With cyber-attacks taking place every 14 seconds, there has never been a better time to strengthen your computer security.
November 30th marks the annual National Computer Security Day. Although, it should be renamed “National Device Security Day” due to the technological developments seen over the years. This day aims to raise awareness about cyber security issues and help you stay safe online. For the sake of ease, we will refer to the umbrella term as Computer Security.
Computer security is important for businesses for several reasons, which we will dive into throughout this post.
What is Computer Security?
Multiple components fall under the umbrella of computer security. It’s important to understand the distinction between them. However, some definitions do overlap.
There are three components of a computer system that needs to be protected, these are:
- The programming which offers services. E.g. the operating system, word processors, internet browsers.
- The physical parts of the computer. E.g. Disk Drive, Memory.
- The permanent software embedded into the nonvolatile memory of the device.
Cyber security is the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber-attacks.
Information security protects information assets in both hard copy and digital form.
Application security involves securing applications by building security features to prevent cyber attacks.
Network security is an activity designed to protect the usability and integrity of your network and data. This includes both hardware and software technologies.
To summarise: Computer security is the protection of computer systems and networks from theft, information disclosure, damage to their hardware or software and disruption.
Why is Computer Security Important?
A basic overview is that computer security guarantees the safe processing and storage of data and sensitive information.
Cyber-attacks are becoming more and more sophisticated and frequent. It is estimated that an attack happens every 14 seconds. Knowing that alone should highlight the importance of computer security.
However, it is also important to ensure that, as a business, you do not lose money for something that could have potentially been avoided; cyber-attacks can come with exponential financial risks.
Due to strict privacy laws, such as GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018, organisations that suffer cyber security breaches could face significant fines. These fines are in place as it is a legal requirement for organisations to implement appropriate security measures to protect personal data. For example:
- According to Article 32 of the GDPR, organisations are obligated to restore the availability of and access to personal data in the event of a physical or technical breach.
- Under the GDPR, organisations must report a breach within 72 hours of the attack to avoid fines.
What Are The Different Types of Cyber-Attacks?
Unfortunately, there are many different types of cyber-attacks we need to be aware of: Some are more common than others, such as malware, phishing, man-in-the-middle (MitM), denial-of-service, SQL injection, and drive-by-downloads.
Backdoors allow remote access to computers or systems without users’ knowledge.
Cryptojacking is the malicious installation of cryptocurrency mining – or ‘crypto mining’– software. This software illicitly harnesses the victim’s processing power to mine for cryptocurrency.
DNS Poisoning Attacks
DNS (domain name system) poisoning attacks compromise DNS to redirect traffic to malicious sites. Affected sites are not ‘hacked’ themselves.
Hits after a network vulnerability is announced, but before a solution is implemented.
Most Common Attacks
Man-in-The-Middle (MitM) Attacks
Also known as eavesdropping attacks occur when attackers attempt to insert themselves into a two-party transaction. Once the attackers interrupt the transaction, they can filter and steal data.
Two common points of entry for MitM attacks:
1. On unsecured public Wi-Fi, attackers can insert themselves between a visitor’s device and the network. Without knowing, the visitor passes all information through the attacker.
2. Once the malware has breached a device, the attacker can install software to process all of the victim’s information.
DDoS (distributed denial-of-service) attacks attempt to disrupt normal web traffic and take targeted websites offline by flooding systems, servers or networks with more requests than they can handle, causing them to crash.
These attacks install malware when victims visit a compromised or malicious website. They don’t rely on unsuspecting users taking action (such as clicking malicious email attachments or links) to infect them..
SQL (Structured Query Language) injection
This attack occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information that it would not normally reveal.
An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box.
The practice of sending fraudulent communications that appear to come from a reputable source. They are typically sent through emails.
The goal of this attack is to steal sensitive data. For example, credit card and login information to then install malware on the victim’s device.
Malware is a broad term used to describe any file or program intended to harm or disrupt a computer.
Once inside a network malware can obtain sensitive information, further produce more harmful software throughout the system and can block access to vital business network components (ransomware).
