There is over 600 million malicious programs in existence today, and each day additional
390 000 malwares are being created.
How do you possibly protect yourself from malware when it's present in such huge volumes?
You can become a victim of cyber attacks without even being a primary target of the actors.
It's like being caught in the middle of cross fire during armed conflict.
Since 2005 there have been at least 7,756 breaches, and that's just the ones that
were made public so far.
If you've owned a Yahoo account, your login credentials have been on sale on
the darknet since 2013, as details of about one billion Yahoo users have been stolen by
unknown hackers.
If you had a Google account in around 2010 you might have been trapped in the cyber espionage
campaign that was orchestrated against the search giant and 34 other US tech companies
in order to gain sensitive intelligence.
Companies are often reluctant to disclose their failure to protect their data, because
of fears of public outrage and fallout of shares prices.
You as an average user are just like an innocent civilian in the middle of a conflict zone
left to the will of those who are fighting.
With such a high frequency of successful breaches, clandestine nature of cyber warfare, and the
eternal uncertainty of your cyber security, the most rational outcome is to assume that
you are always a target for someone and that your security have been compromised.
Even if you can satisfactorily prove your integrity now, in the current cyber state
the best cyber security defense strategy is to assume a breach will eventually happen.
No matter how you prepare, if a skilled enough hacker wants to get you, they will get you.
The best you can do is to make sure they can't do anything once they manage to breach through
your defenses.
This is cyber warfare.
It's another addition to our capability to potentially destroy the world, alongside
other weapons of mass destruction such as biological weapons, chemical weapons, and
nuclear bombs.
But unlike with other types of destructive technology, cyber weaponry doesn't have
a non-proliferation treaty or containment agreement.
Just like with nuclear bombs at the begging of the cold war, everybody is stockpiling
their cyber weapons and nobody is bound by internatitonal restrictions on their usage.
But what's more troubling about cyber warfare that's not an issue with say nuclear weapons,
is that anybody can develop destructive capabilities.
Not just governments in advanced economies, but even small non-state groups acting for
their own interests.
Only a handful of states rich enough to afford nuclear technology have also developed nukes.
But anybody can become a hacker with potential to take down the whole grid overnight.
Successful hackers can be as young as teenagers.
Currently the cost of cybercrime exceeds $400 billion every year.
That number is going to soar to $2 trillion in 2019, and will hit $6 trillion mark by
2021.
This is, of course, excluding the potential ramifications of large scale attacks on critical
infrastructure.
Cybercrime is the biggest threat businesses face today, with around 20% of SMEs that have
become targets of cyber criminals.
This is to illustrate how futile it is to rely on a single product to protect your digital
assets.
Cyber security is not a product, it's a process.
There are no "ten tips to protect yourself from malware".
You have to redesign your mindset to be always prepared to defend your valuable part on the
cyber space.
If there's a commercial antivirus program that advertises to you protection against
99.9% of threats, even if that were true, you are still unprotected from 7,000,000 malwares.
There are so many vectors of infection that it's impossible for skilled cyber security
experts to cover them all, not to mention average users.
Fortunately, there are key basic principles around which most malware types are programed
and which you can follow to keep yourself protected against cyber threats.
You just need to understand these principles and implement changes to your protection against
malware accordingly.
In order for a program to be installed it requires administrative privileges.
Unix-like operating system architecture offers this option to you by default.
Most popular operating system based on Unix are Linux and MacOS.
Windows doesn't provide this separation, which is a problem.
It is strongly advised that you limit your usage of your device on root access as much
as possible.
Use non-admin accounts whenever you don't need to install new software.
On Linux, installed programs do not get administrative privileges unless you specifically approve
it by entering your password.
So even if a malware infiltrates your computer, you would have to grant it root access in
order for it to do any damage.
No system is 100% perfect, so even Linux has its vulnerabilities, but its amount is minuscule
compared to Windows.
There are countless of ways how you can install Linux alongside your Windows or MacOS, without
losing any data.
