OPINION: Ten simple security measures against attacks originating from the Internet

Thorin McLoughlin is an IT Consultant in Carlow

Darren Hassett

Reporter:

Darren Hassett

Email:

news@carlowlive.ie

Carlow Carlow Carlow

File photo

Many users' computers that are used to surf the Internet are not sufficiently protected against the threats of the online world. This is exploited by criminals who infect such computers with malware and exploit it for their own benefits.

This may cause you significant damage. For instance, criminals can delete or spy on your information, order goods in online shops in your name and at your expense, tamper with online banking transactions or block your access to your bank account.

Also, the criminals can make your computer part of a botnet and use it for carrying out cyber-attacks on businesses or other institutions and for the distribution of spam e-mails.

There is unfortunately no one hundred percent protection against these threats. However, to limit the risks as much as possible, you can do a lot yourself.

If you implement the following precautions, you will already increase the security of your computer and your safety on the Internet considerably.

The first four recommendations ("core recommendations") should be implemented in any case.

The other recommendations are supplementary measures that you can use to reduce your vulnerability to cyber-criminals and to take preventative measures to improve your Internet security and reduce possible negative consequences.

Generally, all measures are easy to implement, even for non-professionals. If you still don't feel confident in doing so, you should consult Deycom in Carlow who can help you.

Core recommendations

1) Ensure that your software is up to date

Use current versions of the operating systems and the programs you have installed. If possible, use the automatic update feature, which often is the default preference. If this is not set up, update your software immediately, especially your web browser and operating system. Remove any programs you do not need. The fewer applications you use, the smaller the attack surface of your entire system.

2) Use virus protection and firewall

In the most popular operating systems, virus protection and a firewall are built in, which even in the standard configuration make attacks from the Internet more difficult. You should activate these or use a virus protection program from another provider.

Remember that this measure can only be effective as an accompanying measure. Its use does not reduce the importance of the other tips in this guide. Do not let activated virus protection or the firewall mislead you into being careless; they do not necessarily guarantee complete security.

3) Create different user accounts

Malicious programs have the same rights on the PC as the user account through which they entered the computer. You should therefore only work with administrator rights if absolutely necessary.

Set up different, password-protected user accounts for all users of the PC. For these accounts, only assign the permissions that the user needs for his or her work. This will also protect private files from being accessed by other users. Surf the web with one of the restricted user accounts, not in the role of administrator.

4) Be cautious about sharing personal data

Online fraudsters increase their success rates by addressing their victims individually: Previously stolen details, such as surfing habits or personal names, are used to inspire confidence. Personal data is considered a commodity on the Internet today and is traded as such.

The unwitting disclosure of personal data in public networks should also be avoided. If possible, use a VPN (Virtual Private Network) connected to your home network in public WLAN hotspots, as otherwise unencrypted transmitted data can be read by third parties. At the same time, a VPN also protects against a number of other attacks on your computer and the data stored on it.

Complementary measures

5) Use a current-version web browser

Turn off components and plug-ins in your browser settings, that you don't need. Advanced settings (including "private mode," "clear history," "do not allow third-party cookies") reduce the amount of sensitive and private data stored that might reveal information about you and your behavior on the web. Use an ad blocking mechanism to protect yourself from malvertising, the spreading of malware through advertisements. For especially security-critical websites, such as for online banking, first enter the addresses by hand in the address line of the browser and save the address entered in this way as a bookmark, which you can then use for secure access. 

6) Use different passwords that you should change if necessary

Keep all passwords and usernames safe and change any passwords that may have fallen into the wrong hands as quickly as possible. Use different, unrecognizable passwords for different applications and change the default passwords set by the manufacturers prior to initial operation.

It is important that you can remember a password well. The general rule is: the longer, the better. A password should be at least 16 characters long, should not appear in the dictionary and should consist of upper and lower case letters as well as special characters and numbers.

Where two-factor authentication is offered, you should use it to secure access to your account. A password manager, such as keepass, can make it easier to handle different passwords. Last but not least, do never give your passwords to third parties.

7) Protect your data through encryption

Transfer your personal data exclusively via an encrypted connection, for example by using the secure communication protocol https. You can recognize this by the Internet address you call up, which always begins with https, and by the small closed padlock symbol in the address line of your web browser. If feasible protect your confidential e-mails through encryption.

If you are using wireless LAN (WLAN) transmission technology, pay particular attention to the encryption of the wireless network. In your router, select the WPA3 encryption standard or, if this is not yet supported, WPA2 until further notice. Choose a complex password of at least 16 characters.

8) Be careful with e-mails and their attachments

If possible, avoid displaying and creating e-mails in HTML format and be careful when opening e-mail attachments. These two tips are especially important for e-mails whose sender you do not know, because malware is often spread via images or file attachments integrated into e-mails. If in doubt, check with the sender to see if the attachment actually came from him. However, do not use the contact details provided in the e-mail. They could be forged.

9) Only download data from trustworthy sources

Be careful when you download something from the Internet. Before downloading programs, make sure that the source is trustworthy. If possible, use the manufacturer's website to download them.

10) Make regular backups

If the PC is infected despite all the protective measures, important data can be lost. In order to keep the damage as small as possible, it is important to make regular backups of your files on external hard drives, USB sticks or DVDs. These data carriers should only be connected to the PC when necessary. Also cloud services can be used for encrypted data backups.