Your SEVEN Point Tuneup For Hacker Defenses

Category: Security

It seems the online world gets more dangerous every day. The AV-TEST Institute reports over 350,000 new malware samples are discovered DAILY. Thousands of social media accounts are hacked per day; and untold millions of consumer records compromised in data breaches are used by hackers in increasingly clever attacks. Your defense systems must be kept in tip-top shape. Here are seven ways to harden your system against hackers...

Beef Up Your Security Defenses

You take your car for preventive maintenance on a regular basis. Engine oil, spark plugs, filters, wipers, and tires are important things that need attention in order to stay safe on the road. But most people don't give a second thought to staying safe online. Here are seven things you should keep in mind to "tune up" your computer against malware, hackers and data thieves. Failure to do so is like rolling the dice, and hoping to beat a set of odds that are stacked against you.

1: Update all of your software, from end-user applications to the operating system. Automatic software updates are the easiest, most consistent way to go. Make sure automatic updates in Windows Update are turned on, and in every application software package you have that offers automatic updates. Then install a “universal” software updater, such as Patch My PC. It catalogs all software on your system, and finds your stuff in its database of several thousand develper sites that it monitors for new updates. When a new update that you need appears, it downloads and installs it automatically. See my article Keep Your Software Updated, Or Else! for links to Patch My PC and other related tools that will help you safely install and update your software.

2: Activate two-factor authentication (2FA) everywhere you can, on your devices and on all sites that offer 2FA. It may seem to add another layer of complexity that slows you down, but the opposite is true. My article [SECURITY] Your Password Is Not Enough describes how to use 2FA.

Security Checkup

Here is a riddle whose answer will seem heretical: When is it safe to use “password” as a password? No, I have not lost my mind or been paid a bribe by the hacker community. The answer is, when you have two-factor authentication (2FA) enabled! Even if a hacker guesses your password on the first try, they can’t get into your account without the second authentication factor - a code sent only to your phone number, or a USB key in your pocket, or your fingerprint, or a scan of your retina, or whatever. Google and Facebook call 2FA “login approval,” while Twitter and Microsoft call it “login verification.” Your bank may call it something else. Inquire about 2FA and use it wherever you can.

You might wonder if it's safe to use the same, simple password on all sites where you have 2FA enabled, because the second authentication factor will be unavailable to a hacker. I'd advise against doing that; consider what might happen if you lost your phone.

3: Use Strong Passwords

For other things that need passwords but don’t offer 2FA, use a password generator/manager such as RoboForm, LastPass, or Dashlane. A password manager not only generates strong passwords for you, it stores them in an encrypted database, and enters them automatically for you on website login pages. All you need to remember is your master password. Dashlane can even update passwords regularly.

Password managers can help avoid weak, easily guessed passwords, and take the pain out of creating and remembering unique passwords for every online service you use.

Shutting Down Other Attack Vectors

4: Encrypt your storage devices so that even if your laptop or phone is stolen, its data cannot be read without the encryption key. Windows 7, 8.1, and 10 include Bitlocker encryption. VeraCrypt is the free, open-source successor to the popular but now defunct TrueCrypt. Android and iOS have encryption enabled by default.

Just remember that if you don't have a screen-lock pin or password, all the encryption in the world won't help you when your computer or mobile device is lost or stolen.

5: Reduce the “surface area” that exposes you to potential attacks on your privacy and security. Start by uninstalling of programs and apps that you really don’t need or use. Most software has at least one vulnerability; why leave openings for hackers lying around? Windows 10 offers finer control of app permissions. Type “privacy” in the Search box and open Privacy Settings from the results. The General tab lets you toggle broad categories of app permissions. On mobile, be careful to check the permissions that apps want (or already have). If you have the Android 6.0 or later operating system, you can open Settings > Apps, tap an app’s name, then tap App permissions. From there, you can toggle individual permissions on or off.

Don’t neglect all the apps that you have given permission to access your Facebook, Google, Twitter, or other “identity” accounts. Go through the “app permissions” sections on each of your social media accounts and disallow apps you no longer use. Make use of the privacy and security checkup tools provided by Microsoft and Google, which I described in Tweak Your Microsoft and Google Privacy Settings.

6: Defend against ransomware.

