Security Threats in 2017
As the 2016 election cycle shows, computer security cannot be taken lightly. The Russian hack of the Democratic National Committee was exacerbated by the fact that it was initially handled only by an entry-level employee who made some poor decisions. The Russian social engineering hack of John Podesta’s email may have been made easier by a possible failure to turn on two-factor authentication on his Google account. It will only get worse.
Malwarebytes released a forecast of problems in the coming year that should be required reading for all computer users; computer security people already know this stuff; I’m talking about my wife, my siblings and my extended family members whose home network problems I fix when I visit. Read the article and then start doing the following if you have not already done so:
- Turn on two-factor authentication for Google.
- Turn on two-factor authentication for Facebook.
- Turn on two-factor authentication for Yahoo/Flickr.
- Turn on two-factor authentication for everything else
- Encrypt your iPhone or Android phone to protect it if is lost or stolen.
- Enable a remote reformat capability for your cell phone.
- Tell all businesses that you deal with to convert to HTTPS if they have not. Give them a reason to get secure–your continued business
- Do not re-use passwords, which will require getting a password manager. Use a hard password on your password manager. Password managers are a likely new target for attacks, so I have chosen one (Keepass) that is somewhat less convenient, but which would first require the attacker to gain access to my computer.
- Stop using Internet Explorer (and any service that requires it) and switch to Firefox, Chrome or Vivaldi as a browser. Firefox is best from a privacy standpoint, but Chrome and Vivaldi are faster and OK for privacy if you turn off some default settings. I am starting to use Vivaldi a lot and like it. Opera was purchased by a Chinese firm, and is no longer a browser that I use regularly, as I just do not trust Chinese companies for anything after the Startcom certificate mess.
- Decommission all Windows XP computers, if you have not already. Remove the hard drive and destroy it or wipe it before disposing of it.
- Change the default passwords on your router, Roku, Apple TV, smart TV, DVD player, baby cams, kitty cams, garage door opener (yes, some have WiFi) and other devices. Use something unique to each device and hard. For these it is OK to tape the password on the device; if someone breaks into your house and gets the password to your kitty cam, you have bigger problems. Hacked baby cams and other devices were used on a recent denial of service attack.
- Update the firmware on all of the above devices. Pay attention to the manufacturer’s firmware update practices when purchasing new devices, and do not buy from firms that never release security updates. You can continue to use some manufacturer-abandoned routers with DD-WRT.
- Consider encrypting USB flash drives. Veracrypt works on all platforms if you have to go from Windows to OS X, to Linux.
- Encrypt your laptop hard drive.
- Make sure that your phone has security patches. This is easy on iPhones, but not on Android devices (except those purchased directly from Google like the Nexus series). If your device cannot be made current on security patches, get a new one.
- Switch to Signal, What’s App, or perhaps the somewhat less secure Hangouts for all of your messaging. I really like Signal.
- Do disk-level backups to a USB drive and keep one off-site in a safe-deposit box. This is to protect family photos. I use Clonezilla. When I was a systems programmer and database administrator, we used to say “tape is cheap.” Today, USB disks are cheap. You only need a backup when you need a backup, and when you need one, you would pay a lot to have one.
- Use a cloud backup service like Backblaze or Carbonite. The cloud is cheap today. Macafee, Symantec and others offer cloud backup as well.
- Keep your antivirus updated. Windows 10 has a decent built-in anti-virus and firewall, but if you are on another platform, you should have something and there are solutions for Windows 10 that are arguably better than the free one.
- Give your extended family members a disk drive with family photos for Christmas or the gift-giving opportunity of your choice. This is part of my disaster revovery plan as well as family history communication.
- Stop taking fun quizzes on Facebook. Most, if not all, are just a way to collect your personal information for impersonation, identity theft or more benignly to fill you Facebook feed and mailbox with annoying targeted marketing.