Cyber Security & Online Privacy

AVLP is Industry Leader in Computer Security, Cyber Security, and Online Privacy

The Internet has transformed our lives in many good ways. Unfortunately, this vast network and its associated technologies also have brought in their wake, the increasing number of security threats. The most effective way to protect yourself from these threats and attacks is to be aware of standard cybersecurity practices. Below is an introduction to computer security and its key concepts.

What is computer security?

Computer security is the protection of computer systems and information from harm, theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of your computer system.

There are various types of computer security which is widely used to protect the valuable information of an organization.

Types of Computer Security:


One way to ascertain the similarities and differences in Computer Security is by asking what is being secured. For example,

  • Information security is securing information from unauthorized access, modification & deletion

  • Application Security is securing an application by building security features to prevent Cyber Threats such as SQL injection, DoS attacks, data breaches and etc.

  • Computer Security means securing a standalone machine by keeping it updated and patched

  • Network Security is by securing both the software and hardware technologies

  • Cybersecurity is defined as protecting computer systems, which communicate over the computer networks

It’s important to understand the distinction between these words, though there isn’t necessarily a clear consensus on the meanings and the degree to which they overlap or are interchangeable.

Computer security can be defined as controls that are put in place to provide confidentiality, integrity, and availability for all components of computer systems. Let’s elaborate on the definition.


Components of computer system

The components of a computer system that needs to be protected are:

  • Hardware, the physical part of the computer, like the system memory and disk drive

  • Firmware, permanent software that is etched into a hardware device’s nonvolatile memory and is mostly invisible to the user

Software, the programming that offers services, like operating systems, word processors, and internet browsers to the user


Computer security threats

Computer security threats are possible dangers that can possibly hamper the normal functioning of your computer. In the present age, cyber threats are constantly increasing as the world is going digital. The most harmful types of computer security are:

Viruses

A computer virus is a malicious program which is loaded into the user’s computer without user’s knowledge. It replicates itself and infects the files and programs on the user’s PC. The ultimate goal of a virus is to ensure that the victim’s computer will never be able to operate properly or even at all.

Computer Worm

A computer worm is a software program that can copy itself from one computer to another, without human interaction. The potential risk here is that it will use up your computer hard disk space because a worm can replicate in greate volume and with great speed.

Man in the Middle

A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-party transaction. After interrupting the traffic, they can filter and steal data, according to Cisco. MITM attacks often occur when a visitor uses an unsecured public Wi-Fi network. Attackers insert themselves between the visitor and the network, and then use malware to install software and use data maliciously.

Phishing

Disguising as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information through fraudulent email or instant messages. Phishing in unfortunately very easy to execute. You are deluded into thinking it’s the legitimate mail and you may enter your personal information.

Botnet

A botnet is a group of computers connected to the internet, that have been compromised by a hacker using a computer virus. An individual computer is called ‘zombie computer’. The result of this threat is the victim’s computer, which is the bot will be used for malicious activities and for a larger scale attack like DDoS.

Rootkit

A rootkit is a computer program designed to provide continued privileged access to a computer while actively hiding its presence. Once a rootkit has been installed, the controller of the rootkit will be able to remotely execute files and change system configurations on the host machine.

Scam Calls

This is often done by people from India and other South Eastern Asia region. They call you from a "spoofed" local number or from reputable company numbers (Amazon, Apple, Google, TV Provider, or Tech Support etc.). They pretend to be representative of the company and try to get you to divulge personal information that they then use to steal your identity. Sometimes they will ask you to download software on your PC or Mac giving them access to your computer, personal data, bank information and more. Beware of these scam calls! No reputable company person will ask for your social security of other personal info. If you are unsure, hang-up and call AVLP 307-223-2230.

Password Attacks

With the right password, a cyber attacker has access to a wealth of information. Social engineering is a type of password attack that Data Insider defines as “a strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices.” Other types of password attacks include accessing a password database or outright guessing.

Keylogger

Also known as a keystroke logger, keyloggers can track the real-time activity of a user on his computer. It keeps a record of all the keystrokes made by user keyboard. Keylogger is also a very powerful threat to steal people’s login credential such as username and password.

These are perhaps the most common security threats that you’ll come across. Apart from these, there are others like spyware, wabbits, scareware, bluesnarfing, Potentially unwanted application or applications (PUAs), and many more. Fortunately, there are ways to protect yourself against these attacks.


Why is Computer Security Important?

In this digital era, we all want to keep our computers and our personal information secure and hence computer security is important to keep our personal information protected. It is also important to maintain our computer security and its overall health by preventing viruses and malware which would impact the system performance.


