Staying secure in 2017

Ghost in the Shell is why I flat-out refuse to have any electronics inside me, no matter how cool they might seem. This logo was made by some guy going by the handle motwaaagh

Have you ever seen the old Ghost in the Shell series? It was awesome, you should watch it. More importantly, though, it’s becoming more and more relevant: far too many computers today are vulnerable to malware.

Last week, a multi-continent attack crippled Britain’s National Health Services, among other individuals and groups. How can you ensure your own computers are secure?

spritanium’s rendition of what common sense would look like if we could buy it – via deviantart
Common Sense 2017

The best tool is common sense, up to date software, and a good backups.

Common sense involves staying away from sketchy sites or sites offering freebies – enable safe-search in your search engine.

Keeping all your software, including your operating system, up to date is critical, as most exploits are found at the operating system level or lower.  The wanna-cry ransomware exploited a vulnerability in Microsoft Windows that had been patched in March.

By the way, Bham Now doesn’t rely on ad networks! We run all our ads on our own server, and sell native advertising, so you can be sure that we’re secure. The same goes for most sites hosting their own ads: website owners are unlikely to host malware on their own devices.

QNAP and Synology NAS enclosures side-by-side. I have a QNAP, it’s nice – via theblowblow.com
Redundancy is a good thing

Back up your data! Back it up regularly, to as many alternate locations as you can afford. Backing up your data doesn’t just protect you from malware, it also protects you from the gradual decay of data on any storage medium. I use a 12-terabyte network storage device running in RAID 5, one of the most stable solutions. I don’t use all the storage for backups – I can also stream videos and music using my home server!

Alternative options include services like iCloud or Google Drive, online backup services such as crashplan or backblaze, an Apple AirPort, or just a portable hard drive and good old-fashioned copy/paste. It’s definitely worth noting that any network-connected backup is still vulnerable to intrusion, as celebrities have found out before. You can’t escape entropy, but you can prepare for it!

Antivirus

Backups are great, but not needing them is better. While “zero-day” exploits are uncommon, no software can fully protect against them, and they often target commercial software for maximum reach. People write software, and sometimes people make mistakes.

But most viruses prey on unsecured computers rather than relying on undiscovered exploits, so the best way to protect against those viruses is to secure your computer. You can do this by using antivirus software, whether you use a Mac or a PC – they both get viruses now.

Depending on your computer’s processing power and your own (entirely justified) paranoia, you might want to invest in Symnatec/Norton, Kaspersky, or Webroot, which is the fastest antivirus available (and still provides excellent protection). It’s worth noting that there are some fantastic free antivirus tools available.  Malwarebytes has been a security standard for some time, though you have to pay for automated protection.

Firewalls

Your internet provider probably gave you (or is renting you) a router.  Try visiting your routers admin page (often, 192.168.1.254 or 192.168.1.1) to check if the router has firewall software installed.  If it does, you’re probably fine.  If not, make sure all your devices have their own firewalls!  Windows has a firewall by default.

Email

Email probably serves as the most common malware vector.  Wrongdoers can easily create email that looks like a legitimate message from your bank, credit card company, or web store (phishing).

Best to visit bank, credit card, and store websites individually.  Don’t click links in emails.  Just don’t do it.  If you feel you must, verify the URL in the link before clicking.  You can do this by hovering your mouse over the link.  Phishers typically make a URL that looks very similar to the real URL so you really need to look carefully.

If your browser tells you your connection is insecure or the site has no certification, get out of there.  Banks should always have a little certificate panel next to the URL, similar to this one:

See the green lock? Any website without a lock shouldn’t get your confidential information. Note that it might not be green depending on your web browser.

Malicious hackers, slow-to-update programs, and a NSA which cares more about hording exploits than getting them fixed don’t make keeping your information easy.  But making sure your data really is your data isn’t as hard as it might seem.  Follow these steps and you’ll be better off than most.  And for those who are truly, wonderfully paranoid (or have slow computers): install an alternative operating system like Linux (my laptop runs Antergos Linux)!

Author: James Ozment

I'm a Birmingham native who loves music, cycling, reading, and tech. Find me on the campus of Birmingham-Southern College, in Avondale, or hanging out with my cat