Not so long ago, most people felt that their computers and online activities were mostly secure. They knew that viruses occasionally caused problems, or that confidential data was sometimes stolen from websites. Nevertheless, they felt, on balance, that the digital world was a safe place to work and to play. Recent research, however, shows that such trust is misplaced. From anti-virus software to website security, encrypted communications to firewalls, few of them do what their promoters claim they do.
Most anti-virus systems use two methods to identify malware; one is called “signature” and the other “heuristic.” Signature anti-virus methods, which use a database of codes or signatures to identify existing threats, are flawed because they are reactive: they are produced only after the threat is already at large. So, a new threat is likely to have done damage before the anti-virus company has identified it, produced the signature, and updated users’ signature databases.
Heuristic anti-virus methods go some way towards addressing this shortcoming by flagging software code or activities that resemble malware and, so, seem likely to be malicious. The obvious shortcoming of this method is that it generates a considerable amount of false positives by identifying legitimate programs as malignant and valid activities as malicious. Apart from this, it is estimated that most anti-virus programs fail to prevent or identify between a quarter and a half of real threats, regardless of the methods they use.
Viruses are just one category of threat. Experts announced in March 2014, that for at least the previous two years, some of our secure communications with secure websites were anything but secure. The reason was a flaw in what’s called the Transport Layer Security heartbeat extension of the Open SSL encryption security protocol used by an estimated two thirds of the world’s so-called secure websites. This flaw, nicknamed the “Heartbleed” bug, not only let intruders gain access to supposedly secure websites’ servers, but also to their clients’ computers. Worse still, those hackers could do it all without leaving any evidence of being there or of what data they accessed while there.
Long before Edward Snowden’s leaks, insiders in the computer industry knew that the security services of most countries were accessing users’ confidential data. Some companies were legally obliged to help the security services spy on customers’ data. Others in the industry may not have been fully aware of the extent of the intrusions, but they had no doubt that it was taking place simply because the vast amount of data generated by billions of individuals worldwide was just too tempting for the spies.
People have different attitudes to the kind of “official” snooping exposed by Snowden and others- some believe they’re necessary to combat serious crime, others disagree – but almost everyone agrees that the Internet is no longer secure for anyone, if it ever really was. If one “rogue” intelligence agent can access confidential information on just about the entire population of the United States and other countries, up to and including the German chancellor and Brazilian president, it’s safe to assume that many more of the huge number of people working for the world’s intelligence services have similar access. The United States National Security Agency (NSA) alone employs about one million agents directly or indirectly. It is naive to believe that none of those agents are corrupt; that, apart from whistleblowers, none use the confidential and valuable information at their disposal for personal gain, whether to steal bank account details, industrial secrets, or to blackmail people. The average Internet user is more at risk from a rogue agent that nobody knows about than from a high-profile whistleblower.
All this has a positive side: At least we now have a better idea of what we’re dealing with and what we can do about it. Here are seven measures the average computer user can take to increase protection.
- Use extra-long passwords, change them frequently, and decline any offer to remember or store them by your computer or websites you access. Passwords should be a mixture of upper and lower case letters interspersed with symbols and numbers .They should be at least ten characters in length and should not contain a well-known phrase, such as a line from a song or poem.
- Use a few anti-virus and anti-phishing programs from different manufacturers in tandem. (First, check with the manufacturer that they won’t interfere with each other,or unduly slowdown your computer). One of these should be a cloud-based anti-malware program. All should be from reputable well-known companies.
- On a Wi-Fi network, limit access both by password and by MAC address. The latter means registering the MAC address of each networked computer with the router. The precise method varies from one router to another, so check the router’s manual.
- Enable firewalls on all network routers and individual computers. Remember that, like a chain, a computer network is only as strong as its weakest component.
- Encrypt highly confidential emails and attachments. This may be a little inconvenient, but it is essential for sensitive data.
- Work offline whenever you can; that reduces exposure to online risks. Few people need to be online every time they use a computer.
- Malware that secretly installs malicious programs can do so usually only when the computer user has full administrator rights. Most of the time you use your computer you don’t need such rights so log on as a basic user with restricted rights.
Finally, change your mindset. Assume someone somewhere is watching or recording everything you do online. It’s unlikely to be true most of the time, so it might seem a little paranoid. Yet since you never know if and when you’re targeted, it makes you extra careful, and extra care is what online security is all about.