Types of malware include:
Botnet software is designed to infect large numbers of Internet-connected devices.
Some botnets comprise millions of compromised machines, each using a relatively small amount of processing power. This means it can be difficult to detect this type of malware, even when the botnet is running.
A form of malware that encrypts victim’s information and demands payment in return for the decryption key.
Paying a ransom does not necessarily guarantee that you will be able to recover the encrypted data.
RATs (remote-access Trojans) are malware that install backdoors on targeted systems to give remote access and/or administrative control to malicious users.
Rootkits comprise several malicious payloads, such as keyloggers, RATs and viruses, allowing attackers remote access to targeted machines.
Bootkits are a type of rootkit that can infect start-up code – the software that loads before the operating system..
Spyware is a form of malware used to illicitly monitor a user’s computer activity and harvest personal information
Type of malware that disguises itself as legitimate software but performs malicious activity when executed..
Viruses and Worms
A computer virus is a piece of malicious code installed without the user’s knowledge.
Viruses can replicate and spread to other computers by attaching themselves to other computer files.
Worms are like viruses in that they are self-replicating. However, they do not need to attach themselves to another program to do so.
How to Improve Your Computer Security
Although you can never be 100% safe from cyber-attacks, there are things that you can do to improve your computer security.
A multi-layered cybersecurity plan is advisable. A multi-layered approach ensures that each component of your cybersecurity plan has a backup to counter any gaps or flaws. These layers work together to increase your defence against attacks. Having a combination of firewalls, software and tools – such as network security monitoring, encryption, and antivirus software – will help combat malware that can affect everything from mobile phones to wifi.
To create a computer security plan, it helps to break all “risk areas” down and identify how to protect each operation. We’ve made things a little easier for you…
Managing Cyber Security
- Effective cyber security management must come from the top of the organisation.
- A robust cyber security culture, reinforced by regular training, will ensure that every employee recognises that cyber security is their responsibility and defaults to security instinctively.
- Good security and effective working practices must go hand in hand.
To protect from attackers entering via emails, it is advisable to:
- Require strong and unique passphrases on email accounts.
- Turn on two-factor authentication.
- Not use personal email accounts for company business.
- Ensure that employees know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source.
- Instruct employees about your company’s spam filters and how to use them to prevent unwanted, harmful emails.
To protect from attackers when sharing files, it is advisable to:
- Restrict the locations to which work files containing sensitive information can be saved or copied.
- If possible, use application-level encryption to protect the information in your files.
- Use file-naming conventions that don’t disclose the types of information a file contains.
- Monitor networks for sensitive information, either directly or by using a third-party service provider.
To protect from mobile device attacks, it is advisable to:
- Update security software regularly. Go ahead, update your mobile software now.
- Delete unneeded apps and update existing apps regularly.
- Always download apps from a trusted source and check reviews before downloading.
- Secure devices with passcodes or other strong authentication, such as fingerprint recognition.
- Turn off Discovery Mode.
- Activate “find device” and “remote wipe”.
- Configure app permissions immediately after downloading.
To protect POS systems from attacks, it is advisable to:
- Create unique, strong passphrases.
- Separate user and administrative accounts.
- Keep a clean machine: Update software regularly.
- Avoid web browsing on POS terminals.
- Use antivirus protection.
To protect your Wi-Fi routers’, it is advisable to:
- Change from manufacturer’s default admin password to a unique, strong passphrase.
- Use a network monitoring app to scan for unwanted users.
- Restrict remote administrative management.
- Log out after configuring.
- Keep firmware updated.
To protect your Wi-Fi connection from attacks, it is advisable to:
- Use separate Wi-Fi for guests or customers than you do for business.
- Physically secure Wi-Fi equipment.
- Use a virtual private network (VPN) when using public Wi-Fi.
- Do not connect to unknown, generic or suspicious Wi-Fi networks. Use your mobile carrier’s data plan to connect instead.
- Turn off Wi-Fi and Bluetooth when not in use on your devices.
