- This topic has 0 replies, 1 voice, and was last updated 1 month, 3 weeks ago by Oghenemarho.
February 9, 2020 at 3:26 pm #85517Participant@oghenemarho
The online world we live in today is a scary place. Almost every other day the news is littered with stories of successful cybersecurity attacks against the IT infrastructure of massive companies, state governments or even entire countries. According to several sources, there is a hacking attempt every 39 seconds and over 40% of all cyberattacks are focused on small businesses. It was also estimated that cybercrime cost businesses over $2 trillion in 2019 and 66% of these businesses aren’t confident they could recover from cyberattacks.
If those kinds of entities with their massive budgets for information technology security and their dozens of trained cybersecurity staff suffer these kinds of intrusions from malicious hackers, then what chance do you stand against these attacks. Well, the answer is that you stand a pretty fair chance, as long as you do the right things and don’t leave yourself vulnerable. Although almost every computer system is a fair target for hackers, they usually tend to focus on systems that are easy to attack or networks that they know will contain information that they consider valuable. The less you leave yourself and your computer exposed, the less obvious of a target you are for malicious actors.
Microsoft’s Windows is the most popular personal computer operating system in the world and because of that, hackers are always looking for ways to exploit weaknesses in it due to the potential number of people they can affect if they discover and exploit for it. Here are some steps you can take to reduce your exposure if you’re using a Windows 10 PC:
Passwords can be annoying to always remember but they are a necessary annoyance, especially in today’s world. Having a secure password is the first deterrent to intruders, whether local or online. The guideline for creating strong password usually recommend that it be at least 8 characters or more; use a combination of uppercase & lowercase letters, numbers, and symbols; not be a word that can be found in a dictionary; and not be the name of a person or a popular entity such as a character, product, or organization.
In Windows 10, if you are setting up your PC for the first time, you will be asked to set a password or pin code for your device but if you skipped this step, you can still set one up by going to Start Menu > Settings > Accounts > Sign-In Options and choose one of the available options there to use in securing your PC. Also, on this settings page, you can set how long your PC can remain idle before requiring you to sign in again. By configuring these two options, you have put in place the necessary protections against intruders physically accessing your computer without your permission or when you’re away from it.
Password protection also extends to your online activities. When registering for online services, avoid using the same passwords or ones that can easily be guessed like your name, a family member’s name, dates of birth, locations. There are a number of password managers like LastPass and DashLane that you can use to generate and save really strong passwords for each online service that you’re registered to. The advantage of using them is that you’ll only need to remember one password (for the password management service itself) while the password manager will do the job of entering your login details securely on any website you have registered for and want to access. No more forgetting and resetting passwords every time you do so.
The purpose of a firewall is to monitor and control the flow of incoming and outgoing network traffic based on a set of predefined rules. By doing this, the firewall protects a system from an intrusion attempts on an untrusted network or the internet.
Because of the importance of this role in the increasingly connected world we live in, rather than relying on whether the network you connect to has its own firewall to protect clients, Windows and most other operating systems have decided to include host-based firewalls in their operating systems. This means that simply by running a Windows operating system, you have a firewall to protect your online activities. However, it is possible that it may have been disabled by a program or even a hacker. You can check the status of your firewall on Windows 10 by going to Start Menu > Settings > Update & Security > Windows Security. In that settings window you’ll see a summary of the major protection areas that Windows 10 monitors, including your firewall. If the firewall is disabled it would be marked with a red X. In this case clicking on Firewall & network protection will open up a window where you can turn on the various firewall options available.
That’s pretty much it for the average user but if you want to dive deeper into your firewall settings and change the existing rules for monitoring traffic, you can click on the Advanced settings link at the bottom of the page to access the inbound & outbound rules for the Windows firewall. If you would prefer an alternative to the default windows firewall, there are other options that perform similar functions with additional features like GlassWire and TinyWall.
Your antivirus software also plays an important role in securing your PC against attacks, both local and online. Windows Security (formerly Windows Defender) comes installed with all versions of windows 10 and handles virus protection, firewall management, account protection, app & browser security as well as general health and maintenance for your PC. It also runs scans periodically to ensure that nothing harmful has made its way t your computer without your notice. If it detects any viruses or similar threats, it will quarantine them and alert you to their presence leaving the final decision to remove them to the you.
Several other antivirus applications suites exist that perform similar functions to Windows Security such as Avira Antivirus, Kaspersky Internet Security, Avast Premium Security, ESET Nod32 Antivirus, just to name a few. The choice for you is based on whether you’re willing to pay extra for their perceived value as opposed to the default option but whatever your decision the important thing to note about all antivirus applications is that they require constant virus definition updates. This is what enables them to detect the latest malware and virus attack patterns and protect you against them.
Emails & Unsafe Web Links
Spam emails have been a problem for a long time but today it has evolved from an annoying marketing tool to an effective means for hackers to perpetrate phishing attacks on unsuspecting users. It’s commonplace to receive random emails with tempting titles trying to prey on your curiosity, ignorance or greed and asking you to click some malicious link. Sometimes these messages are even made to look like they came from a trusted colleague or family member making it more likely for you to click that link or download that attachment. Once you do, you’ve fallen victim to a phishing attack and either given away very sensitive information like credit/debit card information or account login details, given a hacker backdoor access to your pc and online systems, or enabled the installation of ransomware on your system and probably that of others who are on the same network with you.
In 2019, an estimated 91% of cyberattacks began with phishing and it accounted for 90% of data breaches. The reason it is so effective is because it is a social engineering technique targeted at human beings rather than computer systems. Therefore, the best way to combat it is through raising awareness and training people to recognize the signs and stay alert. Avoid and delete immediately any suspicious email from persons or companies you have never interacted with or expected information from. Do not click on any links in these emails or open any attachments that come with them. Even if it appears to come from someone you trust but the content is suspicious, try to confirm from the sender through another means (a phone call or instant message) before you consider opening it. Sometimes our email services automated security systems will recognize these emails for what they are and block them, but the constant changing nature of these attacks means that they can’t get all of them. So be vigilant.
Physical Security & Backups
This is just as important as all the other measures because of the number of attacks that can happen when someone has physical access to your computer. Leaving you PC logged in and unattended to means anyone can use it and install or steal whatever they want. So if you have to leave your PC even for a short period in time, remember to log out by pressing Windows Key + L and when you’re back log back in by entering your password.
Another possible source of malicious attacks is USB sticks. They are an easy vector for installing malicious code and care should be taken about which USB drives are connected to your PC. Windows 10 doesn’t allow programs to run automatically from external devices, so it’s left to you to not click on any suspicious files or applications from any usb stick connected to your PC.
Finally, backups are necessary for securing your data in case of a ransomware attack, hardware failure or malware that deletes important files. Cloud backups can be done using Microsoft’s OneDrive which comes installed with Windows 10, or alternatives like Drop Box and Google Drive. You can also make use of an external drive using the back up option available in Windows settings.
Implementing the above steps and recommendations will definitely make you and your system a less likely target for hackers and malicious actors looking to exploit weak systems. However new approaches to breaking down these defenses are being discovered everyday which is why, in addition to doing all the above, one must always remain vigilant and keep you ear to the ground for how to stay protected.
You must be logged in to reply to this topic.