Unfortunately, every user of a computer or mobile device today faces the real danger of an attacker remotely, for example, locking the screen or encrypting all content. He will then want to pay a lot for the password, and even then you are not sure that he will give it to you. Or remotely install a program on your device that will read emails, SMS and other confidential information. In the same way, someone can siphon your saved money from your bank account via your computer. We don't want to scare you unnecessarily, but these and other similar things really happen quite often. Malware, ransomware, but also phishing and other technical and non-technical threats are to blame. It is not necessary to know what they are called, rather we want to advise you on what you can do to reduce the likelihood that your computer, laptop, mobile phone, tablet or even your TV will go bad. This applies to all devices that are connected to the Internet.
Jan Kopřiva is responsible for a team that takes care of computer security and monitoring of security incidents at large companies. He works in a company ALEF ZERO, which has been providing its customers and partners with comprehensive technological solutions in the areas of corporate networks, data centers, cybersecurity, data storage and backup, as well as public cloudJan Kopřiva also trains experts from a number of companies on how to work with data securely and protect it from attacks.
Staying on the edge of a safe internet
Before we get into the rest of the tips, it's a good idea to look at the first basic rule: observe "cyber" hygiene. Technical measures are only secondary. In the first level, security is always about how the user behaves. An analogy with the physical world can be used nicely. When a person does not have his hands and goes to places with high crime in the dark, sooner or later he is very likely to be robbed and may catch an unpleasant disease. Good hygiene must also be observed on the network, which in itself can protect the user a lot. Technical measures are more of a supplement. People who behave irresponsibly, the best security tool will most likely not be able to protect.
Be cautious even when opening common e-mail attachments
For most regular users, one of the main avenues through which they are most at risk is email. For example, they may receive an email pretending to be a notification from the bank, but the link contained in it may be aimed at a page created by an attacker instead of the bank's website. After clicking on the link, the user will be taken to a website through which the attacker can either extract confidential data from the user or launch some kind of cyber attack from the user.
Likewise, an email attachment may contain malicious code or code that downloads something malicious to the computer. In this case, in addition to antivirus, common sense will protect the user. If someone receives information that they have won a lot of money in a lottery for which they never bought a ticket, and all they have to do is fill out the attached questionnaire, it is likely that something will pop up from that “questionnaire” the moment the user opens it. Even before clicking on seemingly harmless attachments such as pdf or excelIt is therefore worth thinking about these files, because with their help, attackers can also do very unpleasant things to your computer.
It is certainly also advisable to refrain from thoughtlessly clicking on links in e-mails, especially if the user is not 100% sure that the e-mail is really from the sender he claims to be. It is better to manually type the given link into the browser, for example the e-banking address. If anything comes in that looks potentially suspicious, it's a good idea to verify through another communication channel that the user, whether a friend or a bank, actually sent it. Until then, don't click on anything. Attackers can also spoof the sender of an email.
Beware of automatically loaded remote content
Suspicious attachments can also be checked on publicly available scanners before you open them and cause irreversible damage. One of them is, for example www.virustotal.com. There, however, it is necessary to take into account that the given file and its content will continue to be publicly accessible in the database.
The good thing is that most mail servers already have a spam and phishing filter built in, so the user doesn't have to set up or install anything. Although the mails reach the inbox, they are already filtered and marked as dangerous. It's definitely not a good idea to click on those for no reason. It is also very useful to turn off the automatic loading of remote content in email messages. As part of the remote content, images can be loaded as well as other things that can be harmful. Most email clients already have this automatic loading turned off, but it's a good idea to check it and turn it off manually if necessary.
It is also useful to know that simply reading the email usually does not cause anything harmful. Clicking on a link or opening an attachment is dangerous.
Patching will also help
Another common source of attacks is the web browser and other Internet-connected programs. Many Internet attackers often use already known vulnerabilities of often widespread browsers and programs. That's why it's important to keep the software on your computer up to date. In this way, the holes are so-called patched and attackers can no longer exploit them. Once a user has a patched system, they are protected from many attacks without doing anything else.
For the average home user, if an update for the browser, Acrobat Reader, Flash or other software is released, it is usually a good idea to install it. But you also need to be very careful so that a fake message about an update does not pop up on the display, which is, on the contrary, risky, because people can download something harmful to their computer through it.
However, patching does not protect against all risks, which is why many people install additional tools in their browsers. For example, many users use adblock, which blocks ads. When ponePutting aside the ethics of its use, its other effect is that it also increases security, as it often blocks the loading of potentially malicious content. Another add-on worth considering is a program that can block the execution of scripts from sources other than the page we are looking at. These are tools for more technically savvy users, but they can definitely help.
It is also good to think about mobile phones
When talking about data protection, most people think of the computer. They should also think about mobile phones. These are also connected to the Internet and we have a lot of important and confidential information on them. According to the company McAfee, which deals, among other things, with the protection of electronic devices, almost two million new types of malware for mobile phones were discovered in the first quarter of this year alone. They register a total of over 25 million.
Apple has an operating system so locked down and restrictively built that it limits the options given to applications and thus essentially protects data by itself. It also occasionally shows some vulnerability, but it generally provides Apple good security without needing additional antivirus or other security programs. If however iOS it won't be updated for a long time, of course it's just as vulnerable as any other system.
It's more complicated with Android. Many phone manufacturers modify this most widely used operating system, which complicates updates. Android generally gives users a little more permission than iOS. Mobile devices with the Android operating system are also very common targets of attacks. For these reasons, it makes sense to consider antivirus or other similar protection for Android. It is a good idea to consider some protection for all devices connected to the Internet, including smart TVs.
Antivirus and firewall are enough even in the free version
When it comes to IT security, most people immediately think of antivirus and firewall. It's useful to know that their operating system often already has them. Most users use operating systems from Microsoftu. Some newer versions Windows they already have fairly good antivirus protection built in. The operating system is also well protected from Applu. However, if there are no updates for an older version of operating systems or other programs, they are a big risk. These are the easiest to attack. Unfortunately, old operating systems without patches, updates, and antivirus can be found not only in individuals, but also sometimes in corporate IT, especially in smaller organizations.
It certainly doesn't hurt to get additional protection, such as a better firewall, antivirus, anti-ransomware, software IPS and other possible security features. It depends on how technically proficient you are and what you do with your devices. However, if we go back to the average user, antivirus and firewall are mainly important. If the operating system does not include them, or the user does not want to rely on the integrated tools, they can be purchased additionally, both in commercial, freeware or even open source versions. variaIt can cost a relatively large amount of money, but it doesn't have to be. For most people, if they practice good computer hygiene, freeware is often enough. variaThis may mean that you do not take programs from one supplier, but combine several.
Finally, it is worth adding one more important tip. It may seem completely obvious, but many users forget about it and when they remember, it may be too late, because their device can be hacked and the data blocked, deleted or encrypted. This tip is to simply back up the information that is valuable to you. It is best to have your data backed up multiple times and in multiple places, ideally in cloudphysically.
