When I returned from vacation recently, I discovered that, while I was gone, two PCs at my home had been infected with the Blaster worm. I am fastidious about security. My home network is protected by a firewall, and every computer runs antivirus software. But the worm apparently crawled in through a link to an infected corporate network.
This experience, plus the millions of e-mail messages generated on Aug. 19 by the latest version of the spam-spewing SoBig virus, have convinced me that we -- the entire community of business and consumer Internet users -- must make some fundamental changes in how we approach computer security. The most important is that ordinary folks need to take more responsibility for the security of their systems at home and at work. This is the sad reality if we want the Internet to remain a useful tool for personal and business communications.
Of course, corporate network managers, Internet service providers, software companies, and other professionals have a huge part to play in making systems safer. But there's an important analogy to how society conquered mass epidemics a century ago. An infrastructure of sewers and clean water was vital. But public-health officials couldn't do it all; individuals had to learn the importance of hand-washing and basic sanitation steps to stop the rampant spread of infectious disease. The difference in the PC world is that every unprotected computer has the potential to be a Typhoid Mary, infecting thousands of others.
TO-DO LIST. There are two things every computer owner should do right away. First, run antivirus software on every computer, and make sure it is set up to receive automatic updates. If the short-term subscription to updates that came with your new computer has expired, renew it.
Second, everyone running Windows 2000 or XP should be receiving critical software fixes from Microsoft's Windows Update service. In Windows XP, you configure this by opening the system control panel and selecting the Automatic Updates tab; in 2000, open the Automatic Updates control panel. If you can deal with the notion that your computer may reboot itself after installing an update, choose the scheduled install option. If you opt for manual installation, be sure to install the upgrades when they arrive.
The next step is a little trickier. I used to think it sufficient to place a hacker-blocking firewall at the point where a local network, home or business, connects to the Internet. But this is not enough: Firewalls don't stop infected mail attachments or file downloads from services like KaZaA. And once the worm is inside, it spreads rapidly. Microsoft recommends protecting small networks with the Internet Connection Firewall (ICF) built into Windows XP. This works, but at the price of crippling your network. Worms and viruses can't get past an ICF, but you won't be able to swap some files within your home network or print some documents.
PITCHING IN. The best answer I have found for people with home networks is a more sophisticated firewall that gives freer access to computers within your network while protecting you from assaults from the Internet. ZoneLab's free software ZoneAlarm (downloadable from zonelabs.com) is an obvious choice. I make this recommendation reluctantly, because ZoneAlarm, along with firewalls like Symantec's Norton Internet Security and McAfee Internet Security, are really aimed at people with some level of networking expertise. But until someone offers a simpler product that does the job, this may be the best way to keep your network both safe and usable.
Government and industry have a lot of work to do to repair and secure an increasingly chaotic Internet. Until they do, all of us are going to have to take a more active role in protecting both our own systems and the public health of the network. It's unfortunate, but unavoidable.
BusinessWeek Online originally published this article on 29 August 2003.