Security

Password Security

 

Password  security is something everyone needs, but keeping your password secure takes dedication. One main point is not to tell it to anyone, some of the others are:

  • Don’t write it down.
  • Make it difficult, use caps, numbers and symbols.
  • Ensure it is long.
  • Don’t use anything personal.

How do you go about doing these things? Well here are some ideas on how you can keep your information safe and secure.

 

A password needs to use two different aims, to be effective they are:

  1. Memorable enough without writing it down.
  2. Be long and unique.

 

There are some easy ways to have a special password created and saved securely for you. This security feature is called a password manager. You only need to have an individual password to remember. Then all other passwords will be at your finger tips.

There are three types of password managers available, that I know of they are:

  1. LastPass.
  2. 1 Password.
  3. KeePass.

 

There are a few requirements needed, before picking a password manager to use.

  1. The software is available for your computer.
  2. Can it be used on one machine or more.
  3. Can it match passwords between multiple machines.
  4. Has it got a good reputation.
  5. Will it lock itself after a period of inactivity.

 

Make sure you use a password manager with a good reputation by using a reputable independent organisation.

 

 

 

Malware

 

Malware is a harmful software and is a shared name. It is designed to disrupt or damage data, software or hardware. There are five different types of malware around, they are:

  • Viruses.
  • Worms.
  • Trojans.
  • Adware.
  • Spyware.

 

Malware enters a computer by using human and technical security factors. A malware creator can send you a link via an email or on Social media. When you open the email or click on the link this will activate the malware software. Which in turn will exploit your computer Security system. It also may be attached to illegal/pirate copies of software, so always buy software from reputable companies to protect your data.

Here are the following different types of malware, and how they can affect your computer.

 

Viruses

A computer virus is a harmful code, it is written to change the way a computer operates. The virus attaching copies of itself onto legal app, data or crucial parts of a hard disk. They are self replicating programs and rely on memory cards or internet connections to establish itself. A virus will lay sleeping until the computer user starts running the program it is attached to. Viruses are designed to corrupt data, attack an operating system and exploit a back door for attackers.

 

Worm

Worms create identical copies of it’s program, but unlike viruses they are a standalone application. The worm spreads itself through network connections looking for any uninfected machines to attack. Once these machines are found the worm takes over their resources. It does this to copy itself and pass on copies of itself across the rest of the network.

The machines are attacked in four stages:

  1. The worm looks for unsecured machines to copy itself to.
  2. Performs tasks on these machines looking for an opening, this is so it can get the machine to execute random commands.
  3. Downloads and saves itself onto the machine. Known as the ‘persist’ stage.
  4. Then multiply’s itself by looking for new machines to attack.

 

Trojans

Trojans or a Trojan horse disguises itself as a legal program, but behind the scenes is where it does the damage. It does several things to a computer.

  • Sometimes it allows an attacker access to your machine.
  • Taking control and accessing personal information.
  • Deleting information.
  • Using email software to then attack other computers.¬†

If an attacker can get a hold of several thousand computers/devices it is called a bot. They can get the bot to attack one source, at the same time causing a DDOS attack.

Adware

Adware forces users to watch adverts by attaching them onto video or websites.

Spyware

Spyware access your computer and attempts to access personal information and passwords.

 

Phishing

 

Phishing is used to steal valuable information, this is done by pretending to be a trustworthy party. It lures people to disclose confidential information. It can be the easiest way for hackers to bypass any security features.

The attacker sends an official looking email, asking the reader to get in touch with the company (usually a bank or credit card company). The reader then obviously worried, would then click on a link within the message or rings the phone the number. This causes a process to start of the victim disclosing more information, making it easier for the attacker to stealing more personal information. They could steal money or the victims identity.

Please note if you do get an unknown email, even if it looks official don’t click on anything within that email. Contact the company customer services, log onto their website or use their published phone no. Organisations have a policy of not asking for sensitive data, even over the phone you must be wary if this happens.

Attackers may also use social media to target people, they do this by including links in messages. This mainly happens after a major disaster or fast breaking news where people want to know more quickly.

Phishing is also known as spam and is unsuitable or illegal content sent to individuals.

 

Spam

Most internet email is moved using the Simple Mail Transfer Protocol (SMTP), it defines a standard template of commands and formatting allowing a large range of computers to understand each other.

Spamming is an attack on the mail system. An attacker changes the information in the email ‘envelops’ which holds the messages. This is known a spoofing and allows the spammer to hide behind legitimate address’s. As the SMTP servers don’t perform authentication, it simple passes on the email without checking who it is sent from.