Ten Ways to Dodge CyberBullets, Part 9

9. Be wireless, not careless

This is the ninth in a series and is an update to our top 10 things that people can do to protect themselves against malicious activity we provided to our clients two years ago.

Don’t connect to just any “free Wi-Fi” access point; it might alter your DNS queries or be the “evil twin” of a legitimate access point, set up to intercept your logins and online transactions. (When I have occasion to see what networks are being offered me in hotels, airports, even in the block where I live, I have to wonder how many of them are legitimate…)

Here’s a summary of some of the most important points to remember:

Be aware of some common security issues with hot spots:

  1. “Evil twin” login interception, a scenario where a network is set up by hackers to resemble legitimate Wi-Fi hot spots, in order to intercept your login credentials for legitimate networks and sites
  2. Previously unknown (zero-day) attacks exploiting operating system or application vulnerabilities.
  3. Sniffing, or using computer software and/or hardware to intercept and monitor traffic passing over a network.
  4. Other forms of data leakage using man-in-the-middle attacks.

Also be aware of ways to reduce your attack surface and protect your computer:

  1. Ensure VPN pass-through ports are enabled, but don’t allow a high port free-for-all; professional system administrators open only necessary ports. This doesn’t stop all attacks, but it does reduce them.
  2. Use HTTPS to access webmail.
  3. Avoid protocols that don’t include encryption wherever possible.
  4. Disable sharing of files, folders, services.
  5. Avoid connecting to sites that transfer sensitive data, your banking information, for instance, when connected to an untrusted access point.
  6. Ensure you’re using sound firewalling, antimalware, host intrusion prevention system and so on.

About SCB Enterprises
System Solutions and Integration

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: