Commentary Lifestyle

Why you need to pause before you click “open”

Written by TheMole

By Dave Avran

Rapidly developing technologies bring new threats with them, chiefly cyber security.

Defined as the protection of systems, networks and data in cyberspace, this is a critical issue for individuals, businesses and governments. Cyber security will increase in importance as more devices, collectively known as the Internet of things, become connected to the Internet.

Cyber-crime has become increasingly simple and cheap to commit. A botnet, a network of private computers infected with malicious software and controlled remotely without the owner’s knowledge, can be established for as little as US$700 (RM3,100). Today’s cyber criminals can buy off-the-shelf hacking software if they know where to look.

Dave is one of Malaysia’s pioneer bloggers and founder of MARAH, an active online crime watch movement.

Cyber-crime can be conducted by individuals working alone, or in organised groups intent on extracting money, credit/debit card data, intellectual property, valuable data or simply to cause disruption and impair the operations of a website or service.

There are various forms of modus operandi cyber criminals use, including:

Phishing — acquiring users’ information by masquerading as a legitimate entity.

Pharming — redirecting a legitimate website’s traffic to a fake website, where their information is stolen.

Drive-by — opportunity based attacks against weaknesses within a system.

Social engineering — exploiting the weaknesses of an individual by ensnaring him to click malicious links, or physically gaining access to a computer through deception. Phishing and pharming are both examples of social engineering.

Cyber criminals operate remotely and use numerous malware including:

Viruses that access to steal, modify and/or corrupt information and files.

Worms that exploit weaknesses, damage networks or allow remote control.

Spyware/Adware that takes control of your computer without your knowledge.

Trojans that create a backdoor on your computer to steal or damage.

The following are ten basic tips for improving the security of your system:

There are many free wifi security testing tools available online. Just make sure you use a reputable name.

Immediately after you connect a new computer to the Internet, enable and configure a firewall, install anti-virus and secure your web browser.

Protect your computer by limiting use of the Administrator Account. A non-privileged user account should be created and used for the bulk of your activities.

Keep your network secure by updating applications. Many applications do not have an automated update feature so attackers frequently target these.

Remove unnecessary software and modify unnecessary default features.

If a website uses cookies for authentication, then an attacker may be able to acquire unauthorised access to that site by obtaining the cookie. Persistent cookies pose a higher risk than session cookies because they remain on your computer longer.

Use a virus scan before you open any new programmes or files that may contain executable code. This includes any programme you download from the Internet.

Selecting the option to view your email messages in plain text, not HTML, will help you to avoid a virus.

Use caution when opening email attachments or when using peer-to-peer file sharing, instant messaging or chat rooms.

Don’t enable file sharing on network interfaces exposed directly to the Internet.



About the author