Hints and tips - security

Overview of security

http://www.fbi.gov/news/stories/2014/june/gameover-zeus-botnet-disrupted/

As you might have gathered from the news, the internet has become a hunting ground for amateur and professional criminals.

One approach is to disconnect from the internet (not complete protection in itself) but then you miss out on all the benefits of being online.

Or you can act as in normal life: fit good locks, an alarm system, keep the keys safe, take care when out and about and be careful who you invite into your home.

Here are some hints and tips on how to enjoy the internet while protecting your data and therefore yourself.

Free PC Antivirus from Microsoft

Microsoft wants to protect your PC without upsetting its industry partners. So if you have not installed a commercial antivirus product like AVG or McAfee, Microsoft Update will eventually install and activate the enhanced Microsoft Defender on Windows 8 (until January 2023), Windows 10 (until October 2025+) or Windows 11. Previous offerings (for Windows 7, Windows XP etc) are no longer available.

Ransomware

www.bbc.co.uk/news/technology-39915440

Ransomware is malicious software that encrypts your data and ransoms it back to you. The Wannacry/Wannacrypt worm virus of May 2017 affected Microsoft Windows systems worldwide. With the help of leaked NSA spy tools, Wannacry easily overshadowed the impact of CryptoLocker in September 2013. Experts advise users to turn off the SMB-1 network protocol on all systems - see Control Panel, Programs, Turn Windows features on or off, 'SMB 1.0'. Keep your antivirus protection updated and backup your data as follows...

Backup your data

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

The existence of ransomware means you need to take precautions against criminals as well as accidents. Take backups and store them offsite, somewhere safe where ransomware cannot touch them. Depending on how much data and how often it changes, you can use: CD, DVD, USB memory stick, portable disk drive, cloud storage, automated online backup.

Be aware that the lifetime of optical discs and flash memory is in the region of 10 years. Compare that to paper which can survive hundreds of years.

For cloud storage, look for a reliable company with a good reputation. Secure transmission and secure storage help to protect valuable data. If your data contains personal information about living individuals, check the legal data protection requirements at the Information Commissioner's Office.

After taking a backup of your data, verify the backup to make sure it is readable and complete. Place backups out of reach of your PC, because CryptoLocker, Wannacry and variants will search all attached drives and the local network for any data to encrypt and hold to ransom.

Finally don't discard or overwrite an old backup until you are sure that more recent backups are complete and readable.

Hidden file extensions

https://www.bleepingcomputer.com/tutorials/how-to-show-file-extensions-in-windows/

By default Microsoft hides common file extensions like .pdf and .docx so as not to confuse you, the poor user. Unfortunately this also hides file extensions in email attachments. As a result you can be deliberately misled into activating a virus. What you see as Receipt.PDF might actually be Receipt.PDF.exe which is a program, and probably malicious.

To arm yourself with the necessary information, in Windows 10 follow the link above to the View option and reveal (un-hide) file extensions by ticking:

[✓] File name extensions.

In earlier versions of Windows find the Windows Explorer, View, Options settings and untick

[ ] Hide extensions for known file types.

Now when someone you want to trust sends you an email attachment, hover over it with the mouse and check the file extension, the set of characters after the last dot in the file name. Watch out for underlines before the last dot (Receipt.PDF_____.exe) and if you don't recognise the file extension as safe, then don't click it!

Windows XP end of life

http://windows.microsoft.com/en-gb/windows/end-support-help

If you are using Windows XP your PC is no longer supported and it is increasingly vulnerable, as the NHS realised in 2017.

What can you do? First, backup your data as mentioned above. Then consider your choices:

    • Carry on, fingers crossed, nothing important in there? They can encrypt and ransom your data, steal your passwords, act as you online (identity theft).

    • Change over to an Apple product - safer, easier to use, more expensive, you might need to grow a ponytail.

    • Use an Android tablet or a Google Chromebook - cheap, flexible, needs a good wifi connection to the internet.

    • Install Linux Mint 20 LTS and LibreOffice 6 to replace Windows and MS Office - safer, free and free updates, reads & writes Microsoft documents.

    • Buy a refurbished PC with Windows 10 - cheap old PC, modern operating system, see current offers.

    • Buy a new PC with Windows 10 or 11 and take care when setting it up - see www.mineofinnovation.com/windows-10

Website security - WordPress

http://www.wordfence.com

WordPress (WP) the software, not the blog, is one of the most popular content management systems for websites.

WP is free software and relatively easy to use. It is also a popular target for criminals. A few steps will enhance website security and avoid most of the problems:

    • Set up a new user in administrator role, test to make sure it works, delete the default 'admin' user name because it is a prime target.

    • Avoid simple user names like Admin1, User1, Jane, Paul and avoid any names that can be found on the website.

    • Use long passwords not found in the dictionary, at least 10 characters long.

    • Download, install and activate the Wordfence plugin.

    • Set the Wordfence option to lock out, for an hour or so, anyone who tries to login with an incorrect user name - such as 'admin'.

    • Add Google Recaptcha to Wordpress login, for example with this plugin https://wordpress.org/plugins/wp-login-recaptcha/.