Mini basic protection for home

3. October 2017

Safe home

Every day, millions of people become victims of cybercrime. These are usually not targeted by professional hackers, but fall victim to large-scale attacks by chance.

How does something like this happen? The attack vectors are versatile:

  • Phishing e-mails
  • Modified files
  • Drive-by downloads
  • Bad passwords
  • Physical access
  • Removable media (e.g. BadUSB)
  • etc.

Attackers permanently scan the Internet for vulnerable systems in order to abuse them for their own purposes (e.g. distribute malicious code via drive-by downloads) or regularly send phishing emails to acquired mail listings.

I refer to these types of ‘attacks’ as background noise because they occur in large numbers, but usually only compromise poorly protected systems.

My acquaintances often ask me how I can protect myself on the Internet. My response includes the following recommendations, emphasizing that they only protect against the background noise mentioned above.

#1 Up to Date

There is no easier target for hackers than outdated systems, because exploits have often already been published for them, which allow the systems to be compromised in a very short time. Example Wannacry

Always keep software up to date!

#2 Passwords

I have already explained this in a past blog post. In summary, you should avoid the following things (excerpt blog)

Choose secure passwords!

#3 Virus protection

The usefulness of virus scanners is discussed again and again. In short: Yes, these are powerless when professional hackers are involved (there’s already a good blog post about this, too 😉 – No, these are not useless if we want to protect ourselves against the background noise. It should be noted, however, that only paid virus scanners offer acceptable protection. What manufacturers to choose? See for yourself:

https://www.av-test.org/de/

Use paid virus protection!

#4 BrainOn

Common sense is another essential aspect, which significantly increases your level of protection. Regarding PhishingMails I have already created a nice blog post. Other things which should be taken into account:

Calls from police officers, Microsoft/Apple employees, PayPal, etc. 98% follow other views than to help. In these cases, get the person’s contact information and end the call. Then call the official phone number of the provider, which you can find on the respective website (e.g. Microsoft) and describe your case. This quickly clarifies whether this was an authorized call or not.

Think first, then click!

#5 WLAN

Most private WLAN routers have authorization via WPS enabled by default. Most users don’t know about this feature and this standard often has sensitive security vulnerabilities. These are two good reasons to disable this mode. Use your router’s guest WLAN feature for devices you don’t fully trust (e.g. SmartTV) or friends’ devices to separate your important systems (e.g. computer, network storage, etc.).

Use the security functions of the router!

#6 User accounts

If the computer is compromised, the hacker usually gains the rights of the logged-in user. Therefore, please create at least 2 users on your system. An administrator and a user without administrator rights. Uses the normal user for all activities. The administrator is only used when setting up the computer or a password query is made when new software is installed. This also has the advantage that other people in the household (e.g. children) cannot install the wrong software 😉

Select different user accounts!

#7 Selection of hardware and software

Other ways to install unwanted software (possibly malware):

  • download illegal videos (e.g. VLC Player)
  • Third-party download portals (e.g. installers with adware)
  • Cheap hardware (e.g. backdoored smartphones)

Hardware and software from trustworthy sources!

# Conclusion

Provided that the above recommendations are implemented, it is possible to successfully resist the background noise and move relatively safely on the network. If you have any questions, please feel free to contact me.

If you liked this post, I would be happy to add you as a new follower on Twitter😉

Ähnliche Beiträge

The best security measures are useless if weak credentials are chosen. This raises two essential questions, which I would like [...]

26. June 2017

WordPress is still the tool of choice, especially for newbies, to quickly create a respectable website. All nice KlickiBunti, so [...]

26. June 2017

We are safe because we have a virus scanner and a firewall! This statement is often the first to fall [...]

11. July 2017

Almost every day, users become victims of so-called phishing emails. Therefore, in this short post, I would like to point [...]

14. July 2017