abilities of normal computer users. In its current form, though, EMET 4.1 is easy enough for just about anyone to install and use.

To get started, visit microsoft.com/emet, click the “Download EMET 4.1” link on the right-hand side and then click the big orange “Download” button. You will have the choice of selecting the EMET Setup file and the EMET User’s Guide; you might as well get them both. Save the files to a location you’ll be able to find later, such as your downloads or documents folder.

If you really want to dig into the nitty-gritty of how EMET works, and the various ways you can set it up, go ahead and dive into the User’s Guide. If you’d rather just get it going and get on with your life, one of the easiest to follow tutorials on installing and configuring EMET is at eBay. Go to pages.ebay.com/securitycenter/emet.html and follow the quick and easy instructions to add this wonderful tool to your computer safety lineup.

Be advised that EMET only works with computers running Microsoft Windows; Apple has not seen fit to invent a similar tool for Macs. Keep your eyes open, though, because as time goes on and the Internet gets crazier, that could change.

Dave Moore has been performing computer consulting, repairs, security and networking in Oklahoma since 1984. He also teaches computer safety workshops. He can be reached at 919-9901 or davemoorecomputers.com.

Breaking news, severe weather alerts, AMBER alerts, sports scores from The Norman Transcript are available as text messages right to your phone or mobile device. You decide which type of alerts you want to receive. Find out more or to signup, click here.