Computer Security Practices

Computer security threats are becoming relentlessly inventive these days. There is much need for one to arm oneself with information and resources to safeguard against these complex and growing computer security threats and stay safe online. Some preventive steps you can take include:

  • Secure your computer physically by:

    • Installing reliable, reputable security and anti-virus software - AVLP Recommends Windows Defender for Home and Small Business users

    • Activating your firewall, because a firewall acts as a security guard between the internet and your local area network

  • Stay up-to-date on the latest software and news surrounding your devices and perform software updates as soon as they become available

  • Avoid clicking on email attachments unless you know the source

  • Change passwords regularly, using a unique combination of numbers, letters and case types

  • Use the internet with caution and ignore pop-ups, drive-by downloads while surfing

  • Taking the time to research the basic aspects of computer security and educate yourself on evolving cyber-threats

  • Perform daily full system scans and create a periodic system backup schedule to ensure your data is retrievable should something happen to your computer.

Apart from these, there are many ways you can protect your computer system. Aspects such as encryption and computer cleaners can assist in protecting your computers and its files.

Unfortunately, the number of cyber threats are increasing at a rapid pace and more sophisticated attacks are emerging. So, having a good foundation in cybersecurity concepts will allow you to protect your computer against ever-evolving cyber threats.

What is Cybersecurity?


Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access.

The term cybersecurity refers to techniques and practices designed to protect digital data. The data that is stored, transmitted or used on an information system. After all, that is what criminal wants, data. The network, servers, computers are just mechanisms to get to the data. Effective cybersecurity reduces the risk of cyber-attacks and protects organizations and individuals from the unauthorized exploitation of systems, networks, and technologies.

Robust cybersecurity implementation is roughly based around three key terms: people, processes, and technology. This three-pronged approach helps organizations defend themselves from both highly organized attacks and common internal threats, such as accidental breaches and human error.

The attacks evolve every day as attackers become more inventive, it is critical to properly define cybersecurity and understand cybersecurity fundamentals.

Why is cybersecurity important?

Listed below are the reasons why cybersecurity is so important in what’s become a predominantly digital world:

  • With each passing year, the sheer volume of threats is increasing rapidly. According to the reports, cybercrime now stands at over $400 billion, while it was $250 billion two years ago.

  • Cyber attacks can be extremely expensive for businesses to endure. In addition to financial damage suffered by the business, a data breach can also inflict untold reputational damage.

  • Cyber-attacks these days are becoming progressively destructive. Cybercriminals are using more sophisticated ways to initiate cyber attacks.

  • Regulations such as GDPR (European Union) are forcing organizations into taking better care of the personal data they hold.

Because of the above reasons, cybersecurity has become an important part of the business and the focus now is on developing appropriate response plans that minimize the damage in the event of a cyber attack. But, an organization or an individual can develop a proper response plan only when he has a good grip on cybersecurity fundamentals.

Now that we know what cybersecurity is and why it is important. Let’s take a look at the fundamental objectives of cybersecurity.

Cybersecurity Fundamentals – Confidentiality

Confidentiality is about preventing the disclosure of data to unauthorized parties. It also means trying to keep the identity of authorized parties involved in sharing and holding data private and anonymous. Often confidentiality is compromised by cracking poorly encrypted data, Man-in-the-middle(MITM) attacks, and disclosing sensitive data.

Standard measures to establish confidentiality include:

  • Data encryption

  • Two-factor authentication

  • Biometric verification

  • Security tokens


Integrity

Integrity refers to protecting information from being modified by unauthorized parties. It is a requirement that information and programs are changed only in a specified and authorized manner. Challenges that could endanger integrity include turning a machine into a “zombie computer”, embedding malware into web pages.

Standard measures to guarantee integrity include:

  • Cryptographic checksums

  • Using file permissions

  • Uninterrupted power supplies

  • Data backups


Availability

Availability is making sure that authorized parties are able to access the information when needed. Data only has value if the right people can access it at the right time. Information unavailability can occur due to security incidents such as DDoS attacks, hardware failures, programming errors, and human errors.

Standard measures to guarantee availability include:

  • Backing up data to external drives

  • Implementing firewalls

  • Having backup power supplies

  • Data redundancy

AVLP offers Complete, Round the Clock OT Security Solutions

What is Operational Technology (OT) Cybersecurity?

Operational technology (OT) cybersecurity references the software, hardware, practices, personnel, and services deployed to protect operational technology infrastructure, people, and data.

