IT security

8 Behaviors for a Strong Cyber Security Defense

Brett Harney Network Security

cyber attack spyware malware

Cyber criminals are lurking everywhere, hoping to get a chance to exploit you.  It’s no secret that any person or business with an online presence is susceptible to being hacked or even lured into a scam.  The good news is that most spyware, malware and ransomware can be avoided with a few easy information security practices.

InfoWorld’s “8 ways to fend off spyware, malware, and ransomware” discusses some painless precautions you can follow that might help keep you a step ahead of cyber attacks.

1. Enable two-factor authentication

Passwords are convenient and tried-and-tested when it comes to securing your online accounts, digital data and overall cyber security. However, the major downside is their susceptibility to being stolen using spyware or through trickery. The use of two-factor authentication (2FA), however, is a good defense against account compromise even when the bad guys have your passwords. Basically, 2FA adds another layer of protection after your password, usually by combining one factor (your password) with a second factor (a text message/verification code sent to your cellphone number).

Helps prevent against: spyware, phishing

2. Check your login history

Most Web services offer the capability to track the most recent logins in the context of the time it occurred, the mode of access and the destination IP address. The latter makes it possible to deduce the location of access, and can serve as a red flag; if you see logins to your account from physical locations you’ve never been to, it may be time to change the password.

Helps prevent against: spyware, phishing

3. Check the list of authorized devices

A common practice for many app-based online services is to create a unique security token after the initial authentication to eliminate the need to key in the password again. The list of authorized devices is typically easy to access, which is a great way to check if someone else is accessing an account on the sly.

Helps prevent against: spyware, phishing

4. Install anti-malware software

This will sound cliché, but the easiest way to protect yourself from common malware is to install appropriate anti-malware software. This approach does not work well against more sophisticated hackers wielding custom malware on a spear phishing rampage. And some studies have shown that standalone anti-virus software is no longer effective in preventing the increasingly sophisticated level of attacks being used today.

Helps prevent against: malware, spyware, ransomware

5. Don’t delay your security updates

If you’re like most people, it’s easy to ignore those pesky pop-up boxes imploring you to install software updates, even when they include important security patches. The bottom line is that doing so places you at great risk. Hackers can take just days or even hours to dissemble the latest security updates once they’re released by software companies, determine the problem they address and to construct a malware that exploits it.

Helps prevent against: malware, spyware, ransomware

6. Never give out your passwords, ever

This should be obvious, but it’s still a security plague: You should never give out your passwords to anyone, period. Legitimate administrators will already have the appropriate level of access to perform whatever actions they require – without having to ask for your password. As it is, anyone asking you for your password should immediately be suspect, especially if it happens over a faceless medium such as email or a chat app. In which case you have to assume the sender’s accounts have been compromised.

Helps prevent against: phishing

7. Stop clicking on links in emails

A common trick of cyber attacks is to get the victims to click on a URL link that brings them to a malicious website. The site may either attempt to inject a security exploit to attack the visiting browser, or it may be designed to look like a legitimate website as part of an elaborate phishing attempt.

And yes, people are still doing it. While it seemingly peaked as an issue about 10 years ago, new studies have shown that malicious attachments are back on the scene as a security risk.

Helps prevent against: phishing, malware

8. Perform offline backups

While backups are not typically mentioned when it comes to security practices, they’re a crucial safeguard against a new breed of security threats called ransomware, which works by threatening to encrypt user file or even lock users out of their computer altogether. Once done, it then attempts to exact a ransom for the secret key required to unlock the data or computer.

Helps prevent against: ransomware, malware

Businesses should consider going a step further to ensure their information is secure, and practices are in place to ensure both the physical security and the network aspects of that security.   Corporate Technologies Group can help your business determine if your network and IT security is adequate and ready for an attack.