Just in time for the holiday shopping season, every single credit and debit card I own is being re-issued by the banks due to data breaches at retailers across the country. It’s my fault, really, for shopping at massive retailers like Home Depot and Target – and now I’ll have a month or two of disabled accounts and warning e-mails as automatic payments I’ve forgotten about fail. While you can’t protect yourself against every threat, there are a lot of simple steps you can take to make sure your own systems aren’t compromised and keep your personal and financial information safe on your home computer.
“Now wait a second! There’s millions of computers out there on the Internet. Nobody is ever going to find mine!”
Wrong! There are a lot of bad guys out there, and if they’re even half-way competent, they’re using tools which can automatically scan nearly every computer that’s connected to the Internet and probe them for vulnerabilities automatically. Many computer worms will then even automatically break in and start the cycle over. While the situation has improved a bit in recent years as security has grown more important, at one point a freshly formatted machine would be taken over by hackers within 20 minutes of being connected to the Internet the first time. All by automated attacks.
Remember: You are not too small to be a target.
“Okay, so, I don’t have anything important on my computer anyway. Who cares?”
Granted, cyber criminals are probably not that interested in that unpublished copy of your memoirs, family photos or your collection of anime rips. Other day-to-day information can still be an important target for attackers, though. Your address book? That’s a list of names and e-mail addresses that probably belong to real people who will open your messages – and that can make for a great phishing trip for an attacker. If you’ve ever done any online banking, even if you don’t save it down to your hard drive, an attacker who has compromised your machine can steal your username and password and transfer your funds away. Do you have any medical records? A credit card number only goes for about $1 on the black market, but a medical record can be worth as much as $20, or even more. Hackers sell medical records to terrorists, who can use your biometric data to create a fake identity. Not to mention, if you’ve ever used or stored a digital currency like Dogecoin, you might literally have money sitting on your hard drive. Attackers can, and do, write viruses to steal digital currency wallets and once it’s gone, it’s gone.
“Alright, what can I do to keep myself more secure? I have an anti-virus. Isn’t that enough?”
Using an anti-virus is a good start, without a doubt. They’re all pretty similarly effective against a variety of known threats – as long as you keep them up to date – but they can’t always react to unknown threats and in the cyber security arms race it’s tough to predict what new techniques will be developed. You’ll need to make sure to regularly update the definitions to stay as protected as possible. Using a home router with an SPI firewall helps defend against automated attacks, too. (Most new routers have this functionality.) Finally, you can make some configuration tweaks. Use a browser plug-in like NoScript, AdBlock Plus, Privacy Badger to keep unknown threats from coming in through compromised web sites, make sure your Adobe Reader, Java Runtime, and all operating system patches are up to date, don’t open e-mail attachments from people you don’t know or weren’t expecting, and turn on hardware-based DEP for all programs in your operating system’s to make it harder for an attack to be successful even if it is launched.
Businesses are targets of attacks, too, and in addition to taking the same general precautions, a business that wants to stay secure will look to trusted vendors with good security practices, such as security-focused hosting and managed infrastructure firm SingleHop or another industry leader.
You can never guarantee perfect security, but following some best practices in being careful on the Internet will help make sure your personal data isn’t compromised and all it takes are some simple steps mixed in with a little common sense.
Stay safe out there!