We all know that cyberattacks are becoming more and more common, from the WannaCry ransomware to NotPetya. With so much information available on what to do after a data breach, it is crucial to stay up-to-date with new techniques and technologies. However, most of this knowledge focuses on after a breach, not what steps to take before an attack occurs.
Here are some basic tips when defending your system against possible threats:
1) Change default usernames and passwords
Most network equipment manufacturers enable their devices by having a default username and password combination. That makes it easier for users who want to set up their equipment without any further input. But it’s also very dangerous as attackers will certainly know these usernames and passwords by default.
When was the last time you changed your primary router’s username and password? For routers, Smart TVs, computers, mobile phones; everything! You should change those on all of your devices as soon as possible according to RemoteDBA.com.
2) Enable two-factor authentication (2FA) – 2 factor authentication means that an extra piece of information is required to verify your identity before you can gain access to a service. One example of 2FA is when you want to log in on a website and are requested for an extra code that has been sent to your mobile phone, forcing the user to be physically present wherever the device is located. Although most websites nowadays encourage their users to enable 2FA, such as Google and Facebook, many services exist that don’t have this feature enabled (most notably routers). Enable it wherever possible!
3) Use strong passwords – Are your passwords also ‘password’? Too short? Then they are too weak! A good tip would be using long sentences instead of random words, but these aren’t entirely secure either and can be hacked with a tool designed for this purpose (e.g., Jack the Ripper). A much better option would be to use a combination of uppercase and lowercase letters, numbers, and special characters to create your password. However, avoid using any dictionary words as well! That makes it easier for hackers to crack them by running through known wordlists or dictionaries.
4) Update your system regularly – I’m sure you already know that it is essential to update your system with the latest security patches constantly, but do you know why? Hackers are continually looking for new vulnerabilities in commonly used computer programs and exploit these weaknesses before manufacturers have been able to patch them.
Ensuring that you constantly update your operating system, applications, and other software as soon as new versions are released will decrease the chance of hackers targeting your systems.
5) Use a reputation filter – The internet is home to millions of dangerous websites that may contain malware or phishing scams. Although antivirus scanners can detect these threats, scanning each webpage before you visit it would require an extremely high amount of resource consumption on your device, slowing down the web browsing experience beyond acceptable levels for most users.
To resolve this issue, implement a domain name system (DNS) reputation filter in front of your existing security solution. A DNS reputation service uses data feeds from third-party companies that monitor unsafe sites all over the internet and updates their list regularly with new findings. These services can then block malicious domains from infecting your computer and report their findings back to you, allowing you to decide whether or not you should visit the site.
6) Use adblockers – Web advertisements spread malware (malvertising), such as ransomware, encrypting all your files, and ask for money in return for the decryption key. Although most people would agree that these ads are annoying, can you risk losing access to your data?
Several companies have created advertisement blocking software configured by default to block any potentially harmful advertising content before it even reaches your system. Not only will this make browsing online a lot safer, but it will also speed up web page loading times by removing unnecessary items from pages! The three major providers of this software are AdBlock, Adblock Plus, and uBlock.
7) Log out when finished – Security-conscious users will immediately log out of their accounts when they have finished using a public computer or shared device. Although everyone should follow this practice to stay safe online, it seems underused as about 83% of people keep an active session for more than 5 hours! It takes no effort at all to close your browser instead, and even if you don’t do so every time, at least try logging off if you’re going away for minutes or so! It reduces the exposure window if malware runs on the system that could spy on your account’s credentials while you’re away from your own trusted devices.
8) Use advanced threat protection – Once you are sure that your system is free from any malware or other suspicious items, it’s time to protect yourself against future attacks. Advanced threat protection is a one-stop solution that can block all attacks, including zero-day exploits and sophisticated polymorphic malware. Tata Communications’ Web Protection Gateway (WPG) provides superior protection against all types of threats by using its cloud-scale security infrastructure to redirect, inspect, filter, and remediate internet traffic before the information can reach your business network.
The easiest way to do this is by storing all these files on an external hard drive or a thumb drive and connecting it to your system whenever required. Although this seems like a simple task, most people don’t bother backing up their data regularly due to the time and effort involved in the process. This is where cloud services become very useful. They can automatically backup any files stored on a server in different locations every day without you doing anything about it!
9) Make backups – You should always keep an updated backup of important data such as documents, photos, and music if something goes wrong with one of your devices.
10) Regularly reset passwords – To ensure that hackers cannot access your account even if they steal your login credentials, you should make use of password management software and change your passwords frequently, preferably every month. Both Microsoft and Google provide free security tools that can generate strong random passwords for all of your online accounts so that you don’t have to remember them. If you are the victim of a cyberattack, don’t panic. You need to take some time and assess the situation first. Take note of what happened to Keller Lenkner Data Breach and how they fixed it, but also make sure that you are ready for any other attacks coming your way by taking these steps to ensure security in the future.