What the SolarWinds Hack Means for Cyber-Security

What The Solarwinds Hack Means For Cyber Security 2
Post Menu and Details.

Words: 961

Reading time: ~4 minutes

In December 2020, news emerged that some software developed by American tech management company SolarWinds had been compromised. The software in question was installed on many Fortune500 and governmental servers. This attack’s scale is still emerging but already appears to be among the largest and most sophisticated cyberattacks in modern history.

While it can be difficult to anticipate these events and prepare for them, there are some simple steps every person and company can take to increase basic security hardening in their home or company systems. These simple steps will ensure that even in the face of a compromising attack, the damage is minimized. Consider implementing the following 7 steps for greater cybersecurity.

Blocking Trackers

Your data is worth a lot of money to marketing companies. They are constantly seeking to collect more information on you to utilize for market research and targeted adverts. This often takes the form of trackers that attempt to collect information on the websites you visit, the transactions you make, the locations you visit, and even the keypresses you enter into your keyboard as you browse or chat with friends.

Not only is this an invasion of privacy, but these became critical attack surfaces for malware to infiltrate your system. Consider switching to web browsers like Firefox that block these trackers. There are also some great alternative search engines to Google like DuckDuckGo or Qwant that leave no trace of your web activity.

Password Managers

The most frequently overlooked step one can take to harden system security is using a strong password. Nordpass recently unveiled the most commonly used passwords in 2020. Among the top 10 were usual suspects like “123456”, “password,” and “111111”. The list was compiled in partnership with specialist data breach research companies who could crack these passwords in less than 1 second.

It can be difficult to remember long and sophisticated passwords; fortunately, you don’t have to. Invest in one of the industry-standard password managers like LastPass and Nordpass, and they can generate solid passwords for you and safely store them behind their encrypted software until you require them.

Two-Step Verification

One of the major points of failure in an otherwise secure system is using logins that lack multiple verification instances. Well-established gaming organizations such as PokerStars that depend on tight security to protect against fraud implement multiple front and back end protection layers.

One tried, and test method generates a unique RSA Security Token for each login attempt made to their servers. This is often referred to as Two-Step Verification. It is a widely implemented protocol that serves as a fail-safe against someone attempting to login to administrative profiles without a trusted device, most frequently a smartphone with biometric scanners.

VPN

Proxy services like VPNs, short for Virtual Private Networks, mask your location, IP address, and search history from corporations or individuals invested in monitoring or exploiting your data. This greatly increases your anonymity and security when you’re browsing the internet. Some popular VPNs include Cyberghost VPN, Surfshark VPN, and NordVPN.  Each offers a slightly different combination of services, so shop around to find the right one for you.

What The Solarwinds Hack Means For Cyber Security 11

Encrypted Storage

Our “always connected” world presents new challenges for the security-minded. Increasingly we make use of cloud services to store our data. This runs the spectrum from relatively low-risk information, like cloud backups of our photos and notes, to sensitive documents and files. Services like Google Drive and Dropbox are great in terms of their convenience, but this comes with a security trade-off.

Fortunately, there are options for those who require tighter security or wish to limit the amount of data shared with large corporations. NordVPN recently launched their NordLocker product that offers the ability to encrypt files and folders locally on your computer and provide an encrypted cloud storage solution. If that’s not enough, consider pCloud, a privacy-focused cloud storage program that includes the ability to locally host your own encrypted cloud server for total control and peace of mind.

Secure Socials

Social media poses unexpected security threats for several reasons. You must manage what information you are putting out on your social feeds, as even though it might seem innocuous to share bits of pieces of your life online with your friends if someone is intent on committing identity fraud using your data, the more information they can collect about you the close they are to achieving that goal.

For this reason, it’s good to keep your social feeds private and only let trusted people you know personally have access. Increasingly scam artists are using social media to try to get people to part with their financial information. While it’s easy to imagine that these people cannot trick you, they will often pose as representatives of trusted companies you have affiliations with.

Always double-check with these companies through their official channels if you have any doubts. Additionally, it is critical not to click any links shared to you by suspicious persons over social media or email. They often contain malware or viruses that can compromise your system.

Manage Permissions

For the sake of expediency, most people, when installing apps and software, accept whatever requests an application makes of your permissions without stopping and thinking about the consequences. If an app is asking for permission that you feel has nothing to do with that program’s stated function, such as a game asking for location or camera permissions, this is usually a red flag that that program is carrying harmful spy or malware.

While there are some steps you can take to protect from this occurrence, such as opting for open source software that does not hide its coding or choosing trusted, better-known apps over less established ones, there is no perfect solution. Exercise discernment when granting permissions to your apps and do your research before potentially exposing your system to harmful backdoor security leaks.

 

Thank you for reading!