It has never been easier to be compromised via malicious attackers than it is today. Follow these tips to protect yourself from hackers.
Video above: These hackers penetrated companies like Nokia and Fujitsu. They reveal how they turned their illegal hacking into a career. Full episode on SBS On Demand.
I have had over two decades working in cyber security and it has never been easier to be compromised via malicious attackers than it is today. New attacks and techniques are coming out all the time and with our reliance on technology, for both home and work life, being cyber security aware has never been more important.
However many of the ways hackers gain access could be prevented so here are my top tips on ensuring you protect your systems in your household and organisations.
Tip 1: Use more than just a password, aka two-factor authentication
Two-factor authentication (2FA) is a security feature available on all good platforms (eg. Microsoft and Google etc) that gives you an extra step to login or take actions. It’s another layer of protection and stops cybercriminals from gaining access to your online accounts. Including when a cybercriminal has your password already.
2FA lowers the risk of being hacked by prompting you to provide additional information, ie. an SMS or App code when you log in. This checks you are you and that you have access to other systems you have told the service about i.e. Mobile Phone for example.
Most online services provide 2FA or multi-factor authentication. Turn it on everywhere you can. Start with the accounts that have the most importance (email and social media etc.)
Tip 2: Good password choice
Most people who online understand we need passwords that are “strong”, and that they should not be easily guessable nor should an attacker be able to use large lists to guess (this is called brute-forcing) the password. To protect against this we need to have long and random passwords.
We also need to ensure the password is unique for each service we sign in to and we can’t reuse any of the passwords (as if one service is hacked it puts your other accounts at risk also).
As we are not computers ourselves we need a tool to create and store strong and unique passwords on all the services we use. This is what a password manager does for us and it helps us create, store and recall passwords when we login to website, app or service again.
My company highly recommends Lastpass.com or 1password services as a tool for good password management.
Tip 3: Antivirus (anti-malware)
An antivirus product detects and removes viruses and malicious software from your devices. Malicious software (now called malware) harms computers and laptops, and your data. You can be infected by malware that’s in an attachment via a dodgy email, or via USB drive, or when you are simply visiting a malicious website that uses vulnerabilities in your out dated software.
Malware can perform many acts but often it steals your data, encrypts your data (ransomware) so you can’t access it, or erases it completely.
So it’s still really important to use antivirus (anti-malware) software and keep it up to date to protect your data and devices.
Choosing antivirus is hard and everyone has a preference. Anti-virus technology has changed a lot over the years and running a modern antivirus solution is absolutely critical. Many people just want something that works in the background, self-updates and doesn’t use a lot of computing resources.
My company uses the Cylance solution and we have found it to be very effective in finding and preventing malware on systems.
Tip 4: Software updates
Cybercriminals regularly exploit vulnerabilities in old software and apps to access your personal data. As vulnerabilities are discovered the software providers release regular updates, these updates fix weaknesses, so criminals can’t access your data.
So ensuring you are running the latest versions of software, apps and operating systems on all your devices (phones, tablet, smart devices in the home and of course laptops/computers etc.) Set them to automatically update so you don’t have to think about it.
Tip 5: Broad home protection – DNS filtering
Domain Name System (DNS) filtering is the technique of preventing your systems in your house from visiting known bad web pages and IP addresses that are marked as malicious.
Once enabled, you can browse the Internet with the protection that the filter will largely prevent you from visiting already known marked malicious websites. When you, or anyone in your home, visits a blocked site a “block page” will pop up and alert you to the attempt and explain the cause of the block. This type of protection, when done at your home internet gateway, allows protection for all computing systems in your household that use the Wireless network for example.
There is some set up required but it is quite well documented on the services respective web sites. We utilise and recommend the OpenDNS service which has free services to help protect the family home.
Stay safe online.
Chris Gatford is the Founder and Director of Hacktive.io in Sydney, Australia and performs penetration tests for organisations all around the world.