The best approach for maximum security is to use Linux for day-to-day browsing, communication,
email, banking, etc., and use other operating systems only when you have to use a software
that doesn't run on Linux.
Bear in mind that your device is almost always connected to a network.
Even if your system is protected, you might be connected to a vulnerable device that can
allow a malware to spread to you.
Beware of the network security you are connected to.
Never do things on a public wifi that you would do at home.
Don't send any passwords through an untrusted network.
Never trust anyone with your data.
If you think of cyber space as a battlefield, take encryption as your armor and shield.
Always use encryption and encrypt everything you can.
Without it, you are going naked against fully armed soldiers.
For this I would suggest that you install HTTPS Everywhere and Ublock Origin add-ons
on your web browser.
Whenever you are logging-in into your account, always check the website's encryption and
certificate.
If it doesn't match, don't proceed with entering your login credentials.
Assume that someone will get a remote access to your device.
Encrypt your hard drives so that even if you were hacked, the attackers won't be able
to read your data without privileges.
You can even encrypt sensitive files with separate passwords with programs like Veracrypt.
To protect your data from getting remotely encrypted by ransomwares, back-up everything
regularly on an offline location.
Change your thinking from passwords to passphrases.
Make them long but memorable.
I am talking about at least 25 characters long.
A phrase like "JakePaulis200%savageandwhiteboi" is a 31 character long passphrase that's
much harder to break than something random with upper and lower case, numbers and symbols,
and can't come from a dictionary, which you will have hard time to remember.
For messaging, emails, and voice and video calls, only use those services that offer
end-to-end encryption.
Never trust Facebook, Google, Apple or Microsoft, with the integrity of your data.
They are primary targets of every major cyber attack and their business model is to build
backdoors for every government request and sell your data to whomever is willing to pay.
Services like Protonmail, Tutanota, Signal, or Jitsi are viable options that give you
significant security and privacy.
Consider transferring to those as soon as possible and secure them with unique passphrases.
For more information about these services, checkout my online privacy tutorial where
I explain more in detail about how you can secure your data.
Compartmentalize your security.
Never use the same password twice.
That way you'll prevent spill-over hacking.
If a hacker gets password to one of your accounts, the first that will come to their mind is
to try them on other platforms.
Two-factor verification has a great value but if you have to use SMS, at least use a
Sim card that doesn't have your real name on it.
Check for security updates of your software on daily basis but never think that's enough.
Remember how the NSA tells companies not to fix certain vulnerabilities for them to exploit
and weaponize.
And we know this because the almighty NSA itself was hacked.
If even the organization with the biggest cybersecurity budget in the world is susceptible
to hackers with enough patience and skills, everybody is basically naked in the cyberspace.
Don't rely solely on your anti-virus software.
It's advisable to have it installed, but it won't replace your habits designed around
probability of successful breaches.
For example, because Linux has such a secure architecture, most systems are well-off with
just a good firewall configuration and don't need to bother with installing an anti-virus.
Encryption, separate root and user access, regular updates and backups, and constantly
aware mindset will get you further than you think.
No other operating system that you can get is doing better job at security than Linux.
Remember security is adding layers that will increase the time it takes to break in, and
thus decrease the motivation of the attackers.
If somebody can't bruteforce your passwords because they are so complicated, and can't
get root access to your device, or read your encrypted files, they might be quickly turned
off and move on to the next target.
Or it will simply increase the cost of their hacking to the point it might stop being beneficial
for them.
This tutorial is not excessive.
But it will get you started.
There are so many new threats being developed and each one will require attention.
So I hope this will get you on the right track on how to protect yourself from malware.
If enjoyed my work be sure to give it a like, share and leave a comment with your thoughts.
Thanks for watching and I invite you to subscribe for more content about cyber space in the
future.
For more infomation >> 5 Tips to get the most out of your time - Duration: 2:43. 
Không có nhận xét nào:
Đăng nhận xét