Over 200 million ransomware infections were detected last year, costing consumers and businesses billions in losses. Clicking on malicious links is still the primary vector for ransomware attacks. My best advice is to make regular backups and be very careful where you click. The old advice of "Never click links or open attachments in emails from someone you don’t know" is no longer good enough. Remember that malicious links can be unwittingly sent by family, friends, colleagues, or forged to look like it came from someone you know. Malicious emails that mimic the look of your bank, eBay, Paypal, the police, the IRS, UPS or other companies familiar to you are designed to catch you with your guard down, and trick you into clicking right into the ransomware trap.

My article Ransomware: Are You at Risk? has some additional info and links for both prevention and recovery.

7: Upgrade your security software. I ditched Avast Antivirus and started using PC Matic's SuperShield back in 2018. As I described in my PC Matic review, SuperShield uses a whitelist approach that allows only known-good programs to run on your computer. This is in contrast to other security tools that rely on blacklists of known malware. Did I mention that 350,000 new malware samples are discovered daily?? It's nearly impossible for traditional anti-malware tools that rely on blacklists to protect you from all existing and emerging threats. So far, PC Matic has caught several things that slipped past Avast.

Do you have any tips to share that are related to staying safe online and protecting you privacy? Post your comment or question below...

 
Ask Your Computer or Internet Question

 
  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 2 Jun 2020


For Fun: Buy Bob a Snickers.

Prev Article:
SEVEN Reasons Your Computer Might Crash

The Top Twenty
Next Article:
Geekly Update - 03 June 2020

Most recent comments on "Your SEVEN Point Tuneup For Hacker Defenses"

Posted by:

clyde
02 Jun 2020

as before I use PCMATIC and have not worried for years is the best in the business


Posted by:

Renaud Olgiati
02 Jun 2020

Another layer of protection, if you have an old PC lying around unused, is to install on it one of the free dedicated Linux firewall distributions (I still use IPCop, but am about to upgrade to IPFire as IPCop is no longer supported) and install it between your cable modem and your LAN of WLAN.
You will have to disable your cable modem WiFi, and add a WiFi hub, but it is worth it to make your LAN invisible from the outside world.
Once the distro is installed, the firewall works happily without monitor, keyboard or mouse, and controlled by a web interface.

https://en.wikipedia.org/wiki/List_of_router_and_firewall_distributions


Posted by:

Bob K
02 Jun 2020

I have used Malwarebytes Pro for years and it does the job. No worries here.


Posted by:

Stephe
03 Jun 2020

Ah Bob, RoboForm, LastPass, and Dashlane get your mention again, but why not add KeePass to that list? Free, secure and opensource — for many of us, the best option. I prefer to have all my passwords held locally, and have never had any problems. With passwords like @b#yx^.+!#1+9LPHJlKAJ?Aq9,p\0+dS (this is not one of mine, just a freshly generated example) unique to each account 2FA is unnecessary — there are lower-hanging fruit out there, and neither dictionary nor brute force attacks would prevail in sensible time-frames...


Posted by:

David Lagesse
03 Jun 2020

Several times I have gotten "Ransomware attacks" with the computer locking up and ominous warnings NOT to shut down.
I had to hold the start button for several seconds to shutdown.
Restarted and got it back, so I shutdown again and no more problems when I restarted the second time.
Then I cleared my cashe and did other cleaning and maintenance tasks, then ran my virus scan programs. They found NOTHING!


Posted by:

Brian B
03 Jun 2020

If you use a password manager, a white list, and a regular backup of a full disc image, you will be pretty well bullet proof.


Posted by:

Richard
03 Jun 2020

Another simple thing to do is to preview emails in plain text and ideally just read them like that. Normally this lets you see what the URL's are really. (I had a one that pretended to be UPS but the URLs for images came from some image site).

The downside is that not all emails are readable in plaintext. Better sites add plain text equivalent to HTML.


Posted by:

Steve Bohne
03 Jun 2020

I used to use a PW manager...until the MFs went out of business with NO NOTICE! Hundreds of PW up in smoke. I'm a little hinky to use one again.


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.


Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy     RSS/XML


Article information: AskBobRankin -- Your SEVEN Point Tuneup For Hacker Defenses (Posted: 2 Jun 2020)
Source: https://askbobrankin.com/your_seven_point_tuneup_for_hacker_defenses.html
Copyright © 2005 - Bob Rankin - All Rights Reserved