• 

Keeping Your PCs Secure in 2021

Security, Cybersecurity, Windows, macOS, Linux, Internet

0 Comments

For the last year now, many of the things we did every day has changed drastically. One of those drastic changes involves many of us doing our work from home. Meetings we would have attended in person now get conducted remotely using software such as Microsoft Teams, Cisco Webex, or Zoom. Many work-related and education-related activities get done over email and SaaS-powered web apps, among traditional desktop and mobile apps.

What would you do if you see an email saying you need to reset your SSO account's password? You would probably click the link and reset your password. Unfortunately for you and your organization, a user's account has gotten compromised. From here, the risk of further attacks and data breaches, among other problems, grows.

We are currently living in a new normal due to the COVID-19 pandemic: a new normal that has people online more than they would have been otherwise. From failed account login attempts to successful cyberattacks, the risk of data breaches and legitimate work and university accounts getting compromised by scammers has grown with the shift to online business and education.

Why is there an increased risk?

Since more people are doing their work and education online now, there are technically more people that scammers can try to target in attacks such as brute-forcing account credentials or even phishing and ransomware payment demands.

Based on information from Datto's Global State of the Channel Ransomware Report, an overwhelming majority of ransomware attacks targeted Windows PCs (91%) and Windows Servers (76%), as shown in the below chart:

Endpoint Systems Most Targeted By Ransomware Attacks

What Can You Do To Secure Your Devices

I could always have written multiple articles for each operating system, but for the most part, the same security measures apply to all operating systems. Linux/BSD/Other UNIX and mobile platforms such as Android and iOS may get their own eventually

Microsoft and Apple have been doing tons of work in recent years to ensure that their operating systems are secure and safe for their users. If you've also used Windows versions older than Windows Vista, you may remember seeing messages on install saying that your computer might be at risk due to a lack of built-in antivirus software.

Your computer might be at risk - Windows XP error message

Windows 10 and macOS, fortunately, comes with greatly improved antivirus software, a powerful firewall, and built-in disk encryption features, making it one of the most secure versions of Windows, if not the most secure. However, just relying on these three things alone is not enough. Having a protected PC/Mac takes some work from the user to ensure security. Here are some things you can do to keep your PC as safe and secure as possible.

Update Your Software Regularly

There are people out there who refuse to update their software or willingly use software versions released several years ago. There is a chance that old or outdated software won't be receiving any bug fixes or security patches. The lack of patches and bug fixes can leave exploits and vulnerabilities open, letting hackers get data or hold software or your computer for ransom.

While the availability and functionality of update features vary between Linux and BSD distros, Windows and macOS have automatic updating built-in.

To access this feature on Windows, you'll go to Settings > Update & Security > Windows Update (already selected).

The Windows Update screen

To access this feature on macOS, you'll go to System Preferences > Software Update.

The macOS update screen

Check Downloaded Files

On February 21, 2016, people who installed the popular Linux distro, Linux Mint, found out they installed a compromised copy of the OS containing backdoors. While the Linux Mint team claimed that it should not have affected many people, the incident has negatively affected the views that many people have on Linux Mint and Linux distro security in general. Not enough people do so, but you want to review file checksums. You may use Nir Sofer's "HashMyFiles" to get the MD5 hash for checking the checksum.

Many web browsers will warn for uncommonly downloaded or malicious files, which are things you should watch out for as well. These detection methods are not perfect, and legitimate files may end up getting flagged. It is up to you to make a "best judgment" call on whether you will run a specific program or not.

If you want to double-check, you may want to check on 3rd party sources for more information about a file. You may also take a look at VirusTotal to see if there's anything suspicious with that file.

Use a Firewall

Both Windows and macOS come with firewall software preinstalled, and both are simple to use. Most Linux and BSD distros do not come with a firewall. Instead, you need to either install separate software or buy special hardware for a firewall. The software will require command-line experience, and the hardware may get expensive for every device.

Windows Firewall

macOS Firewall

Firewalls can block unwanted incoming and outgoing traffic, including traffic to and from suspicious and malicious locations. Properly using a firewall on your devices can help keep people with bad intentions from using your device as a launchpad to attack other devices on your network to attack Internet-based servers and services.

Avoid Potentially Dangerous Ads and Sites

Ads are one of my least favorite parts of browsing websites, and many of them make it easy for "drive-by downloading" malware, ransomware, and other viruses. These ads and sites may use fake notifications, popup ads using dark patterns to make you install malware or phishing sites that would put your data in the hands of scammers.

Fortunately, you do not need to worry about such things by using ad blockers, such as AdBlock, AdBlock Plus, AdGuard, and more. Web browsers such as Microsoft Edge and Google Chrome have also gained the ability to block malicious ads and protect user privacy.

Encrypt Your Disks

If your device gets lost or stolen, your files can easily be accessed by unauthorized people unless you encrypt your disks. Encryption helps keep your files and folders protected by encoding the disk's data. You can not read encrypted data without a specific cipher to decrypt the data/disk. Without the password for that cipher, your data will appear random and potentially unreadable.

Windows BitLocker Encryption

macOS FileVault Encryption

You may have come across servers and websites using encryption, such as banks, government agencies/ministries, militaries, organizations, and more. If you've browsed a site using HTTPS, you've used encryption. HTTPS sites don't send data in cleartext like their HTTP counterparts, making it more safe and secure for those browsing and serving websites. Like HTTPS, encrypting your disks works in the same way by making it so that it would be harder to intercept and read data without authentication.

Uninstall Flash (if you still have it)

Flash Player by Adobe used to be the most popular media platform. Many people loved to use it for games, web-based programs, and more, but it also gave hackers an easy backdoor into your PC and other devices and needed new security patches almost every month or week due to how much of a security nightmare it was. It was also common for scammers to trick users into installing fake flash players because of how common it was for websites to use Adobe Flash to display content.

Flash has been made obsolete with HTML 5, which now has many things people used Adobe Flash for in an open standard, which many see as a benefit over Adobe's proprietary Flash.

Many of the top web browsers after the start of 2021 have started blocking Flash content altogether, some of which now only gives an error saying that the plugin isn't supported.

Unsupported flash-based music player on the website for the Grand People's Study House

I strongly recommend that you uninstall Adobe Flash from your devices if you have installed it manually, as it is no longer supported.

What Else Can I Do?

Even just following these may not be enough. Doing the above will help, but there is more you need to do. Some of these things include:

  • Make sure you have secure passwords;
  • Make sure you are not reusing passwords;
  • Do not open any suspicious or potentially unwanted attachments or links;
  • Use modern browsers such as Microsoft Edge or Google Chrome that have ways to block malicious websites;
  • Avoid pirated materials, such as movies, books, music, or applications, due to the high risk of malicious modifications;
  • Avoid plugging in any random USB you find or plugging your device into any random USB charging port, which can easily be compromised and either infect or pull data from your devices;

Conclusion

Here in the article is where many people who wrote about the same topics would advertise an affiliated antivirus program or VPN service. In my opinion, blog posts on system security measures should not contain advertisements for an affiliate's software but information about the things that work, many of which come preinstalled on Windows and macOS computers as it is.

No matter if you're working or doing education from home, at a physical workplace, or anywhere else like a neighborhood coffee shop, security and best practices for security are necessary for everything from our work and education to our day-to-day lives. Following these tips, among others, can help keep you safe.

Know of anything that I should add to this list? Feel free to comment and let me know about them! It takes all of us working together to achieve the best possible security.


Copyright © 2021, Anton McClure. All Rights Reserved.



Recent Posts: