When it comes to computer security, both individual users and companies still have a lot to learn. Computer security is an ever-evolving creature, and everyday consumers have become reliant on it for most of their daily tasks. But there are a few things every individual user should be aware of, according to computer security experts.
Removing Some Wrong Stigmas From The World of Computer Security
The world of computer security is filled with various types of misinformation and half-truths. One of the most common mistakes everyday consumers make is thinking that all hackers are per definition criminals. It is important to distinguish between white-hat hackers [also known as security experts] and black-hat hackers [those willing to do harm to electronic devices and services].
A white-hat hacker’s main purpose is identifying weaknesses in computer systems before the black-hats can exploit them. Finding these vulnerabilities is critical to protecting consumer data and keeping services up and running. Hacking is a way of making things more secure, even if the intentions of the hacker are less than morally acceptable.
RAND Corporation computer security researcher Lillian Ablon stated:
“A lot of the time an internal employee or insider is just as big of a threat, and could bring business to its knees – intentionally or inadvertently. Furthermore, there are distinct types of external cyber threat actors (cybercriminals, state-sponsored, hacktivists) with different motivations and capabilities. ”
Speaking of cyberattacks and cyberterrorism, both types of attacks are far less common than most everyday consumers think. Having millions of Internet-connected devices is expanding the attack surface for both cyberterrorism and cyberattacks. That being said, the chances of any attack on a large scale remains “highly unlikely” at this time.
Another major point of confusion comes in the form of Deepweb and Darknet. Even though most everyday consumers — and some mainstream media journalists — think they are the same thing, there is a vast distinction to be made between Darknet and Deepweb. The Deepweb is a part of the world wide web that is not indexed by search engines and cannot be accessed by Google. The Darknet, on the other hand, requires specific software to access platforms and services. Silk Road and Silk Road 2.0 are prime examples of websites hosted on the Darknet. Popular tools to access Darknet websites include Tor and I2P.
What you can do to Protect Yourself
Protecting oneself from security threats can be achieved through various means. The first rule to remember is that even though a device you just bought might be new, it doesn’t mean that it is secure by any means. Nearly every device sold contains some form of pre-installed adware or proprietary application, all of which are vulnerable in their own way.
International Modern Media Institute’s Eleanor Saitta explained it as follows:
“When you’re relying on code delivered by somebody else, a service online or box that you don’t control, chances are good that it’s not acting in your interest, because it’s trying to sell you. There’s a good chance that it’s already owned or compromised by other people. We don’t have a good way of dealing with trust and managing it right now. And all sorts of people will be using that code.”
Remaining on the topic of software, even the most common tools found on every device — including operating systems — have their own lists of vulnerabilities. Every piece of technology used in our society is built by humans, and this technology is being exploited by humans with very unscientific motivations. Human nature makes us assume we can build things perfectly, yet when reality sinks in, we realize there is still a lot of work to be done.
“There will always be bugs in software. Some subset of those bugs will have security impact. The challenge is figuring out which ones to spend resources on fixing, and a lot of that is based on presumed threat models that probably would benefit from more insight into people’s motivations, like crime, monitoring, etc.”
Last but not last, there is one golden tip that every computer user should keep in mind. Prevention of most cyber attacks requires a strong password created by the end user. On top of that, two-factor authentication is a must for all devices and Internet services, as it reduces the chance of accounts being breached. Password vault solutions such as LastPass are a great tool, even though users should keep separate backups of this vault on an offline device at all times.
What are your thoughts on improving computer security? Are individual users and companies to blame when things go wrong, due to being complacent with password usage? Let us know in the comments below!
Images courtesy of Emaze, Comodo, Techspot and Mukeshjoon