As computers intrude deeper and deeper into our everyday lives, it starts becoming more important to have, at least an elemental, understanding of the level of risk we are being exposed to.
We hear more and more about cyber attacks, hackers and hacking, but what are they?
In recent months we have had major companies around the world admitting that their systems have been hacked. Amongst others these include Microsoft, Google, Twitter, Facebook and Yahoo to name just a few, and while they all assure us that our data is secure they themselves have no means of knowing that is the case! Certainly once passwords have been obtained there is no security of data and several of these companies have recommended that we change passwords.
In days gone by we thought we could keep our computers and information safe by installing a good anti-virus program and that was that. Alas, the days of young people creating some soft-ware that created havoc simply to prove that they were good programmers, are past.
The “viruses” we see today are criminal in intent, aimed at getting information about us, our bank account numbers, credit card details and the like. While to a degree we can protect against our own computer being hacked for information, we are unable to protect ourselves from one of those companies with whom we deal being hacked.
All the anti-virus programs around are mainly reactive and dependent on recognising signatures. This means that they protect against what is already known with a very limited ability to predict that something is evil.
Rushing out and buying the most expensive anti-virus and internet security software has little advantage. Microsoft Security Essentials is a free download and to all intents and purposes as effective as any of the others.
A few rules
1. Regularly clear “cookies” and browser cache, including form data.
This does make browsing a bit more difficult, as you will need to remember log ins and passwords, particularly important on laptops as they are more vulnerable to theft.
2. Avoid doing sensitive work when logged in on an insecure network.
For example a WiFi hotspot! As, is the case with all wireless, it is possible to tune in to a frequency and record everything that passes, regardless of the security!
3. Credit card and banking fraud (we call it identity theft) is often dependent on knowledge of your personal information … full names, addresses, date of birth, place of birth, mothers maiden names etc. Avoid recording this information on your computer or on social networking websites like Facebook. If you are completing a form on the Internet and it asks you date of birth … consider if they have a right to that information, and if you don't think so give a false date of birth!
4. If you receive a phone call from some one pretending to be from Microsoft telling you about errors on your computer … simply put down the phone … Microsoft do not contact you unless you first contact them. It has been seen that more people give away critical information in response to this phone call than are actually hacked, and give the caller remote access to their computer!
5. Develop sound passwords. A good password contains capital letters lower case and numbers. My minimum length is 12 digits. Everyone finds this difficult however there is an easy formula. Choose a date that you will always remember … not your date of birth or marriage. For example 15012001 now add a four letter word, for example, “good”
now create the password by capitalising the first two letters. This would give us 15012001GOod. Your second variation could capitalise the middle two letters and the third variation the last two letters. Generally I consider three variations sufficient.
Your safety and security rely on you being a sceptic, and not a trusting soul. Not all new developments in computing are for your good!