Cybersecurity is and has always been a complex matter, as there are really no silver bullets. And as many cybersecurity experts will tell you is above everything...a Process.
However this doesn’t necessarily means that if your aren't one, or at least work in the IT department, that you are helpless against cybercriminals and hackers.
Even if you are just a web business owner or an internet entrepreneur, there’s some important precautions you can take to at the very least, diminish the damage they can do to your Network / Systems and more importantly...your Business.
Here are 7 cybersecurity tips that you can put to practice to work in a safer environment.
Keep your Operating Systems Updated; for both Software and Firmware.
Probably the most common recommendation, but at the same time the most critical.
Plain and simple, if your systems run deprecated services they will be increasingly vulnerable to cyberattacks.
After all, this was the demise of many outdated systems during the “wannacry” ransomware outbreak.
Don’t connect Smartphones used for recreational purposes to your work Computers!
You probably wont be hearing this one a lot. However smartphones, especially those running Android, are quite susceptible to a broad amount of malware and not really surrounded by any significant quantity of security solutions.
And if malware infecting hardware in Desktop systems (firmware) is a headache for security experts, it’s indeed a living nightmare in far more vulnerable devices.
There are simply not enough security measures that can be implemented in a practical way to protect said devices.
Realistically speaking, you would need to replace the Operating System all together and turn your smartphone into a mini-computer limited to just a small amount of running services and processes...none of them “fun apps”.
So the last thing you want is making the cybercriminals a favor, by connecting a potentially malware-infested device into a system storing critical company information.
Limit your outbound connections to HTTP, HTTPS and UDP (port 53) only.
Unless explicitly required by a known application or service, common web traffic won’t require more than HTTP, HTTPS and UDP (DNS) protocols, port 80, 443 and 53 that is, as many malware variations out there will look for a rather uncommon port.
And if you are wondering how to do this, you may indeed through your Operating System’s or Appliance firewall.
That’s not to say that malware never connects through common ports, but this is about decreasing the attack surface in your system.
Heck! If you ask me don’t even use the port 80 (HTTP), as this is rather an unsafe easily manipulable protocol. But sadly, still widely used across many platforms.
As for UDP protocol goes, this is only necessary if you use an exterior DNS service (Google or OpenDNS for example). Although in the corporate environment an internal DNS server is most likely to exist.
And regarding Inbound traffic, well the matter is more simple, if you don’t explicitly connect to your Network remotely through a specif port (let’s say port 22), there’s no reason whatsoever to have any inbound port open!...nor in your firewall nor for Windows services...none.
Encrypt your passwords and change them in a regular basis.
“KeyLoggers” are rather a common type of malware (spyware) these days. And actually a big amount of effort has been put by cybercriminals to deliver them in increasingly sophisticated ways..
“But I have an Antimalware installed in my computer!”...yes..and stealing is illegal..yet I’m careful on where I leave my wallet…
This type of malware can exists in many ways, from those which function at OS level (Windows or MAC), to those running at “kernel level”.
This means existing as drivers in your computer and initiated way before your Operating System (way before any AV or Antimalware).
And if you like horror stories...existing even “below kernel level” running as your hardware initiates...at which point you should probably throw your computer away…
There are many solutions out there for encrypting your key strokes, specially for Windows. This is not a luxury people...it’s a Must!
And last but not least, change your passwords in a regular basis and use alphanumeric combinations, as oppose to simple phrases.
If you use 2-Steps Authentication.
Although not much of a novelty these days 2-Steps authentication passwords are still a very good option; along with USB keys. Many web solutions provide them, such as social media platforms and popular email applications. So it would be a good idea to include this access restriction in your security protocol if you can.
However most people use the same device for both this purpose and reading regular email, checking social media and so on...which is in fact a really bad idea…
Due its inherent insecure nature, both SMS and app generated password (still 2-Steps authentication) can be grabbed from smartphones through the use of malware.
There’s no point on having 2-Steps authentication if you use the same device on which you may receive phishing emails or SMS (yes SMS). As the attacker will be able of reading and getting the same information you do…
Get a new phone solely for this purpose and keep it off when isn’t needed.
Believe me, you will thank me for this one...
Prefer Hardware (appliance) Firewalls over software ones.
If you work in a Corporate environment you could probably skip this one, as firewall appliances are commonly implemented already.
But in case somebody is trying to talk you out of buying an Appliance Firewall in favor of just using a software (Hosted) one, that individual probably don’t know what he/she is talking about...or never connects to the internet at all…
Software or hosted firewalls are indeed quite neat and probably a capable IT expert or cybersecuirty engineer can do wonders with it; after all every appliance out there runs a software...
But unless you have one of those working around your office, that’s probably not a good idea…
Many malware variations possess the ability of attacking and disabling firewall services (hosted) running into a system, or alternatively, creating firewall rules for themselves…
Moreover, several malware impersonates or “hooks” onto known already authorized services. Thus gaining internet access...and also granting it.
Having a non-hosted firewall outside your system will give you an extra layer of protection and out of the reach of most malware, since appliance firewalls always run their own signature operating system (firmware).
In that way and even if compromised, your system wont be left completely defenseless.
If you run an e-commerce Website...look for common hacker tactics.
Whether you run your own web server or have it outsourced, the most common tactic to hinder your web business and that you should be aware of, is intermittent tampering of the web scripts which handle the payment process.
This is the most common tactic used for causing your sales to drop!
A permanent change, let’s say in the shopping cart, will be quite obvious and most web administrators will be able of patching it eventually. So instead cybercriminals perform an intermittent tampering of web scripts every other day...or hour..
This way when you go check what’s going on in your website everything seems to be ok...and the reason why people aren't buying remains inexplicable...
Of course this doesn’t really tell you which script in your website to look at, because let’s face it...this could be anything between choosing a product and all the way to entering a credit card number.
Just be aware that the fact that the website works for you at a give time, doesn’t really means anything. Specially if sales are going down…
If you still face security issues in your Network / System / Web Business.
If anything of what we have mentioned before sounds familiar and you run an e-commerce / web business, our group of Cybersecurity Experts can help you with a smart and integrated solution for your company.
Please visit www.taloncyberdefense.com for more information.