The way media talks about hackers in 2017, it would be easy to believe they are under the floorboards just waiting for you to leave your computer unattended. In just the last few weeks, a cybercriminal known only as TheDarkOverlord held Netflix to ransom after stealing season five of Orange is the New Black, and researchers hijacked a robotic arm to prove that even the hardest working machines are not safe from malicious computer users.
While it is true that hacking attacks are on the rise (74 percent of UK organisations suffered a breach of some kind in the year between February 2015 and the same month in 2016), a person’s susceptibility to online attacks, viruses and concerns like phishing are determined by three factors: the sites they visit, the files they download and the links they click on. Put another way, a person can help themselves enormously by modifying their behavior and learning more about online security.
There are always going to be some threats that fox even the most computer-savvy person though. For example, Distributed Denial of Service (DDoS) attacks can take down entire networks (like WordPress) while SQL injections take advantage of vulnerabilities in the computer code that might have been written and forgotten about a long time ago. So, with both beginners and experts in mind, here are five ways to avoid the attentions of cybercriminals.
Beat ransomware with deception
Ransomware simply prevents a users accessing their files while demanding a fee, often in bitcoins, to restore normal functionality. However, security solutions exist that place “decoys” in a computer’s file system so that a ransomware is tricked into attacking the dummy file rather than sensitive pieces of data. With the average ransomware incident taking at least two days to fix and 40 percent of US businesses affected in 2015, it is hard to overstate the value of safeguards against this particular threat.
Be wary of public Wi-Fi
A 2016 article from Android-focused blog Android Authority describes users who connect to public Wi-Fi as “completely exposed”. Using a piece of software called a packet sniffer, eavesdroppers can collect Wi-Fi signals from places like coffee shops and analyse them to find instant messages, passwords, email addresses and even entire webpages. Public Wi-Fi is a shared and unsecure space – you are connecting to the Internet along with every other person nearby. So keep in mind that everything you share can be seen by anybody with the right tools. If you have to check your bank balance, use your phone’s mobile data instead.
Passwords, passwords and passwords
Having no password at all offers about the same level of security as ones like “123456”, the digital padlock of choice for 17 percent of Internet users. The staple advice is to use a password that has a mix of upper and lower case, symbols, numbers and letters. Alternatively, try acronyms and mnemonics — the phrase “I love my password” could become “IluVmyPASSw0rd!” It is both easy to remember and very secure. “123456” takes less than a second to crack but our more complex example would take a computer 16bn years to guess.
Use two-factor authentication
Enabling two-factor authentication on a social media account, for instance, means that the user must confirm their identity with a phone or tablet in addition to a password whenever they log in from a new location. The process can be a colossal pain to use (deleting cookies triggers two-factor authentication), but it can also make accounts almost impervious to intrusion — provided the password and device are not stolen together. It may also create peace of mind; a 2015 survey published on Entrepreneur.com suggests that enabling two-factor authentication made 86 percent of 2,000 people surveyed feel more secure online. Facebook, Google, Steam and Apple all support the two-factor authentication.
Keep software up to date
As mentioned earlier, hackers use vulnerabilities in code as a way into a computer or database. For that reason, software that connects to the Internet – like Java — is often updated or “patched” to plug security holes. A patch released by Samsung for its Galaxy phones this month fixed 65 problems that could allow a hacker to reset a handset and/or disable GPS on locked devices. Any phones that are yet to be updated are still vulnerable. If you absolutely cannot be bothered to keep up with Java updates though, uninstall it.
So, there you have it; five ways to keep hackers’ fingers out of your machine – with no need to pry up the floorboards.