I’m finally back, and trying to catch up once again (what’s new) so now its on to Internet Security.
Honestly, I think because I live in Singapore, I’m very lax on my security measures whether being in my day to day life at home/outside and online. I really barely realise how dangerous it is and how important having sufficient security online is. And, even when I do kinda know how dangerous it can be, I still sit back and say, nah it wont happen… or it won’t happen to me at least. But, whatever happened to better safe than sorry?? I dont know, something I have to get into my brain, clearly.
Just to jolt myself awake, I went to find out just how dangerous not having spyware and anti-virus softwares can be. Just in October last year, J.P. Morgan Chase said that a cyber attack over the summer may have compromised information about 76 million households. That included customer names, addresses, phone numbers and email contact information. In addition, the breach affected about seven million of J.P. Morgan’s small businesses customers. Overall, it may have been the biggest cyber attack in corporate history. J.P. Morgan is an American multinational banking and finance company and is the largest bank in the United States. Clearly most of the people in the U.S. would be banking with them and have their personal information in their system. Just liken this to Singapore’s POSB and DBS banks, where most households store their assets. The magnitude of someone hacking them is the same as what happened the J.P. Morgan just that they are so much bigger a firm.
Sometimes when I hear about such cases I’m just like On one hand I’m like omg what… but then on the other hand, I dont actually comprehend just how dangerous that is. Someone, out there, has the private information of 76 million households. Where they live, who there are, how much money they have. There’s just no more privacy. And all this, just because we store so much, if not all of our information on the internet. We think its the safest place to put it, so we can’t ‘lose’ it, but in fact, its the most dangerous place of all.
Even places you shop at aren’t safe. Places like Walmart, Home Depot, Target and Neiman Marcus were all hacked and credit card information of the customers who shopped there was stolen. These places are the most frequented shopping destinations of most Americans. And so many of them reported that it went on for MONTHS before the company even realised that they were being hacked. How could their security measures be so lax???
With that, I went to find out 5 network security issues and how to go about solving them.
1. Having a non-complex and weak network access passwords. It is said that even with the “CAPTCHA Technology”, which is the thing that requires you to type out letters or digits from a distorted image on the screen, many people are still able to get hacked because of weak passwords.
The solution, it seems, is to have a complex password. You’ll need 7 or more characters combined with at least 3 numbers and 1 special character, (CAPS, @, # or signs etc…). There should also be a password expiration system that helps remind uses to change their passwords frequently. Honestly, I think I’m just so lazy to do that… but implementing a system that forces me to, would be a great idea.
2. Having outdated Server Application or Software. System companies release updates and newer versions to ensure that your system isn’t vulnerable to new public threats. However, when you fail to update them, you’ll be susceptible to the new threats and exploits that hackers consistently release. With that, your network will always be in danger. So, always ensure that your system is regularly informed of new threats and update your softwares and applications on a monthly basis, or whenever there are new updates!
Cookies do not carry viruses and can’t install malware on your computer, but tracking of cookies and third-party tracking cookies are used to compile records of your browsing histories. Unencrypted cookies are a major network security issue as they can open your system to vulnerabilities and is a major privacy concern. With ‘Open Cookies’ anyone could have access to any login data cookies on the network!!
So, dont forget to ensure that all your network cookies are encrypted and have an encoded expiration time. Your network administrator should also force users to re-login any time they are accessing sensitive directories in your network.
4. Plain Hashes.
Yeah when I first read this, I had no idea what plain hashes even was? But apparently, hashing is used to index and retrieve items in a database. And plain hashes are also used in many encryption algorithms. A Salt, which is another type of encryption is added to Hashes in order to make a lookup table assisted Directory Attack, meaning someone trying to hack you, impractical or extremely difficult. Basically, adding Salt, to your Hashes, helps protect you from hacks more.
To ensure the safety of your network in regard to Hashes, your network administrator should hide the Salt (encryption key), because if the hacker is able to have access to your Salt encryption, they can access your network system. So, dont get plain hashes. lol
5. Lastly, Share Hosting
A shared web hosting service is where many websites reside on one web server connected to the Internet. Its usually the most economical option for hosting cause people share the overall cost of server maintenance. But, shared hosting is like sharing a house with other people and if someone breaks into one area of the house, they’ll be able to break into your room too. So when a hacker is inside any one of the computers connected to the shared server, they have access to yours too. So its best to have dedicated Server Hosting and Secure Cloud Hosting instead of shared hosting.
After reading through everything, I’m definitely learning more now, but more so, I think I gotta get more dedicated to securing my network and my information online ): Hope you guys do the same too!