By Preston Smith
How significant are foreign hacks and cyber threats to the average person?
Does the thought of foreign hackers enter our daily lives?
Does anyone stop and think, “Wow, right now there are possibly thousands of entities trying to break into my cyberlife.”?
Don’t make the mistake of thinking it’s just the work side of your cyberlife that they’re trying to gain access to. There may be more information from an organization, but if they can get even a little bit of your personal information, they’re going to try and get it!
Most of the time it isn’t even people who are testing and trying out ways to get into information. Often, it’s just a bot trying any IP addresses that it can reach. If a bot hits an IP address and receives an open request for a login, that response forwards onto the next bot that attempts to guess login credentials. Then that bot keeps trying, following whatever “might” be a logical limit (if the owner or admin bothered to set that option) on login attempts, so as not to lock out the account until it gains access.
A bot doesn’t care about how quickly it can access an account.; it can be very patient, especially since few, if anyone, checks access to accounts or, heaven forbid, to regularly change passwords! Of course, once a bot successfully logs in, it probably gives notification to the organization (or to the country) that started the bot so that the attacker can infiltrate and either place Stealth viruses or another bot to collect information, onto compromised systems.
The really challenging bots are some that have learned to hide on our systems. They collect everything about us that we put into a computer that we think is safe. Again, this is something that can happen on your home computer as well as on your work computer.
I don’t want to make us all psychotic about using our cyber devices. But I do want us to realize that international and foreign hackers are not just on the government’s doorstep! They’re at your door if you have any device with an IP address! Instead of freaking out about it and shutting everything off, let’s apply logic and strategy and make security a habit, not a chore. Use password managers so they can help us track how often to change passwords and to not use duplicate passwords anywhere.
Update software and firmware on everything. Don’t delay installing the latest updates as they usually include important security patches! Also, since firmware doesn’t seem to let us know when there’s a new version available, put together a calendar reminder to check your firmware on a regular basis!
Always have at least one (or even more) of the well-known antivirus software applications running on any device that it can be installed! Check that you have set your settings at a secure mode. Don’t ever accept the default settings from a program or an application. Read the options carefully, find what you would be comfortable with, and then set it one level higher (more restrictive) than you want.
Remember, it’s too easy to forget how much the bad guys want to get into your cyberlife! Think about things like “Does this device connect to the Internet?” “Does it have a login?” And here is the difficult question that really requires thought, “If someone gained access to this device, what information could they get or how much access would they have to my cyberlife?”
We must realize that our comfortable and exciting cyberlife is not the safest of environments. All it takes to feel more comfortable with our cyber choices is to be sure that we take complete control and know our risks and our protections.
Greetings SSH fans. Preston and I had the pleasure of speaking with SSH Communications Security founder Tatu Ylönen about keyless access and how system administrators and system security professionals should “manage access, not keys” when using the SSH protocol.
As always, Tatu is very engaging and extremely knowledgeable about the topic of security, SSH, and access management.
