Advice for Newbies

I originally wrote this as a reply to a Reddit post but as I saved it, comments were blocked.

2867374530_5feabdfbce_bGive yourself little tasks and projects to do. Think of it as being like model kit building. You start with the easy kits like a plane with just a few pieces and as you get better you pick up new things like painting, sanding, and eventually making bigger better kits.
So, start with small things. For example, write a small program with a for-loop and get to know what all if the commands are really doing. This is your basic kit. Add in some variables. Add in user input, and keep going trying new things. Eventually, challenge yourself by learning how to work with a GUI. Sometimes your program will break. This isn’t a bad thing. It teaches you how to debug. What’s important is to take your time and experiment.
The same goes for aspiring system engineers. Learn how to create a virtual machine and install Linux in it. Then learn how to create a web server and then how to get PHP and MySQL working, etc.
A computer course can teach you how to write good code or what all of the system services do that you need but what’s most important is that you don’t give up and never lose your curiosity.

How can I get Malware?

I received an email this morning. I’m actually expecting a package that has been held for some time and when I saw it, it seems potentially legit at first. But then I realized that I don’t use my work email for personal things like that. When I saw that it came from someone who didn’t have a UPS email address, and there is a .zip attachment. I don’t know for sure that this attachment has a virus or any kind of malware, but I won’t take the chance on company hardware.

In the past few months ransomware such as WannaCry has been a big thing in IT news. It is a program that encrypts (locks) your documents and files so that you can’t use them until you pay someone a ransom. Like a virus, then often move from machine to machine on a network. How do these things start? They usually start with emails like this one. Someone opens an attachment that they think is legitimate and then they find that they can’t use their data anymore and if they don’t have backups, then they might be out a lot of money. If it happens on a corporate network, they could be out millions.

How can you be safe?

  • Don’t open attachments that you aren’t expecting.
  • Be smart about email. If you don’t know who the email is from, never open an attachment.
  • Report suspicious email like this to your Information Security team or Email administrator so they can be blocked in the future.

Malware attacks happen, but they don’t have to happen to you. A bit of savvy about how these things works can save a lot of headaches.