In recent threats of cyber attacks and internet frauds, it is important that we protect ourselves, identity and our data from attackers. There have been several attacks of recent as a result of the theft of NSA software, Eternalblue which enable access to different computer systems around the world.
A group of hackers called the shadow brokers recently got their hands on NSA secret cyber weapon and unleashed it to the open source community for free access to all who are interested. This software has made it easier for hackers to gain access to remote networks and computer systems. This is seen in a recent attacks by a ransomware called "Wannacrypt", encrypting affected system's data and asking for a price for it to be decrypted and set free. Just like kidnappers asking for a price to free it's victim(s). Below are some ways you can protect yourselves from these modern attacks because whether you like it or not more are coming and some already deployed.
- Use Antivirus: using an effect antivirus can save you alot of troubles from cyber attacks and cyber crimes. Antivirus helps your computer system fight against viruses and malware and protect your online presence from phishing, Trojans and other form of attacks. There are free antivirus software available; Avast, Malwarebytes, 360 Total security, avg, eset etc.
- Use Multifactor Authentication: A Multifactor uses two or more processes for logon. A two factor method might use biometrics and smart cards for logon( Emmett Dulaney and Chuck Easttom Comptia Network security study guide). This method is advisable to be used in your organization or small businesses.
- Many Internet of Things devices face infection from the Mirai and Hajime botnet worms. To avoid infection, see if you can change the default administrative passwords on your IoT devices; if not, then put them behind a firewall or a network security appliance such as the Bitdefender Box. So protect your smart devices with this method for security purposes (Tom's guide).
- Email server restrictions: Configure your email server to allow or restrict some file types from entering your network. File types like .doc, .pdf, .xls, .ppt, etc can be allowed since they are Normal data format used in various organizations today. But file types like .exe, .llb, .apk, .dll etc. Should be blocked from the emaik server and users should be trained on this comon file types handling.
- Money transfer should be done on sites with https for secured transactions. Avoid sites without https at the url during online purchase or banking.
Also it's advisable for system administrators to provide training to staffs on some of these measures to avoid cyber attacks or theft.
No comments:
Post a Comment