Cyber security 101: simple measures everyone shouldadopt

By Ben Dickson

As more and more aspects of our lives become connected, we become more vulnerable to attacks. But despite the spooky and high-tech stories you hear about the sophisticated methods employed by hackers, in most cases, it is simple negligence and overlook that allows them to carry out their attacks. A 2014 report from IBM states that 95 percent of IT security breaches result from human errors. For instance, despite all these warnings you see on sites about creating strong passwords, you’d be surprised to learn that “12345” and “password” remain the two most common passwords on the internet.

It is time to give up the naïve way of thinking that security breaches are always for big corporations and high profile figures. Any one of us can become a target. And we must learn the basics to protect ourselves.

In this blog post, I’ll reiterate a few simple rules that everyone should learn and abide by – even children.

Know your connections

The first step for good cyber security is to know how you, your family and your home are connected to the internet. In days of yore (I mean 20 years ago), you’d only need to seal your desktop or laptop computer’s internet connection to make sure that you were protected against malicious hackers. A few years ago, that domain expanded to include your smartphone as well. Today there are tons of connected gadgets surrounding you (including smart kettles, fridges, door locks, garage doors) and on you (your smart wearable devices such as smartwatch, Fitbit, etc) that you need to be wary of. In a few years, connected devices will outnumber humans. Every one of these can become an attack vector – even your light bulb – and need to be secured.

Strengthen your passwords and guard them

Everyone’s heard about the characteristics of a strong password: over 8 characters and composed of a combination of letters (both uppercase and lower case), digits and symbols. But that’s not all there is to having smart and strong passwords. You should also take note of the following:

·  Never use the same password on different accounts

·  Do not store your passwords on your hard drive

·  Change your passwords periodically

·  Never share your passwords with others

·  Don’t use pet names, birthdates, and other info that can be obtained elsewhere.

Surprisingly, most people know about these rules, but disappointingly, a lot of people simply overlook them, out of lousiness. Especially as each of us have several or even dozens of secure accounts (emails, social media, devices, …) to remember, we tend to neglect protecting our passwords, consoling ourselves that it’s always the next guy whose password will get hacked.

You might be right most of the times, but it only takes one incident to inflict irreparable damage to your data and life.

Lock screens

How many times have you been tempted to get rid of those pesky lock screens on your phone, smart watch or laptop computer? If you’ve either disabled locking mechanisms or extended the timeout period on most of your devices, know that you’ll regret it the next time your gadget gets stolen. But then, it’ll be too late. It pays in the long run to be a little patient and prudent and enter your password a couple of more times during the day. Lock screens go a long way to ensure that you’re safe when the unexpected happens.

The more tempting the offer, the more the reason to avoid it

While perusing the internet, you’ll face a lot of tempting offers, ads that will promise to reward you if you click on them, pop-ups that congratulate you on winning a competition that you’ve never participated in, or scary messages that warn you that you need to update your computer or change your account password.

The general rule of thumb is that every link is harmful unless proven otherwise. The same goes for email attachments. Ok, I don’t mean for you to become overly paranoid, but you really have to be careful when dealing with links. Never click on anything unless you totally trust it. And always make sure your computer or handset has an up-to-date anti-malware software installed on it.

As for your browsers, make sure you disable or uninstall plugins that are prone to being used as launch points for cyber attacks. The Flash Player add-on (Adobe flash player) is one such plugin.

Software updates

Always keep your operating system, browser, antivirus and other software up-to-date. Most vendors regularly offer patches and security updates for their products. Never underestimate the value of these updates. They usually contain fixes for zero-days and newly discovered vulnerabilities. Not installing updates means you’re leaving your system open to attacks through well-known security holes.

Keep backups of your data

Keeping regular backups of your data outside of your computer has many benefits, especially for disaster recovery situation. But it is also important from a security perspective, as some breeds of cyber attacks, such as crypto/ransomware attack, target and corrupt your data in order to spite you or extort you out of your money. In such situations, having backups of your data can save you time, money, and headaches.

Don’t put your trust in the cloud

If you’re going to keep your backup in a cloud server, my recommendation is to encrypt them on your own end before uploading them, even if your provider maintains to encrypt all user data. Cloud providers are one of the hottest targets of hack attacks, and there are too many cases of hackers obtaining decryption keys to cloud data. Under such circumstances, having an extra layer of protection can make you immune to the possibly disastrous results of your provider’s negligence.

Over to you

The first rule in cyber security is that there’s no such thing as a totally secure system. But by adhering to these basic rules, you can rest assured that you’re immune to most types of attacks and will convince the potential hacker to go prey on someone else (let’s hope that someone else has also read this post).

Adapted from https://bdtechtalks.com/2015/12/04/cyber-security-101-simple-measures-everyone-should-adopt/ for use by U3AA Computer Classes on 17 May 2017