Tuesday, 12 May 2015

12 computer security tips

The bad guys can try to break in using computers only or they can try to trick you into providing them with access. Or they can use a mixture of tactics. Let's consider two main types of attack:

* Technical – breaking in via computers only
* Human – tricking people into aiding the attack

For the technical attacks you might consider the following, in order of priority/effectiveness:

  1. Update your applications and operating system – if there are no known security holes present on your computer it makes it very hard for an attacker. We (Dennis Technology Labs) ran a test [PDF] in which updating Windows alone made a massive difference to a target’s exposure to online threats.
  2. Use different usernames and passwords for different internet accounts – even large businesses on the internet suffer successful hacking attacks and this may mean your account details being stolen and sold on the black market. It’s trivial for a hacker to try to re-use these details on other sites to make the most of their gains. You can’t stop the breaches or the thefts but you can minimise the risk to yourself if/when they happen.
  3. Use anti-malware with a software firewall – these programs stop known malware and network attacks. Update these religiously for maximum effect.
  4. Use a Virtual Private Network (VPN) when using public WiFi – this will protect your personal information, such as what websites you visit and, in some cases, even your usernames and passwords from being spied upon by those will control over the WiFi. (And don’t assume that only those who own the WiFi network have control over it.) This advice applies equally to PCs, Macs and mobile devices. F-Secure’s Freedome provides a very reasonably-priced and effective solution – it’s around £20-£30/year (depending on which version you need) for unlimited use and works on PC/Mac/iOS/Android.
  5. Enable your broadband router’s firewall, if it isn't on by default, and turn off remote administration – there are automatic attacks that will hack routers with remote management enabled, and these attacks can ultimately steal your online banking information etc. by hijacking your connection, even if you run anti-malware software etc. on your PC/mobile device.
  6. Install anti-exploit software such as Microsoft’s EMET – these programs can prevent attacks that exploit largely unknown/un-patched vulnerabilities.
  7. Consider setting up a guest WiFi network at home so that friends, baby-sitters etc. can use your connection without exposing your own computers to their potentially-infected devices. Here’s a cheap method (around £10).
For the human side you can do the following to make a big difference:
  1. Backup your data. Some modern malware encrypts victims’ files and extorts money for their recovery. In many cases even experts are unable to regain access to encrypted files. Some online backup services, such as BackBlaze, store older versions of files, which is useful if you want to recover files from before an attack.
  2. When installing mobile applications check that you trust the publisher and that the program is not asking for too many/inappropriate permissions. Does that compass app really need access to the internet and your address book?
  3. Avoid clicking on links in email messages. It’s safer to log straight into a website rather than assume embedded links lead to where they appear to.
  4. Do not run applications, such as updates, that arrive as email attachments. This old trick is still being used by criminals to trick victims into installing malware.
  5. Avoid pirated files and applications designed to generate license keys for commercial software. Aside from the moral issues involved there is also a good chance they will contain malware.