- Secure your internet connection by using a firewall, encrypt information and hide your Wi-Fi network.
To protect yourself from attacks via social networks, it is advisable to:
- Limit who has administrative access to your social media accounts.
- Set up 2-factor authentication.
- Configure your privacy settings to strengthen security and limit the amount of data shared. At the very least, review these settings annually.
- Avoid third-party applications that seem suspicious and modify your settings to limit the amount of information the applications can access.
- Make sure you’re accessing your social media accounts on a current, updated web browser.
To protect your software from attacks, it is advisable to:
- Make sure your computer operating system, browser, and applications are set to receive automatic updates.
- Ensure all software is up to date. Get rid of software you don’t use.
- Your company should have clear, concise rules for what employees can install and keep on their work computers.
- When installing software, pay close attention to the message boxes before clicking OK, Next or, I Agree.
- Make sure all of your organization’s computers are equipped with antivirus software and antispyware – This software should be regularly updated.
- Limit access to data or systems only to those who require it to perform the core duties of their jobs.
To protect your website from attacks, it is advisable to:
- Keep software up-to-date.
- Require users to create unique, strong passphrases to access.
- Prevent direct access to upload files to your site.
- Use scan tools to test your site’s security.
- Register sites with similar spelling to yours.
- Browser security is the application of protecting internet-connected, networked data from privacy breaches or malware.
- Anti-virus browser tools include pop-up blockers, which simply alert or block spammy, suspicious links and advertisements.
- More advanced tactics include two-factor authentication, using security-focused browser plug-ins and using encrypted browsers.
Mobile phones are one of the most at-risk devices for cyberattacks, with device loss being the primary concern. It is important to have tools that lock all use of mobile phones (or enact multi-factor passwords) if this incident occurs.
Remote Working and Cyber Security
Now, we are no strangers to remote working. But, we could be strangers to the cyber security risks involved with this. Managing cyber security risks is an essential part of helping your team members operate safely and securely. As well as keeping you compliant with data protection laws.
There are several areas where you could be exposed to cyber-attacks through remote working, but don’t worry – here’s how to mitigate the risks.
Phishing emails can be the biggest concern related to remote working and cyber security. Now that the attackers are getting good with their emails, it’s as important as ever to identify these types of emails. Here are a few things to look out for:
- How to identify:
- Public email domains
- Misspelt domain names
- Bad grammar and spelling
- Suspicious attachments/links
- Sense of urgency
- These often rely on topical stories to create a sense of urgency, exploiting people’s fears to get them to open malicious attachments or click links to spoof sites, which will then download malware onto their machines.
Staff Using Personal Devices
It’s a good idea to implement remote working policies that set out what you expect from your workers; this includes the use of personal devices for work. Although the use of personal devices does have many benefits, you have less control over how those devices’ security settings are configured. If a member of staff hasn’t got their antivirus or anti-malware up to date – and accidentally downloads malware – your corporate information will be put at risk, and your network could become infected the next time they connect to it.
Your staff should understand how to look after their devices. This isn’t just focusing on their cyber security but how they secure them when not in use. Devices should not be left unattended, and staff should know exactly what to do if their device is lost or stolen.
We are all guilty of creating a password that is easy to remember but not necessarily difficult to crack. Having a strong password is essential for computer security. But it’s not always easy to implement. Here are some tips:
- Use three-word pass phrases rather than passwords.
- These are much easier for people to remember than random combinations of letters, numbers and symbols.
- Length matters more than complexity in password security. Every character added to your password increases its strength against attacks.
- You can automate the process by using a password manager to create strong passwords for each account.
- Where available, you should also combine passwords with secondary authentication factors such as one-time passwords or secret questions.
A Final Thought…
So, we’ve broken down the main types of cyber-attacks, explained the importance of protecting your assets and given you tips on how to keep your devices secure. We are by no means saying that following this guide will mean you never have to worry about computer security again because these attacks can happen to any organisation, regardless of size. But, it’s crucial to implement security tactics to lower your chances of a cyber attack.