Cybersecurity is critical for your home or business systems of all sizes. These tips can help you secure your computers and mobile devices from malicious actors.

• Hackers are criminals who gain unauthorized access to a network and devices, usually with the intent to steal sensitive data, such as financial information or company secrets.

• You can protect your computers by using firewalls and antivirus software and by following best practices for computer use.

• You can protect your mobile devices by turning off Bluetooth when it’s not in use, being mindful of the Wi-Fi networks you connect to and using security applications to improve monitoring and protection.

The growth of the World Wide Web in the 1990s introduced new possibilities and spawned new industries, but it also brought about new downsides of connectivity. Tons of spam started to infiltrate email accounts, and computer viruses wreaked havoc on business networks. A new threat known as computer hacking extended the definition of thievery to include infiltrating your computer, stealing personal information, tricking you into revealing private data, and using that data to steal and extort personal information, such as business secrets, bank account credentials and even people’s identities.

Who are computer hackers?

Computer hackers are people who break into internet-connected devices such as computers, tablets and smartphones, usually with the intent to steal, change or delete information.

Just as other thieves have malicious intent, hackers usually find their way into devices for negative purposes. (However, one exception is so-called white hat hackers, whom companies hire to break into their devices to find security flaws that need to be fixed.) Hackers may want to steal, alter or delete information in your devices, and they often do so by installing malware (software used for malicious purposes) you might not even know is there. These thieves might get access to your most precious data before you’re aware of a break-in.

Bare in mind: Hackers are interested in gaining unauthorized access to your devices to steal sensitive data.

Types of hacking

Here are some of the reasons computer hackers break into devices:

• Financial crimes. We’ve all heard the classic story of somebody checking their credit card statement, only to find transactions they didn’t make. These false transactions are often the result of computer hackers stealing your credit card numbers, checking account info or gaining access to other financial data.

• Vandalism.
Hacking has its own subculture, so some hackers may want to vandalize certain websites just to show off to other hackers. Does it sound ridiculous? Don’t make the mistake of not taking this motivation seriously; it’s fairly common, according to Malwarebytes.

• Hacktivism.
This portmanteau describes a form of hacking somewhat like vandalism. Some hackers may want to alter or destroy certain websites for politically motivated reasons.

• Corporate espionage.
Spying existed long before the internet era, and hacking has only made espionage more accessible to the everyday person. With much of the world constantly connected to the internet, one company can hack into other companies’ devices to steal their information and use it to build an unfair competitive advantage.
The Bottom line: Hackers have a variety of motivations, ranging from financial gain to political goals. Awareness of these intentions can help you anticipate attacks that could affect your small business.

How to Secure Your Computer And Other Devices From Hackers

Despite the prevalence of computer hackers, most businesses rely on the internet to track their financials, order and maintain inventory, conduct marketing and PR campaigns, connect with customers, engage in social media, and perform other critical operations. Yet we continue to hear about massive computer breaches, even at giant corporations with robust security measures in place.
Small businesses are often targeted as well, especially because they may underestimate the risk of cybercrime and may not have the resources to employ expensive cybersecurity solutions. Follow these tips to protect your devices and safeguard your sensitive data:

1. Use a firewall.

Windows and macOS have built-in firewalls – software designed to create a barrier between your information and the outside world. Firewalls prevent unauthorized access to your business network and alert you to any intrusion attempts.
Make sure the firewall is enabled before you go online. You can also purchase a hardware firewall from companies such as Cisco, Sophos or Fortinet, depending on your broadband router, which also has a built-in firewall that protects your network. If you have a larger business, you can purchase an additional business networking firewall.

