Security Report 2022
Security in 2022
Introduction
You may not have noticed, but we're in the middle of a cyberwar. And the good news is: you can protect yourself by learning more about cyber security. This guide will tell you everything you need to know to stay safe online and protect your data in 2022.
Passwords
When it comes to passwords, the best advice is to change default passwords for devices; e.g. routers, switches, printers etc.
After rigorous testing, MTC Computers likes 1Password the best. No trackers like the rest!
Use a password manager if you can; these programs store your passwords in an encrypted file that only you have access to. The best password managers use NO Trackers. Trackers that can be used by marketing companies to target their ads to you. It seems insane some of the best-known Password Managers have trackers. These include: Dash lane ( 4 trackers), LastPass (2 trackers / 7 trackers in it's Android version), Bitwarden (2), Roboform (1). 1Password has none. I am currently testing 1Password thoroughly and will post a report on it in the near future.
Trackers could be included for a number of reasons. LastPass' trackers include four from Google for analytics and crash reporting. One of LastPass trackers is from a Company called Segment, which gathers data for marketing purposes. A bit shady, especially from a Password manager! This is one reason why we liked 1Password during testing. 1Password does not know your Master Password, nor can you recover it if forgotten or lost. Much like an Authentication App, you need to have your recovery code printed as a physical copy and stored in a safe for security.
One thing that won't be helpful in 2022 is using the same password across multiple websites or apps. A breach at one site could mean hackers have access not just to its information but also yours at other sites with which it shares users' data (such as email addresses). Similarly, don't use any pattern related to personal information—your birthday or pet's name—as this makes it easy for hackers (and even humans) who know more about you than necessary.
Ransomware
Ransomware leverages one of the most powerful tools of the digital age: encryption. Encryption is a technique for scrambling data such that it can only be deciphered by someone who has access to the right key, or set of keys. In the case of ransomware, a hacker will use some sort of exploit (a software bug) to gain access to your computer and encrypt every file on it with a key they control so that you cannot read them.
Ransomware has been around since at least 2005 and is used by hackers looking for easy money via fear and intimidation. Ransomware is still being used today because there are few laws governing what hackers can do with their victims’ data once they have it.
The best defense suite for ransomware is:
Backups foremost. 3210 backup policy: Three copies of data, store the copies on two types of media (external hard drive and cloud), keep one copy of data offsite (in cloud and one x hard drive in safe offsite). Zero errors (tested by enacting recovery).
Up to date software patching (of Windows /MacOS). Unsecure Apps removed (Java, Flash), Other Apps updated (Office, Adobe, Browsers etc.)
Domain and Private networks firewalls activated. Firewall (physical or software on router activated)
Anti-virus patched, activated, real-time and manual scans. All threats thoroughly investigated. Look at next-gen endpoint SaaS solutions instead of just traditional anti-virus. I have tested Crowdstrike with poor results. Hard to get in contact with Australian Support or Sales. Maybe because geared at Enterprise level, not SMB or B2B.
We still recommend traditional anti-virus for PC, MAC, Mobile and servers, namely ESET Anti-Virus. Real time scanning, email plug-ins to check incoming messages and attachments.
Spyware
Spyware is a malicious software program that tracks your activities, such as what websites you visit and what data you enter. It can be used to track your location, steal passwords, and more. Spyware may be installed on your computer or mobile device by:
clicking on a link in an email or text message. Staff be trained on spotting malicious links/attachments.
visiting a website that exploits vulnerabilities in web browsers like Internet Explorer or Firefox
downloading an app from an untrustworthy source (like an app store).
Phishing
Phishing is a form of identity theft that occurs when someone tries to trick you into giving them your personal information. A phishing email might claim to be from your bank, PayPal, or even the IRS. It may look like it's coming from a legitimate source and include links to fake websites that appear real.
If you get an email claiming to be from a company and asking you for sensitive information—like bank account numbers, passwords, or Social Security numbers—don't click on any links in the email or send any money. Instead:
Save the message as an attachment if possible (this can help with reporting).
