I have been working in a Systems Administrator role for over 10 years and I am asked constantly by home users and peers at work on how to secure infrastructure and how to monitor effectively. One of the biggest issues with securing infrastructure is to identify potential attack vectors and to run risk analysis scenarios. Unfortunately this also means understanding who is trying to attack you or your business and whats in it for them.
I would like to start of with securing your personal infrastructure, and later show how this ties in with securing your business. The biggest reason for personal attack is identity theft. Let's face it, money is the biggest motivation for this industry. Building a bot-net or zombie network is another reason why evil doers want to have control over your system(s). They want your compute power and they need your bandwidth to launch DDOS attacks against services. The world we live in, these types of attacks are orchestrated by two distinct groups:
- Identity Theft ==> Organized crime syndicates , family and friends
- Bot net ==> Spammers, Hacktivists, Script kiddies and organized crime syndicates
Now that we have identified the two most common type of personal attacks, let's see what we can do to secure ourselves. I should point out a couple of things before we get to the nitty gritty of things:
- Paranoia is good. The consensus among people like us is to keep an open mind but question everything.
- If you make it difficult for attackers, they will quickly move along to the next unsuspecting victim.
Now that I got this off my chest, let's see what we can do in our personal lives to stay secure. I titled this article "TOP 5" so I will highlight the top five tips for personal security:
- Do not use the same password everywhere. Use different passwords for every service you use online, your home WiFi, your email, your password to log in to your computer, etc. Do not use simple passwords, passwords less than 8 character, or dictionary words. Instead use complex 9+ character passwords with numbers, upper, lower case characters, and special characters like ,[email protected]# etc. Try to use 2 factor authentication for services that offer it (Google, Facebook, Microsoft, Twitter, and many more). If you are thinking this is insane and how can I memorize such passwords you are thinking along the right path. Passwords that are easy to remember are easy to hack. Instead, use an application like Keepass or Password Safe to track your passwords. Keepass works on Windows, Linux, Mac OS and smartphones, and I use it for storing my passwords.
- Do not use pirated software. The issue with pirated software is that almost 99.9999% of the time the software is tampered with to allow you to use it by bypassing the activation / security in place to prevent unauthorized usage. What you almost never know is what is actually changed. We notice that application downloaded from shady websites may include malware that installs along with the software giving the attacker persistent access to your system. We have noticed this trend in the industry over and over again. Root kits embedded with applications downloaded from torrents. Here is a link for such an attack from 2011 ago to show that this is not a new trend. Another issue with cracked software is that it cannot be updated, leaving you stuck with an old, vulnerable version, and waiting to tempt fate.
- Regularly update your system and run a good antivirus software. Enterprises patch vulnerabilities in their system. This is a cyclical process, and patches are created as vulnerabilities are discovered. The problem with running old software is that there is a very good chance that your system has a vulnerability and that there is an active exploit out there that is being used by evil-doers to gain access. If you like to wait before patching, prioritizing what to patch is a good idea too. Web browsers, plugins (flash, java. acrobat reader) are usually the most attacked software. If you like visiting questionable sites, or get emails from unknown people with attachments, use a sandboxed environment for your day to day stuff. Sandboxie is a great application that does this. If you use a professional antivirus solution, like Avast, it comes with this option built in. Also, please keep your firewall turned on. Firewalls were designed for a good reason, and they act as the first line of defense against online threats.
- Backup your systems regularly. We are starting to see an increasing growth of "Ransom Ware". This is a new type of malware that holds your personal data hostage, and unless you pay, they won't provide you with the keys to decrypt your data. If you have regular backups, then you can easily restore the data from the backup. Both Windows and Mac OS have great backup solutions that are baked into the operating system for free. This way, if you have hardware damage and/or malware destroys your files, you can get your data back without breaking a sweat or your bank account. If you prefer to get a 3rd party solution for backup, there are professional solutions from companies like Acronis that can provide reliable solutions.
- If you've implemented points 1-4, you are already doing a good job of staying secure just Don't get social engineered and give up your data to strangers. This is one of the most important issues with security: the human factor. Be careful of what you post on social media, and be careful of what information you give out to people. If you tell everyone that your first pet's name was "fluffy" and your security question to your favorite mail service is what is your first pet's name? then it does not matter how secure your password is, it will be easy to reset it and take over your email service. This also means, if this email was used to signup for other services, those services are then getting owned by the attacker. I will leave this tip up for your imagination but this is why paranoia is a good friend. Question everything and be very careful about the information you give out freely. I want to add, avoid using open WiFi, or at least use a VPN connection when surfing from an open WiFi hotspot.
Please let me know what you think in the comments below. If you disagree, I would love to see some feedback and constructive criticism as I prepare for the TOP 5: Enterprise Security Tips.