When it Comes to Computer Malware, It's a Jungle Out There!

Todd Selig

The information contained in this article is not intended as legal advice and may no longer be accurate due to changes in the law. Consult NHMA's legal services or your municipal attorney.

Tips for Residents, Businesses, & Municipalities in Keeping Computers Safe and Secure from Malware

The Town of Durham has recently been the target of a series of internet-based malware attacks. Such attacks are not unusual. In November 2014, for example, the Dickson County Tennessee Sheriff’s Office indicated it recently paid more than $500 ransom to release files locked away by a malicious software called “Cryptowall” that was accidently downloaded into its system when a staff member clicked on a rotating ad that had been infected with the malware. The same sort of malicious software attacked Durham’s Police Department computers during the summer of 2014.

Consequently, I want to inform municipal officials about malware and what you and your community can do to protect your computer devices from such attacks. Information offered is gleaned from the Town of Durham’s Information Technology (IT) department and from Mainstay Technologies, one of Durham’s IT contractors.

There are numerous malicious email campaigns in active circulation on the internet utilizing virus-laden PDF attachments, malware encrypted text hyperlinks, and legitimate email addresses targeting local residents, governments, and private sector businesses alike. Computer users should therefore exercise constant vigilance.

Attackers typically target organizations or individuals with malicious emails containing an odd subject line such as “Unpaid Invoic” (note the incorrect spelling of Invoice) with an attachment like ‘invoice621785.pdf’ or a similar naming convention.  If you open the attachment or click on the link, the chances are good your computer or device will be infected!

Municipal staff members and elected officials may also receive suspicious emails from people they know encouraging them to click on a strange link to access information or files.  In such instances, the suspicious emails are often sent from legitimate, and not spoofed, email accounts.  Typically the malware contained in the attachments will infect the victim’s mail server, causing the victim to unknowingly send emails containing the same malware virus to all of their contacts, thus spreading the infection. Like the flu, it moves seamlessly on to new, unsuspecting hosts.

In mid-November 2014, one of the Town’s minute takers and two members of the Durham Town Council clicked on such links at home infecting their computers, followed shortly thereafter by their mail servers broadcasting new virus-laden emails to their contacts, including most of Durham’s municipal departments and many of our local board members.

Additional clues that a message may be malicious include:

Email from a company or person that you did not initiate contact with or from whom you are not expecting email correspondence.

Email from a person you may know, but appearing out of context or otherwise unusual.  For example, the message may contain misspellings, grammatical errors, or a writing style with a tone or brevity not typical of the sender.

Messages with a sense of urgency, but little or no content or context.  For example, a message may ask you to open an attachment or click a link, providing few specific details as to why the matter is urgent.

Messages appearing to be from a colleague, government agency, or a member of a professional organization, but sent from a strange webmail account. These messages will typically ask you to open the attachment. If the malicious attachment is opened, a virus is extracted that will compromise your computer.

Any computer user who believes he or she has received a message similar to the ones detailed above is advised to delete it immediately. Municipal staff members should report the email to their IT department, but don’t forward along the attachment.

Helpful computer security tips include:

Use common sense: if an email appears suspicious, don’t open it.

Keep anti-virus software up to date on your computer.

Avoid opening emails from untrusted sources.

Delete suspicious emails.

Do not follow unsolicited links in email messages.

Verify legitimacy of unexpected emails by contacting the sender directly before opening.

When in doubt, go without opening email attachments or clicking hyperlinks.

Backup your computer and servers regularly, ideally to an off site location.

The authors of malicious software are constantly designing increasingly convincing email and fake website links to fool unsuspecting individuals into installing malicious content. Exercise caution! When it comes to malware, it’s a jungle out there.

Originally from Laconia, Todd Selig has been the administrator for the Town of Durham since 2001.


Article Topics: