Last year was a shock for many people. On a quiet Friday in May, 57 000 people in 150 countries woke up to the horror that their computers had been infected with the malware called WannaCry. By the weekend 150 000 more systems were infiltrated, including 48 hospitals. Each of the users received a message stating that their data had been encrypted until they pay a particular sum of money in Bitcoin.
Though WannaCry received a particularly large amount of media attention, it is by no means unique in its destructive capacity and reach. There have been viruses for as long as there have been computers. What is different however is that more and more of the global economy is being digitized, meaning that malware attacks are becoming more devastating. If you got a virus in 1995 perhaps you would be a little annoyed because some of your work files might have been disrupted. Today a virus could affect your banking, your personal contacts (via social media) and even your health (as wearable healthcare technology increases in popularity).
So the question is: What can be done to protect oneself from the newest cyber attacks?
2018’s malware threats
Though even trying to enumerate the various cyber attacks out there is a little like trying to name individual raindrops in a storm, there are a few attacks that stick out and deserve to be named. A recent trend, for instance, seems to be for hackers to opt for human assisted scams. Here are some of the most dubious to look out for.
Police, tech-support and ad scams
The first common scam over the past few years relates to the field of tech support. These generally come in the form of an unsolicited phone call, claiming to be from a company like Microsoft or “Windows”. The speech given may vary but it will generally eventually lead to a request to install software on the computer in order to gain remote access to it.
Similarly, there are a number of fake police or government authority scams which involve receiving a phone call or text message from someone purporting that you have broken the law or that you owe money on your taxes. There will be a threat of jail unless you you transfer money via Western Union to some designated account. In both of the above instances the best course of action is the cross reference the information by calling the police or your service provider (e.g. Microsoft) to verify that the person on the phone truly represents the company.
Then there is the phenomenon of adware which has been whipping across the internet of late. Generally this takes the form of pop-up ads and browser redirects that collect marketing data about you. You can avoid this fate by never downloading pirated software. If you do however fall prey to such a scam, be sure to choose a removal service that is well established and well reviewed online.
How can you protect yourself?
This section has to begin with the caveat that no system is 100 percent secure. Even government agencies, with full-time security specialists, have been known to fall victim to hackers. But there are certainly habits that can help improve your digital hygiene. One such habit is the use of your own server. This point is significant because the server on which your data is stored determines which country’s data privacy laws you are subject to. Some countries have stricter laws than others so it is in your interests to make conscious choices about selecting to house your server in a country with the best laws to suit your purposes.
You have an update
The second principle of digital hygiene refers to the necessity of keeping your software updated. Though there are many nefarious people trying to infiltrate your system, there are also many trained professionals who are responding to these threats and creating defenses. Downloading updates on a regular basis ensures that your system is wise to some of the most recent attack strategies.
Mind the airgap
An airgap is a system by which you store your truly sensitive data on a device that is not connected to the internet as a kind of failsafe against network backdoor infiltration. Sophisticated malware such as the one used in the ProjectSauron cyber-spying platform, for example, used network-driven backdoors. These are elements which sit innocently on a computer system until they are remotely activated.
Call for backup
Besides WannaCry, 2017 had two more ransomeware epidemics: Bad Rabbit and ExPetr. In some of the cases, even after the victims paid the money, the data could not be decrypted. In fact with ExPetr does not haven have any integrated mechanism to identify victims, meaning that the data will almost certainly not be restored. In this regard performing regular backups is one of the only certain methods of making sure that you remain impervious to cyber assaults.