12 Simple Things You Can Do to Be More Secure Online

1. Make Sure You have a Functioning Antivirus and Keep It Updated - for most people it will be Windows Defender

We call this type of software antivirus, but fending off actual computer viruses is just one small part of what they do. There is an emerging threat in recent years called ransomware. Ransomware, as the name suggests, holds your data hostage as it encrypts your files and demands payment to restore them. Trojan horse programs seem like valid programs, but behind the scenes, they steal your private information. Bots turn your computer into a soldier in a zombie army, ready to engage in a denial-of-service attack, spew spam, or whatever the bot herder commands. An effective antivirus protects against these and many other kinds of malware.

Windows Defender has ransomware protection built into it, but it is not turned on out-of-the box, confusing - we know!

PC manufacturers and sale stores may not tell you that Windows has antivirus built into it! Not only is Microsoft Defender baked into the operating system, it automatically takes over protection when it detects no other antivirus, and just as automatically steps aside when you install third-party protection. The thing is, this built-in antivirus is not set up out of the box with the best protection settings leaving you vulnerable. You may think you need a third-party antivirus and may be told that the best free ones are way better than Microsoft Defender. But in reality unless you work are in a corporate or enterprise settings, all you need is optimize your system for privacy and security. AVLP Complete PC Suite takes care of that for you!

2. Explore the pre-installed software and Security Tools that came with the PC or what You Install

Many excellent apps and settings help protect your devices and your identity, but they're only valuable if you know how to use them properly. To get the maximum protective power from these tools, you must understand their features and settings. A lot of the time your PC (or Mac if not bought directly from Apple) is bundles with Potentially Unwanted Applications (PUAs), some times masquerading as "security" or "protection" software or "safe search tool"! They are actually harmful to your computer and most of the time are the cause of the issues you are experiencing with your PC.

Some bloatware are installed deliberately by sellers of the PC to make you into paying for unnecessary fees and subscription down the road. Don't be a victim of this rampant extorsion - AVLP can help! We offer services to optimize your PC by removing the crapware that manufacturers and big box retails often install in your PC. After our service, you will have a pleasant surprise to see the know fast and responsive your PC is and often times better in performance than the day you purchased new!

3. Use Unique Passwords for Every Login

One of the easiest ways hackers steal information is by getting a batch of username and password combinations from one source and trying those same combinations elsewhere. For example, let's say hackers got your username and password by hacking an email provider. They might try to log into banking sites or major online stores using the same username and password combination. The single best way to prevent one data breach from having a domino effect is to use a strong, unique password for every single online account you have. I know it can be tedious to create and remember unique credentials for each login, we suggest writing them down in a mini notebook and keep it in a safe place.

4. A word about VPN and its Use cases

Any time you connect to the Internet using a public Wi-Fi network that you don't own, you should use a virtual private network or VPN. Say you go to a coffee shop and connect to a free Wi-Fi network. You don't know anything about the security of that connection. It's possible that someone else on that network, without you knowing, could start looking through or stealing the files and data sent from your laptop or mobile device. The hotspot owner might be a crook, sniffing out secrets from all Wi-Fi connections. A VPN encrypts your internet traffic, routing it through a server owned by the VPN company. That means nobody, not even the owner of the free Wi-Fi network, can snoop on your data.

But if it's your home, office or known wifi and you are not trying to access sites that are unavailable in your region VPN can actually slow down your internet without any significant benefits! We recommend a browser level adblock and security and privacy extension instead. Call us to find out more!

5. Use Multi-factor Authentication

Multi-factor authentication can be a pain, but it absolutely makes your accounts more secure. Multi-factor authentication means you need to pass another layer of authentication, not just a username and password, to get into your accounts. If the data or personal information in an account is sensitive or valuable, and the account offers multi-factor authentication, you should enable it. Gmail, Evernote, and Dropbox are a few examples of online services that offer multi-factor authentication.

Multi-factor authentication verifies your identity using at least two different forms of authentication: something you are, something you have, or something you know. Something you know is the password, naturally. Something you are could mean authentication using a fingerprint, or facial recognition. Something you have could be your mobile phone. You might be asked to enter a code sent via text or tap a confirmation button on a mobile app. Something you have could also be a physical Security Key; Google and Microsoft have announced a push toward this kind of authentication.

If you just use a password for authentication, anyone who learns that password owns your account. With multi-factor authentication enabled, the password alone is useless. Most password managers support multi-factor, though some only require it when they detect a connection from a new device. Enabling Multi-factor authentication for your password manager is a must.