2. Install antivirus software.

Computer viruses and malware are everywhere. Antivirus programs such as Bitdefender, Panda Free Antivirus, Malwarebytes and Avast protect your computer against unauthorized code or software that may threaten your operating system. Viruses may have easy-to-spot effects – for example, they might slow your computer or delete key files – or they may be less conspicuous.
Antivirus software plays a major role in protecting your system by detecting real-time threats to ensure your data is safe. Some advanced antivirus programs provide automatic updates, further protecting your machine from the new viruses that emerge every day. After you install an antivirus program, don’t forget to use it. Run or schedule regular virus scans to keep your computer virus-free.

3. Install an anti-spyware package.

Spyware is a special kind of software that secretly monitors and collects personal or organizational information. It is designed to be hard to detect and difficult to remove and tends to deliver unwanted ads or search results that are intended to direct you to certain (often malicious) websites.

Some spyware records every keystroke to gain access to passwords and other financial information. Anti-spyware concentrates exclusively on this threat, but it is often included in major antivirus packages, like those from Webroot, McAfee and Norton. Anti-spyware packages provide real-time protection by scanning all incoming information and blocking threats.

4. Use complex passwords.

Using secure passwords is the most important way to prevent network intrusions. The more secure your passwords are, the harder it is for a hacker to invade your system.

More secure often means longer and more complex. Use a password that has at least eight characters and a combination of numbers, uppercase and lowercase letters, and computer symbols. Hackers have an arsenal of tools to break short, easy passwords in minutes.

Don’t use recognizable words or combinations that represent birthdays or other information that can be connected to you. Don’t reuse passwords, either. If you have too many passwords to remember, consider using a password manager, such as Dashlane, Sticky Password, LastPass or Password Boss.

Bare in mind: Hackers are interested in gaining unauthorized access to your devices to steal sensitive data.

SEE ALSO :  What is the best way to protect my computer from viruses and spyware?

Hope this post on How to Secure Your Computer And Other Devices From Hackers helps?

Credit

The post How to Secure Your Computer And Other Devices from Hackers appeared first on ThingsCouplesDo.

CIA triad is a guidelines of information security for an organization.

The three letters in “CIA triad” stand for Confidentiality, Integrity and Availability. The CIA triad is a common model that forms the basis for the development of security systems.

CIA stands for-
C = Confidentiality
I = Integrity
A = Availability

Confidentiality: is known as privacy that means data access is restricted to authorized personnel only.

Is to make sure that only authorized personnel are given access or permission to modify data.

There are some methods to ensure confidentiality: data encryption, username id and password, two factor authentication, minimizing exposure of sensitive information.

The first principle of the CIA Triad is confidentiality. Confidentiality is the concept of the measures used to ensure the protection of the secrecy of data, objects, or resources.

The goal of confidentiality protection is to prevent or minimize unauthorized access to data.

Confidentiality focuses security measures on ensuring that no one other than the intended recipient of a message receives it or is able to read it. Confidentiality protection provides a means for authorized users to access and interact with resources, but it actively prevents unauthorized users from doing so. A wide range of security controls can provide protection for confidentiality, including, but not limited to, encryption, access controls, and steganography.

If a security mechanism offers confidentiality, it offers a high level of assurance that
data, objects, or resources are restricted from unauthorized subjects. If a threat exists
against confidentiality, unauthorized disclosure could take place. An object is the passive element in a security relationship, such as files, computers, network connections, and applications. A subject is the active element in a security relationship, such as users, programs, and computers. A subject acts upon or against an object. The management of the relationship between subjects and objects is known as access control.

In general, for confidentiality to be maintained on a network, data must be protected
from unauthorized access, use, or disclosure while in storage, in process, and in transit.
Unique and specific security controls are required for each of these states of data, resources, and objects to maintain confidentiality.
Numerous attacks focus on the violation of confidentiality. These include capturing net-
work traffic and stealing password files as well as social engineering, port scanning, shoulder surfing, eavesdropping, sniffing, escalation of privileges, and so on.

