Cybersecurity Tips That Will Defend You From a Cyber-Attack
AMC Bridge Career
AMC Bridge is a global software development consultancy serving engineering, manufacturing, and construction industries.
Working with industry leaders, AMC Bridge takes information security to the highest level. Our team follows numerous useful tips and best practices daily. As we love sharing useful content with you, below you’ll find some tips we follow that are a good beginning for practicing safe technologies' usage.
Let’s talk about zero-day attack, compromised user credentials, infected flash memory and USB devices, attacks on social networks, and finally, how to defend yourself from a cyber-attack!
Cyber-attack vectors
Zero-day attack
If a network, OS, computer system, or application has an unpatched security vulnerability, an attacker can use an attack vector, such as malware, to gain unauthorized access.?A zero-day attack is a broad term that describes recently discovered security vulnerabilities that hackers can use to attack systems. The term “zero-day” refers to the fact that the vendor or developer has only just learned of the flaw, which means they have zero days to fix it. A zero-day hack can exploit vulnerabilities in a variety of systems, including operating systems, web browsers, office applications, open-source components, hardware, and firmware, IoT.?
To protect yourself from zero-day attacks and keep your computer and data safe, just follow cybersecurity best practices:?
?? Keep all software and operating systems up to date. It is required because the vendors include security patches to cover newly identified vulnerabilities in new releases. Keeping everything up to date ensures you more security.?
?? Use only essential applications. The more software you have, the more potential vulnerabilities you have. You can reduce the risk to your network by using only the applications you need.?
?? Use a firewall. A firewall plays an essential role in protecting your system against zero-day threats. You can ensure maximum protection by configuring it to allow only necessary transactions.??
?? Use a comprehensive antivirus software solution that helps to keep your devices secure by blocking known and unknown threats.?
Fun fact: only this year, Google Chrome fixed the eighth actively exploited zero-day vulnerability. Just imagine how high the interest of attackers against the widely used browser is!?
Compromised user credentials
Users can knowingly or inadvertently share their user names and passwords. It can be done verbally, but cyber-attackers can also gain access to credentials through a brute-force attack that tries different combinations of usernames and passwords until an authorized set of credentials is uncovered. The hacker then uses these credentials to hack a network, system, or application.?
Weak passwords and usernames are additional negative factors that facilitate compromise. During brute-force attacks, cyberattacks focus their efforts on hacking usernames and passwords that are weak or easy to guess—for example, Administrator, User, Root, and so on.?
But hackers also steal credentials using programs that track public Wi-Fi networks when users enter their access credentials in an unsecured form.?
A negative factor may be the use of programs such as “free access to Wi-Fi anywhere”. The operation of this type of program is based on taking passwords for access from the Wi-Fi access points that are stored on the device and distributing them among program users. You get someone’s passwords, and others get your access passwords. It allows attackers to listen to traffic on your wireless network, hide their true location, impersonate you in a cyberattack through your network.?
?? Think Before You Click. If you receive an enticing offer via personal or company email, do not be so quick to click on the link.? If you are unsure who an email is from, even if the details appear accurate, or if the email looks “phishing”, do not respond and do not click on any links or any attachments found in that email as they may be infected with malware.?
?? Stay off public Wi-Fi. Free Wi-Fi is a tempting offer, especially considering how expensive some mobile data plans can be. But if you’re not protecting yourself through a VPN, refrain from switching to an unsecured Wi-Fi network. Anyone else connected to that access point can get your data. When you use unsecured public Wi-Fi, you put your personal information at risk, hoping that no one will sniff this time.?
?? Ensure your user names and passwords meet proper length and strength criteria, and the same credentials are not used to access multiple applications and systems.
Infected flash memory and USB devices
Nowadays, most IT specialists understand that USB drives are often the source of infection and cause lots of other security risks. Due to this, many organizations restrict flash drives usage for their employees. But still, USB drives for storing data continue to be used by many other companies and in everyday life, media capacity is rising and can be used by hackers and virus developers.?
USB drive encryption for your own secure use! Any flash drive can be encrypted in several ways:?
领英推荐
?? Purchasing a USB drive with hardware encryption support that is compatible with the Federal Information Processing Standard (FIPS) and is approved (FIPS PUB 140-2), which meets NIST requirements for encryption.?
?? Installing special paid software on the drive.?
?? Using free open-source tools.?
Attacks on social networks?
Nowadays, laptops, tablets, and smartphones play a significant role in our daily lives. It's impossible to put the benefits of technologies into one post, as they make our lives so much easier, effective, and fun. But with a bunch of advantages, they also bring to the table new worries about security and privacy.?
Let’s talk about easy tips for protecting yourself in social networks.?
?? Use a comprehensive protection system on the Internet, it will protect against malware.?
?? Analyze all received information for the presence of malicious objects, especially encrypted and password-protected files. If you are not sure of the source, it is better to refuse to receive such files.?
?? Protect your mobile devices. They should be protected by a screen lock and automatic lock settings, with a biometric or PIN code (more than 6 digits). Lock your laptop when you leave a desk to prevent unauthorized access to data.?
?? Use strong passwords and special tools— password managers—for protection. And you should not have the same or similar passwords for work and social accounts.?
?? Always sign out of accounts as soon as you are done, do not log in to accounts on devices you do not control—to prevent other people or applications from using them.?
Sounds easy, right? Safeguard your electronic devices and enjoy ???
How to defend yourself from a cyber-attack??
Effective protection techniques include:
???Ensure your user names and passwords meet proper length and strength criteria, and the same credentials are not used to access multiple applications and systems.?The password generator on 1password.com, lastpass.com, and other resources might help you with this. It should be not less than 12 characters, and contain uppercase, lowercase, numbers, as well as symbols.?
?? Do not neglect two-factor authentication. Use two-factor authentication or verification methods, such as a password and PIN, to provide an additional layer of protection for system access. It might look excessive, but the best minds of our IT Department do believe that it is crucial.?????
???Use strong data encryption on portable devices! Whether it is a portable device is a laptop, smartphone, sensor, or any other type of edge device, data encryption should be used wherever sensitive data is stored.
Imagine losing a USB flash drive or memory card with your photos from vacation. It is unpleasant if strangers look at these photos. But if we are talking about personal or work documents, and bills, then there is a high probability that criminals will use this information for their purposes. That is why you need to use strong data encryption on portable devices (a laptop, smartphone, or any other).??
For USB storage, you can use BitLocker, Vera Crypt, or any similar tools with strong encryption. This rule applies to all mobile devices as well. Today, our smartphone not only makes calls but also carries our private information, documents, and banking applications. Therefore, always use password access or biometric unlocking.?
???Immediately install all updates!?Whenever a hardware, firmware, or software update is issued, you should promptly install it. If devices are used in the field, the security updates should be provided as push notifications, where software or firmware is automatically updated.??At AMС Bridge, automatic updating of the operating system and antivirus software is configured. If this is your case—good for you! But keep it in mind that for the updates to be installed, you need to reboot your laptop every day and respond positively to the update offer (for antivirus software). Not updating antivirus software increases the risk of being affected by new malware samples.?Also, don’t forget to upgrade your firmware, including your home router. To do it, periodically go to the settings and check for updates or set up an automatic installation of updates in the router settings.??
?? Always think before you click. Most infections require action to be taken before they can get inside your device. Do not click on advertising links offering to download a free, effective antivirus. Use only well-known antivirus solutions from official websites.?
?And remember: the best protection against viruses is you.?