6. Use Passcodes Even When They Are Optional

Apply a passcode lock wherever available, even if it's optional. Think of all the personal data and connections on your smartphone. Going without a passcode lock is unthinkable.

Many smartphones offer a four-digit PIN by default. Don't settle for that. Use biometric authentication when available, and set a strong passcode, not a stupid four-digit PIN. Remember, even when you use Touch ID or equivalent, you can still authenticate with the passcode, so it needs to be strong.

Modern iOS devices offer a six-digit option; ignore it. Go to Settings > Touch ID & Passcode and select Change Passcode (or Add Passcode if you don't have one). Enter your old passcode, if needed. On the screen to enter the new code, choose Custom Alphanumeric Code. Enter a strong password, then record it as a secure note in your password manager.

Different Android devices offer different paths to setting a strong passcode. Find the Screen Lock settings on your device, enter your old PIN, and choose Password (if available). As with the iOS device, add a strong password and record it as a secure note.

7. Pay With Your Smartphone

Setting up your smartphone as a payment device is typically a simple process. It usually starts with snapping a picture of the credit card that you'll use to back your app-based payments. And setup pretty much ends there; you're ready.

Point-of-sale terminals that support smartphone-based payment usually indicate the fact with an icon, from a picture of a hand holding a smartphone to a stylized representation of a radio wave. Just place your device on the terminal, authenticate with a thumbprint, and you've paid up.

How is that better than using the credit card itself? The app generates a one-use authentication code, good for the current transaction only. Even if someone filched that code, it wouldn't do them any good. And paying with a smartphone app eliminates the possibility of data theft by a credit card skimmer.

8. Use Different Email Addresses for Different Kinds of Accounts

People who are both highly organized and methodical about their security often use different email addresses for different purposes, to keep the online identities associated with them separate. If a phishing email claiming to be from your bank comes to the account you use only for social media, you know it's fake.

Consider maintaining one "burner" email address dedicated to signing up for apps that you want to try, but which might have questionable security, or which might spam you with promotional messages. After you've vetted a service or app, sign up using one of your permanent email accounts. If the dedicated account starts to get lots of spam, contact us, or close it and create a new one.

9. Get your browser security checked by an expert - AVLP can help! 307 223 2230

10. Sometimes a simple security setup together with a good browsing protection and privacy extension is all you need. - don't get fooled into paying a lot for them - We can help!


11. Don't Fall Prey to Click Bait or Phishing Scams

Part of securing your online life is being smart about what you click. Clickbait doesn't just refer to cat compilation videos and catchy headlines. It can also comprise links in email, messaging apps, and Facebook. Phishing links masquerade as secure websites, hoping to trick you into giving them your credentials. Drive-by download pages can cause malware to automatically download and infect your device.

Don't click links in emails or text messages, unless they come from a source you trust. Even then, be cautious; your trusted source might have been compromised, or the message might be fake. The same goes for links on social media sites, even in posts that seem to be from your friends. If a post seems unlike the style of your social media buddy, it could be a hack.

12. Protect Your Social Media Privacy

There’s a common saying: if you’re not paying for a service, you’re not a customer; you’re the product. Social media sites make it easy for you to share your thoughts and pictures with friends, but it’s easy to wind up sharing too much.

You can download your Facebook data to see just what the social media giant knows about you. It may be quite an eye-opener, especially if you're the kind of person who routinely clicks on quizzes that require access to your social media account. Really, you don't need to know which Disney princess or dog breed you are.

Beware, too, of hackers posing as your social media friends. A common scam starts with a private message and ends with hackers taking over your account and using it to continue the scam. If you get an odd or unexpected private message from a friend, ask about it using email or some other type of communication. Your friend may have been scammed.

You can drastically reduce the amount of data going to Facebook by disabling the sharing platform entirely. Once you do, your friends can no longer leak your personal data. You can't lose data to apps, because you can't use apps. And you can't use your Facebook credentials to log into other websites (which was always a bad idea).

Of course, other social media sites need attention too. Google probably knows more about you than Facebook, so take steps to manage your Google privacy, too. Make sure you've configured each social media site so that your posts aren't public (well, all except Twitter and other broadcast media services). Think twice before revealing too much in a post, since your friends might share it with others. With care, you can retain your privacy without losing the entertainment and connections of social media.

Have your system been compromised recently?

  • Have you downloaded/installed a virus or unwanted app?

  • PC running slow, freezing, crashing?

  • Somethings not right?

Try Windows Malicious Software Removal Tool you can also download Microsoft Support Emergency Response Tool


Did you like our Article on Privacy and Security ?