Look at the sender address (including spelling and capitalization), phone number listed on their website, URL of their site (does it match up with what they told you?), etc., then contact them directly by phone or email if needed.
As the From Address can still be fake, that is if you get an email for a large invoice from a known sender the From email address can be faked. For example, your Accounts may receive an email with invoice attached from a known supplier. Their email From: is familiar enough, same domain name, but if you look closer, the From: Part is in plain text and if you expand that field, you can see the actual email address it is sent from is different; weird.name@gmail.com
Normally the Accounts should notice or get an alert that the bank account number is different from normal.
The last phishing attacks I have heard from in reality were not from my clients, but from someone that asked for my help. They were using an outdated email account, @hotmail.com. In 2022, there really is only two email providers, O365 and G-Suite.
As well as using O365 or G-Suite, you need the proper DNS records setup for your businesses domain. SPF, DKIM, and DMARC records must be provided by your email host and then added to your domain name records. DMARC is a protocol is a protocol that tells recipients that the email is legitimate, and how to handle the email. DKIM tells the recipient whether the person sending a message has access to the originating domain and the private key stored therein. SPF tells recipients whether or not the mail server sending a message is authorized to send on behalf of the originating domain.
VPNs
A Virtual Private Network (VPN) is a network of computers that uses cryptography to secure the connection, allowing users to access the internet without being tracked. A VPN can be used to protect your privacy, secure your data and access blocked websites. This means you can use a VPN to access geo-restricted content such as Netflix US or BBC iPlayer from anywhere in the world.
VPNs are also very useful for accessing public Wi-Fi safely. If you're connecting to public Wi-Fi at a coffee shop or airport, for example, it's important that you use a VPN so that hackers cannot intercept your sensitive data, such as credit card numbers or passwords (unless they're very clever).
Endpoint protection
Endpoint protection is software that protects your computer from viruses, spyware, and other threats. It blocks malicious websites, emails and files. Endpoint protection software is a must for any business because it helps keep your computer and data safe from hackers. However this type of software does not replace antivirus software and should only be used in addition to antivirus programs (we recommend ESET Anti-virus).
Firewalls
Firewalls are designed to protect your computer from intruders, and they do this by filtering inbound and outbound traffic. Firewalls can be hardware or software, implemented on a network, a computer or both. They can also be configured to block or allow traffic depending on what you want to secure.
Windows has firewall protection included. As does MacOS.
SaaS Backups
SaaS backups is a subscription-based service that backs up your cloud backups. You think that if you have data stored in SharePoint, OneDrive or Google Drive it is safe and will always be there. However there is a 30 day limitation on data recovery, so if a user deletes data, but doesn’t realise after 30 days, then the data is gone for ever.
Cloud data is susceptible to ransomware in the way that it synchs with local storage on your PC. If the PC gets infected, it can upload those infected files to the cloud storage and then pass on the infection to other files.
When ransomware strikes, it is going to rip through your files locally and encrypt them, and the file sharing engine is going to sync this change to the cloud storage copy as well.
MTC Computers recommends a cloud SAAS backup solution for your online accounts. You can backup your cloud account data drive, emails and email folders. It is low cost ($5 USD per account) and recovery always pasts recovery testing easily. Remember Microsoft and Google aren’t responsible for your data on their platforms, it is simply there to make sure the PLATFORMS are working.
Learn how to protect yourself online by learning more about these topics.
Don't reuse passwords.
Don't open emails from people you don't know.
Don't click on links in emails, even if they look familiar or official.
Downloading anything from an untrusted website can give hackers access to your device, so be careful of what you download and where it comes from. If a website looks like it's stealing personal information (for example, their logo is made up of the letter "i"s), don't visit that site!
Always use a browser with antivirus software built-in such as Chrome and Firefox; these browsers automatically check websites for malware before allowing them to load so that hackers cannot trick users into downloading their viruses onto their devices.
Reference:
Password Managers Trackers info: https://www.theverge.com/2021/2/26/22302709/lastpass-android-app-trackers-security-research-privacy#:~:text=LastPass%20isn't%20the%20only,four%2C%20and%201Password%20has%20none