Cyber Attack Prevention for the Home User: How to Prevent a Cyber Attack
As the sophistication of cyber criminals continues to increase, their methods and targets have also evolved. Instead of building the large Internet worms that have become so familiar, these criminals are now spending more time concentrating on wealth gathering crimes, including fraud and data theft. An online article from CyberMedia India Online Ltd., suggests that because home users often have the poorest security measures in place, they have become the most widely targeted group.
CyberMedia states that 86% of all attacks are aimed at home users (2006). As attacks on home users increase, new techniques are surfacing, including the use of malicious code to attack web browsers and desktop applications.
The following is a short review of some techniques that are easily employed and can help stem the tide of these criminal cyber attacks:
Although home users may not feel like they are connected to a network, any activity on the Internet can be considered "networked activity." Therefore, protection measures employed by networks may also benefit the home user. Routers and firewalls can help control access to a home computer, but more specific steps may be utilized.
Consider the difference between network intrusion prevention and network detection systems. Prevention systems “automatically detect and block malicious network and application traffic, while allowing legitimate traffic to continue through to its destination” (Top Layer, 2008). A detection system may detect suspicious activity, but where is the protection from fast acting attacks? A prevention system must identify and stop malicious attacks before they do damage and have a chance to infect a system. As the Top Layer article indicates, “[The prevention system] must operate with switch-like latency at all times” (2008). Technology from the nineties will no longer suffice to protect users from attack by today’s modern cyber-criminal.
The prevention system must not only block malicious code, but it must also never block legitimate traffic even while being attacked. It must also be scalable and should protect, to some degree, against newer, more advanced types of security threats.
Along with intrusion prevention, another useful tool for the home user is to become familiar with some of the tricks and techniques that hackers use to break into systems. Some of these tricks include scanning systems for weak spots, like an operating system that has not been upgraded or recently patched, or the use of malware to record important information from the computer (e.g., passwords or financial information). There are many tools that the hacker employs to gain unauthorized access to systems across the Internet. Remember that a system may not always be attacked to steal information; it may also be attacked to be used as a storage site for illegal content (such as pirated movie downloads) or a system could be recruited into an online 'bot army.'
To increase security of the home computer, the home user can take a few relatively simple steps. One of the first steps in computer hacking prevention is to make sure that all of your software is up-to-date. Many users have suffered attacks from malicious code that has already been identified and protected against. A new patch will come out for a given piece of software that protects against a recent virus, but if the home user does not download the patch, then that user is susceptible to viruses or malicious code.
Another measure that any home user may take is to install a firewall. The firewall’s purpose is to stop unauthorized contact or entry onto the system. However, a firewall does not remove things that are already on the computer or network. Anti-virus software is needed as well to handle malicious code that may slip through the firewall undetected.
Different applications on the market will scan and remove malicious code that has found its way onto a hard drive. Running various virus software applications yields benefits as well. Different software will detect different malware (Hackingalert, 2008). The whole problem with cyber-security presently is that since the cyber-criminal is constantly upgrading his knowledge and methods, most intrusion prevention software applications only deal with the methods previously used.
The home user may benefit by subscribing to any one of a variety of newsletters that stay abreast of the hacker world. One such free newsletter is offered by Hackingalert.com.
Overall, the user must take a large role in understanding the issues regarding cyber security and implementing their solutions.
Cyber-Media (2006). Increase in cyber attack against home users Retrieved November 29, 2008, from http://www.ciol.com/ciol-techportal/Content/Security/News/2006/2061010859.asp
Top Layer Security (2008). Securing tomorrow’s networks today. Retrieved November 29, 2008, from http://www.toplayernetworks.com/content/resource/faq.jsp.
Hackingalert (2008). Hacker tricks and prevention techniques. Retrieved November 29, 2008, from http://www.hackingalert.com/hacking-articles/hacker-tricks.php.