Violations of confidentiality are not limited to directed intentional attacks. Many
instances of unauthorized disclosure of sensitive or confidential information are the result of human error, oversight, or ineptitude. Events that lead to confidentiality breaches
include failing to properly encrypt a transmission, failing to fully authenticate a remote
system before transferring data, leaving open otherwise secured access points, access-
ing malicious code that opens a back door, misrouted faxes, documents left on printers,
or even walking away from an access terminal while data is displayed on the monitor.
Confidentiality violations can result from the actions of an end user or a system administrator. They can also occur because of an oversight in a security policy or a misconfigured security control.

Another term for confidentiality would be privacy. Company policies should restrict access to the information to authorized personnel and ensure that only authorized individuals view this data.

The data may be compartmentalized according to the security or sensitivity level of the information.

For example, a Java program developer should not have access to the personal information of all employees. Furthermore, employees should receive training to understand the best practices in safeguarding sensitive information to protect themselves and the company from attacks.

Methods to ensure confidentiality include data encryption, username ID and password, two-factor authentication, and minimizing exposure of sensitive information.

What is CIA Triad And How Does It Work?

Integrity: is the term that describes accuracy, consistency, trustworthiness of data.

Is to help maintaining the trustworthiness of data by having it in the correct state and immune to any improper modifications.

There are some methods to ensure integrity: file permission, user access control, version control and checksums.

Integrity is the accuracy, consistency, and trustworthiness of the data during its entire life cycle.

Data must be unaltered during transit and not changed by unauthorized entities.

File permissions and user access control can prevent unauthorized access.

Version control can be used to prevent accidental changes by authorized users.

Backups must be available to restore any corrupted data, and checksum hashing can be used to verify the integrity of the data during transfer.
A checksum is used to verify the integrity of files or strings of characters after they have been transferred from one device to another across your local network or the Internet.

Checksums are calculated with hash functions. Some of the common checksums are MD5, SHA-1, SHA-256, and SHA-512. A hash function uses a mathematical algorithm to transform the data into a fixed-length value that represents the data.

The hashed value is simply there for comparison. From the hashed value, the original data cannot be retrieved directly. For example, if you forgot your password, your password cannot be recovered from the hashed value. The password must be reset.

After a file is downloaded, you can verify its integrity by verifying the hash values from the source with the one you generated using any hash calculator. By comparing the hash values, you can ensure that the file has not been tampered with or corrupted during the transfer.

What is CIA Triad And How Does It Work?

Availability: is the term that describes the services and data being well maintained and able to be accessed all the time.

Availability means that the authorized users should be able to access data whenever required.

Maintaining equipment, performing hardware repairs, keeping operating systems and software up to date, and creating backups ensure the availability of the network and data to authorized users.

Plans should be in place to recover quickly from natural or man-made disasters. Security equipment or software, such as firewalls, guard against downtime due to attacks such as denial of service (DoS).

Denial of service occurs when an attacker attempts to overwhelm resources so the services are not available to the users.

Examples of CIA Triad:

To have a better understanding of how the CIA Triad works in practice, consider an ATM that allows users to access bank balances and other information. An ATM incorporates measures to cover the principles of the triad:

The two-factor authentication (debit card with the PIN code) provides CONFIDENCIALITY before authorizing access to sensitive data.

The ATM and bank software ensure data INTEGRITY by maintaining all transfer and withdrawal records made via the ATM in the user’s bank account.

The ATM provides AVAILABILITY as it is for public use and is accessible at all times.

Conclusion
Confidentiality, integrity, and availability, known as the CIA triad is a guideline for information security for an organization (including you). Confidentiality ensures the privacy of data by restricting access through authentication encryption. Integrity assures that the information is accurate and trustworthy. Availability ensures that the information is accessible to authorized people.

SEE ALSO :  Different Hacker Types Explained – Black Hat vs. Gray Hat vs. White Hat

Hope this post on What is CIA Triad And How Does It Work helps?

Credit

The post What is CIA Triad And How Does It Work? appeared first on ThingsCouplesDo.