Protecting yourself against a large-scale cyber-attack
Spread the word and promote a culture of security among your friends and family.
It seems that every few months, a large company will become victim to a large-scale cyber-attack or a previously unseen virus or malware (such as 2017’s WannaCry ransomware) will sweep across the globe.
The focus of these attacks is often the consumer data that large companies store on their networks, so it is important to know what to do if you think you may have been affected.
Here is our essential action list to quickly protect yourself:
It is important not to let the scale of the situation get to you.
The technical complexity of the attack may seem intimidating, but your only goal is to protect yourself.
There isn’t a magic-bullet solution that can ensure a large-scale cyberattack never affects you, but there are a range of simple steps you can take to shore up your defences. The ideal time to start is right now, regardless of whether you feel threatened or not.
Each of these little steps may seem inconsequential on their own, but collectively they are extremely effective.
The first thing you want to do is make sure you are running the most up-to-date version of your operating system. Here are the links you need:
These companies put a lot of time, energy and resources into making sure that their systems are adapted to the latest threats, but you could be missing out on the benefits of this work if you are not using the newest version.
Your antivirus is your first line of defence, so paying for a good one is always worth it. A reliable antivirus does more than just block malware. There are a couple of important features you should be looking for if you want to stand the best chance in a large-scale attack.
Firstly, router security will act to stop anyone being able to hack into your router – which would give them access to all of the devices connected to it and the data that passes through it. Controlling your router would also allow a hacker to direct a router’s traffic to dangerous places. You want your antivirus to scan your home network and router to check they are holding up properly.
Secondly, behaviour analysis can pick up any malware that is hiding on your computer, waiting for the right chance to spring into action. As malware grows increasingly sophisticated, you are going to need an antivirus that tracks the behaviour of programmes and files on your device over the long-term.
Router and network security
It is hard to understate the importance of taking measures to protect your router.
A common form of cyber-attack is hijacking computers in order to use them as part of involuntary (distributed denial-of-service) DDoS attacks. A DDoS attack involves directing lots of hacked computers (including yours and potentially thousands of others) to simultaneously bombard a website or server with so much traffic that it can no longer operate.
To guard against this you need make sure that your Wireless Network Name (or SSID, which can be found on your router’s settings) has a unique name that you’ve given it.
You also need to change the username, set a strong password, turn on WPA2 encryption and disable any remote access service.
It is crucial that you know and trust all of the devices that are listed as being connected to your network. If you don’t know a device, disconnect it. You can always reconnect it later.
Extending security across devices
It is not just your computer that needs to be protected – any device that uses your network should be considered as well. For most people this will mean smartphones and tablets. Think about how much you use your smart phone. Mobile banking and accessing emails on the go is such a common activity now, but many people don’t act to secure their phone in the same way they would a laptop.
Mobile malware and antivirus protection is now widely available. You may also want to consider a secure password management service for all the various accounts you have (please don’t tell us you use the same password for everything!)
Consider a VPN
Another cyber-attack staple is the ‘man in the middle’ attack.
This involves the hacker placing themselves in between you and your online destination, allowing them to see everything you are doing. So, if you are filling in your online banking details, the man in the middle will be able to see what you type and the information you receive.
This allows them to get sensitive information like passwords and credit card numbers.
A Virtual Private Network (VPN) works by encrypting your online activity and masking your location, all of which makes it very difficult for a hacker to track your activity. This can be especially useful when you are using public Wi-Fi, which is a favourite way for malicious parties to suck up large amounts of people’s personal data. It is also very difficult to tell if a public network has been compromised, but using a VPN means you still have a large degree of protection.
The key to effective protection is having multiple layers of it. This way, even if the first barrier fails to repel an attack there are still more layers working to protect you. As well as your antivirus and VPN, you may want to consider the following:
Anti-phishing software will defend against scams that work by trying to get people to give up their passwords or personal information to a hacker pretending to be a reputable company or organisation – commonly known as ‘phishing’.
A firewall will give you full visibility over what goes in and out of your PC and the ability to exclude particular programmes or organisations from accessing your data. This is a good protective step against having your computer used for DDoS attacks or hackers gaining entry to your personal data.
Domain Name System (DNS) hijacking protection software is designed to stop attacks that redirect you from the page you wanted to visit to a similar looking one designed to infect your device or scam you.
Promoting a culture of security
Once you become aware of the simple steps to protect yourself from large-scale cyberattacks, it can be shocking how little the people around you are doing. Perhaps one of the most important things you can do is spread the word and promote a culture of security among your friends and family.
One of the main reasons these attacks are as successful and widespread as they are is the fact that a lot of people don’t take cybersecurity as seriously as they should.