10 tips to help you stay secure online in 2015

3 Jan 2015

Revelations about the NSA and GCHQ, amongst others, have proved just how difficult it can be to manage your personal data online. Here, Siliconrepublic.com looks at 10 ways to retain some level of control over personal data.

The sophistication behind malware attacks in 2014 reached a whole new level. Regin’s reported origin as state-sponsored malware attacks on anybody and everybody (Ireland represented 9pc of all global attacks) shows just what every individual is up against.

In truth, is fairly unlikely that the average internet consumer can defend himself or herself against such sophistication. For example, despite grievances on Sony’s ability to protect itself from a cyberattack, it looks clear that the particular group behind this latest story were operating at a level high above what was expected.

However, other broader approaches, such as the Fappening, shows the importance of personal capacities online. Diligent use of several simple steps will offer you the best protection possible:

1 – Keep your software up to date

If you are running a Windows or OS system, keep your system as up to date as possible. It can be a pain to install these updates as they come, however, software companies update for a reason, notably to protect against attacks.

2 – Browse with security on your mind

There’s no point wanting a hassle-free relationship with the internet if you then peruse and download from websites whose security systems are questionable. While it’s impossible to have a truly comprehensive understanding of all websites’ security procedures, a simple bit of common sense here wouldn’t go amiss.

3 – Use URL bars, beware of click-through links

We’ve all had it happen: You click on a hyperlinked word which you think will bring you through to a particular website, next thing you know you are downloading some mystery file. Get used to typing in URLs to the browser bar. If anything, browsers such as Google have made this all the easier, as using its URL bar is the same as using its search box.

4 – Steer clear of public Wi-Fi

Public Wi-Fi is a constant danger to your web-friendly devices. Hackers can view this as an open market to gain access to unsecured devices and, considering just how many applications you may be running on your phone at any one time, it’s understandable that they think this way. Recently, hotel Wi-Fi came into the spotlight when Kaspersky Labs exposed hacker group Darkhotel. Poorly managed hotel Wi-Fi was no match for the group’s attacks.

Darkhotel waits until the victim connects to the hotel Wi-Fi network, and submits his or her surname and room number upon login. The attackers see the victim in the compromised network and trick him or her into downloading and installing a backdoor that pretends to be an update for legitimate software, such as Google Toolbar, Adobe Flash or Windows Messenger.

Once on a system, the backdoor has been and may be used to download more advanced stealing tools, such as a digitally signed advanced keylogger, and an information-stealing module.

5 – Passwords serve a purpose, but only if used right

In autumn of 2014, hundreds of photos were acquired from celebrities’ iCloud accounts through incredibly targeted attacks, through a service that worked out the 500 most commonly approved Apple passwords. The ability to relentlessly try to log into someone’s account opened the door, and hackers were happy to walk through.

First off, use passwords correctly. Don’t keep it simple – anthony123 or password1 simply will not cut it. Include case changes, numbers and symbols where possible. Similarly, update your passwords. Don’t keep the same one forever, you have to adapt and keep moving, because online threats do.

6 – For every log in, use a separate password

Having one password committed to memory is simply not good enough anymore. The odds are you log into at least half a dozen separate accounts online (Gmail, Facebook, Twitter, Instagram, Amazon, Adverts, Netflix, and more), so vary it up. If need be, maintain a base password that only bears reference to you, such as your first dog, Officer Scraps. Create passwords from that name, incorporating it to where you are logging into. Gmlofficer5crap5, Fcbkofficer5crap5, for example.

7 – Anti-virus and anti-malware services: you get what you pay for

Dedicated cybersecurity companies are getting far more advanced with not just blocking cyberattacks, but also predicting what is next and where it will come from. Free downloadable anti-virus software can be OK to use, but do your research. There are countless resources out there that compare, contrast and detail exactly what it is you are getting. Remember, an investment in your online security can save you money and a whole lot of headache.

8 – Gamers beware

Online gaming breeds a different type of internet user, OK with downloading extras and reluctant to utilise anti-malware software that could cause even the slightest of lag. As Andy Browne, malware labs director at Lavasoft, explains, gamers are a target for malware authors.

“Gamers are a specific type of computer user that will voluntarily download software they know is non-legitimate,” Browne explains to Siliconrepublic.com. “Couple this with a perception that anti-malware software slows down computers and problems inevitably arise. Gamers may be more likely to disable their protection – exactly the kind of target the bad guys are looking for since the malware is less likely to be discovered.”

Browne also warns against storing credit-card details on an online gaming store, with his concerns reflecting the fears of many when it comes to online shopping. “Understandably,” he says, “people allow credit-card details to be stored on shopping sites for convenience. Although security breaches where credit-card details are stolen aren’t common, it is better not to be in a position where you are at risk.”

9 – Protect your home

Only you should use your home Wi-Fi. Change the password of your home internet as soon as you have it installed. Default logins can be accessed quite easily, with some providers having their password encryption unlocked online for all to see.

10 – Disconnect and back up

Finally, when you are not using your internet, disable it. Whether it’s plugging it out from the wall or pressing a switch on your phone, don’t keep that access channel open. Your devices are home to huge numbers of ports and often, the only true way to stop any chance of hacking into your information is to disable the option. Also, back up your files – be they music, image or documents – to a device that’s not online.

Encryption image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com