Home users and small businesses are arguably the least computer security-conscious group of Internet users and are more likely to have a level of vulnerability they aren't aware of.

None of the recommendations for home users and small businesses are new: They have been prescribed for years as the most effective medicine against malicious hackers. Yet they are prominent because Internet users continue to ignore them at a high cost to themselves and other Internet users.
Individual consumers fail to understand that by not exercising good and safe practices on their computers they are potentially causing themselves to be a pawn in a larger cyber attack against other users or against one of our critical infrastructures. Here are five basic things anyone who uses the Internet can do to guard against online attacks:

1. Install and use a firewall. Considered the first and last line of defense, a firewall is a software program or piece of hardware that prevents unauthorized Internet traffic from entering or leaving your computer, particularly computers that are always left connected to the Internet (typically, Internet users who connect over DSL or cable modem fit this category). Properly configured, a firewall can give you greater control over your computer and prevent attackers from successfully scanning your system to learn details about potential weaknesses on your network or PC.
For a sobering look at the insecurity in the average operating system, consider the research conducted by The Honeynet Project. The project takes servers and computers "out-of-the-box," - without any changes to improve or reduce their security - and connects them to the Internet for the sole purpose of seeing how often they are probed and hacked, and what techniques attackers are using.

Based on the project's most recent tests, the average unprotected Windows or Linux-based computer with the most common security holes will be hacked within three to five days. Even secured computers will be probed or scanned for known vulnerabilities an average of 30 times each day.
The vast majority of attacks on the Net today are launched by people out to break into as many computers as possible. Using automated software tools available online, a malicious hacker can set in motion a scan of more than a million computers before he goes to bed at night and have hundreds of systems under his thumb by morning.

It's not so much people not realizing they're vulnerable than it is they don't believe they're a target. The fact is, anybody can be a target.
The reasons attackers would want to break into your machine are as varied as the methods for doing so.

Computer criminals often use other peoples' PCs for storing files that would be incriminating if found on their own machines, such as child pornography or lists of stolen credit card numbers, said Marc D. Goodman, senior managing director of the Digital Security and Investigations Group at Decision Strategies in New York.

More frequently, criminals hijack computers for financial gain or as a means of attacking others with impunity.  

2. Use anti-virus software and update virus definitions regularly. More than 80 percent of Internet users surveyed in the AOL study have antivirus software installed on their computers, but less than a third said they regularly update their virus definitions, an indication that most users do not bother to pay the renewal fee when the antivirus software subscription expires.

Once executed on a vulnerable computer, most viruses transmit copies of themselves to all of names in the victim's e-mail address book. As a result, people who don't use antivirus software or allow their virus definitions to expire are putting their friends, co-workers and loved ones in the line of fire. With antivirus software, you're not just protecting yourself for your own sake, but also for the sake of those you communicate with.

3. Create secure, original passwords. Creating unique passwords is one of the easiest ways for consumers to ensure their privacy and security online.

4. Update your computer(s) with the latest vendor security patches. 95 percent of all network intrusions can be avoided by keeping computer systems updated with the latest vendor patches, according to the Cert Coordination Center's Software Engineering Group; government-funded computer security watchdog .Windows users can go to windowsupdate.microsoft.com to install the latest updates. Using Microsoft's automatic update notification service, users can get updates when they are released. Windows XP users can configure updates to install automatically.

5. Practice basic e-mail and downloading "street smarts." Most viruses are transmitted as e-mail attachments. Some may come from people you know; others will enter your inbox bearing enticing subject lines. Either way, users should be wary of opening all attachments, and scan each one with antivirus software before opening them. Avoid opening e-mail attachments that contain the ".vbs" file extension. Short for visual basic script, commonly used in writing computer viruses.

People who use so-called "peer-to-peer" file-sharing networks such as Morpheus, Kazaa and Limewire place themselves at a particularly high risk, especially when downloading "executable" programs, experts say (executable files have names that end in ".exe").

Often times the most destructive things are programs that won't be caught by antivirus software. Such nasties include the so-called "Trojan Horse" programs that allow attackers to control your computer from afar, and keystroke loggers, which can record everything you type on your keyboard, including passwords and bank account numbers.

P2P users also should take care to limit the directories they share. It is not uncommon for users who rush through the process for installing programs that run those services to end up sharing the contents of their entire hard drive.

Source: washingtonpost