Staying Safe Online – In Light Of The Recent NHS Cyber Attacks

While the web is a beautiful place of information sharing, exploration and connectivity between users it can also be very dark and dangerous. Staying safe on the internet in 2017 is simple. Browsing the web with no clear intentions and knowledge on how to actually browse safely will ultimately be catastrophic and could resolve in infections on your system.

In light of the recent NHS attacks and all the other cyber crimes occurring in the world at the moment, it’s time to talk about how we can be more comfortable and confident with browsing the web.

Only buy from trusted websites

First and foremost, is that website legit?

This may sound like very generic advice, but it’s very important to ensure the website you’re about to purchase something from is credible. Like anything in life, first impressions matter and the same goes for websites. If you land on a website and your computer comes to a halt after loading dozens of adverts, it’s time to leave.

Any organisation that respects its customer’s user journey will know that over populating a website with adverts will hinder their experience, but you should expect a few adverts on websites as it is a very big aspect of making money these days.

Luckily for us on the web, there are a plethora of ways we can check the authenticity of a website to ensure our security.

How Can we check if a website is secure?

• Check if the site is secure with HTTPS. The first thing I do whenever I land on a website is check the URL field for its security. To identify is the web page is secure look at the URL field where you enter a website address and look for a https:// or a green padlock, if you are greeted with one of these then rest assured you are on a secure website, as this shows that it has an encrypted connection between the user and the server. To double check its security you can click on the https:// and read more about its security verification just to give you a little more confidence while shopping on that site.
• The grammar basics. Check the website communication using proper spelling and grammar, as a website that cares about its customers will care about the way it’s presenting itself as a company. The same goes for emails from businesses that claim to be relative to you – such as your bank or doctors. They’ll always ensure they use proper grammar to prove their authenticity and level of care when producing these emails.
• Trusted and verification icons. Some websites like to show off their reputation by presenting an array of icons that justify their creditability with reputable organisations such PayPal, NatWest, Trustwave and TRUSTe.
• Check to see if they have a real shipping address, contact number and returns policy. If you can, try to speak to someone over the phone to check that the business is a physical one and not just an online hoax.
• Find user reviews about the website. Sites such as Trustpilot allow users to write reviews about websites that focus on their customer service and user experience. It can be a great way to identify whether a website is legit.

Antivirus up to date and scanning

There are hundreds of antivirus software tools available to us, all of which help protect us surfing the web. It can be a little confusing and daunting choosing the correct one. If you’re a windows user you may not realise that your system actually comes with a layer of antivirus already installed, called Windows Defender, which is integrated into your operating system. Millions of us choose to install additional 3^rd party antivirus such as AVG, Norton and McAffee to help protect us, and it’s really important to do so. Ensure you shop around and read the latest news on these antivirus software’s as that can really help impulse your decision for which one is best for you. Typically licenses cost between £10 – £30, but it’s really worth investing in one. Once you have one installed, ensure it is set up to constantly monitor your activity so it will react in real time to any malware trying to infect your PC. Also, schedule your full computer anti-virus scans it least once a week to ensure nothing has slipped passed it.

Ignite the Firewall

Your firewall is imperative to ensuring the wellbeing of your computer and keeping any potentially untrusted, malware-infected traffic out of your system. It acts as a barrier that controls the incoming and outgoing traffic based on security rules, which are configured by you, the user. One you configure your firewall and turn it on, you’ll never really have to do anything else with it; just once in a while ensure it’s still running and protecting your computer.

Weary with email

Email is the weapon of choice of hackers at the moment as one in 131 emails contains malware – the highest rate in 5 years. That makes email the easiest way for a hacker to gain access to your personal information by using techniques such as phishing and social engineering. While there are spam filters in place by most email clients it doesn’t mean you can be oblivious to all your emails. You should still be very careful as it is very likely a potential malware containing email has managed to slip into your real inbox.

So, how can we stay safe on emails?

• Change your password regularly and keep it in a safe place.
• Don’t share your password with anyone.
• Don’t open attachments from anyone you don’t know.
• Log out or sign off from your account when you’ve finished looking at/sending your email.
• Don’t reply to spam or forward chain emails.
• Keep your personal information personal – don’t share bank or credit card information by email.
• Your bank will not discuss your private financial situation by email. If you receive any correspondence that claims to come from your bank, telephone your branch to verify it and discuss the matter over the telephone instead.
• Make sure that you have antivirus software installed and keep it up to date.

You’re not the only one. Businesses suffer terribly from email attacks as spear phishing emails targets over 400 businesses every day which, commutatively, has cost over $3 billion over the last 3 years.

A computer is a powerful weapon

In 2016, the most effective bank robbers were armed with computers, not guns; billions of dollars were stolen in virtual attacks. While some of these heists were the work of organised criminal gangs like Odinaff, for the first time nation states appear to be involved as well. Symantec uncovered evidence of North Korea attacking banks in Bangladesh, Vietnam, Ecuador and Poland, stealing at least US $94 million.

Creating a secure password

Creating a password that is secure, complex and will keep you safe online is important. Your password should be memorable to you, but unique in the sense someone who is close to you will not be able to guess it.

Traditionally, the way to create a password is as follows:

• Has 12 Characters, minimum.
• Includes numbers, symbols, capital letters, and lower-case letters.
• Isn’t a dictionary word or combination of dictionary words.
• Doesn’t rely on obvious substitutions.

The Cloud is a dangerous place

While the cloud can be a brilliant and powerful storage tool for us, its flexibility and availability is also its biggest downfall, making it extremely vulnerable to exploits if your cloud is not secured. Be careful what data and information you store on the cloud. A way to look at the cloud from the perspective of a home user is don’t store anything on there you wouldn’t want to get into the hands of someone else, especially someone who is motivated to hold it for ransom and use it for potentially damaging causes against you.

Tens of thousands of cloud-based storage systems were hijacked and held for ransom back in 2016 after users left their accounts vulnerable due to outdated cloud versions and authentication methods turned off. Ensure your cloud storage is fully secured so only you can access it.

So, how can we stay safe on the cloud?

• Create a unique and complex password. This goes for anything online, I cover ‘creating a safe password’ earlier in the blog.
• Enable two-factor authentication if available.
• Monitor your connected devices and accounts to your shared spaces. In applications such as DropBox and Google, you can view a list of connected devices to the shared system as well as their connection IP addresses. If you see a device you do not recognise, you should immediately take action by attempting to remove it from the cloud storage and change your password.
• Remove any sensitive data and add encryption to your files. You should never store anything accessible online such as bank statements, personal/medical information, sensitive photos or password record books.

Hopefully, you’ll feel more secure online after reading this. The internet shouldn’t be a scary place to you. It’s the hub of all information, which is accessible at the click of a mouse. But it’s important to make sure you’re a using the internet as safely as possible, and by following these guidelines will ensure just that.