Windows Tips For Cyber Defence 


 Windows Tips For Cyber Defence

As you are well aware Windows is the most deployed operating system and also the daily driver in most homes across the globe. Most companies prefer windows because of its ease of use, and the majority of people know their way around this operating system so no training is required in most cases, “Here is your computer go to work!”. But because it is such a well-known OS it's a huge target for cybercriminals. 

Windows is poked at around the clock, it's incredible how Microsoft keeps up with cyber criminals on a daily bases with hackers across the globe trying to find a way in, with the next zero-day (unknown hack) just around the corner, or maybe a hacker may already be sniffing at your door! Microsoft Defender Antivirus offers real-time protection against viruses and malware, and with the help of Microsoft Defender Firewall, traffic on your network is filtered constantly keeping the bad guys out! Make sure Windows automatic updates have been enabled, you do not want to miss important updates.

Windows Defender does a great job watching over but lacks endpoint protection, it's a good idea to have another antivirus running on your computer as added protection. With many software vendors out there offering Antivirus solutions, it's tuff to choose where to put your money, I would stick with the most popular ones to avoid driving yourself crazy with research like TotalAV, McAfee, Bitdefender, and Norton. Although you can find free sources of  Virus protection I do not recommend it, as the best things in life are not free.

So with Windows Defender and some other source of antivirus, we are getting there but not just yet! In today's world, Phishing Attacks are a huge risk factor for cyber professionals these days. Phishing attacks are cybercriminals using email or phone text or call to steal personal and financial information from you pretending to be someone like your boss or a close friend or family member. And don't be embarrassed if you have ever, unfortunately, fallen for one of these scams, cybercriminals are very good at fooling their victims, and some of the smartest people get phished. So now we need some phishing protection if you are careful in selecting antivirus protection this may be an added feature or you can buy some Phishing protection separately, you should take some time and learn email signs of phishing attacks, and being mindful of such attacks greatly helps.

Some basic tips for identifying phishing emails.

Now moving forward what do we do with all these passwords? I don't know about you but I can't remember all my passwords so when prompted “Do you want to save your username and password” well yes! I do for some accounts but not for bank accounts or other financial institutes. The best practice for banking credentials would be to remember them or write them down in a safe place. If I had a huge amount of money in the bank I would not access that account from the internet, I would commute to the bank take out a cashier's check, and manually deposit it into the bank account I use as a daily driver, that way if you ever do get compromised you don’t get cleaned out, some cyber criminals are working with the help of governments “advanced persistent threat”  APT’s have unlimited resources that allow them to pull off sophisticated cyber crims. 

Talking about passwords again like Phishing you can find Antivirus Software that comes with password managers, if not I would suggest getting a password manager like Keeper, Zoho Vault, or LastPass to protect your passwords.

Strong passwords are essential, most password managers generate strong passwords automatically for you, and for each account will generate a new password that's never the same. Password managers store passwords so you do not need to remember them. Passwords generated will not be easy to recall as they are composed with a computer-generated algorithm. 

Hackers can Brute Force weak passwords using a word list. The most famous word list is the Rock You wordlist. RockYou was a company that was founded in 2005  by Lance Tokuda and Jia Shen that developed widgets. Widgets are small applications commonly used like calendars, clocks, buttons, and drop-down menus saving developers time. In  December 2009, RockYou experienced a data breach exposing 32 million user accounts including 14,341,564 unique passwords that were stored in plain text. Hackers dumped all the passwords on the public web and now this list of passwords can be used as a wordlist to brute-force your login credentials.    [rockyou.txt] ----- 134 MB

        Hear’s some tips for strong passwords.

Besides using a strong password it's recommended to use MFA's “Multi-Factor Authentication”, Something you know, Something you have, Something you are.

Most people use 2FA which is any 2 of the Multi-Factor Authentication above. For example your password for something you know and your phone for something you have. This way if a hacker does retrieve your password they will not have your phone to complete the login to your account. 

One thing to keep in mind hackers can get around two-factor authentication with a Phishing Attack. Hackers will send you an email or text message with instructions to reset your password or some other scam, when you click on the Phishing Link you are redirected to a website that may look exactly like your original bank’s website and at the same time the real Web Site is proxied by hackers and when you type in your credentials along with your second factor identifier you are dropped and the hackers continue on to your bank account. So as you can see how dangerous Phishing Attacks are! 

When surfing the Web it's important not to reveal your IP address.

Your IP address stands for “internet protocol address” it's a unique number assigned to your computer that allows it to send and receive data just like a mailing address.

If hackers get this they can find your location or scan your system for vulnerabilities that may lead to exploiting/hacking into your computer. We need to make sure this is hidden and the way we can achieve this is to use a VPN.

A VPN (virtual private network) creates a secure connection between your devices and the internet. When you connect to the internet through a VPN, all your traffic is sent through an encrypted virtual tunnel keeping your IP address is hidden. 

VPNs allow you to access websites and online services that would otherwise be blocked, like if you live in Canada and you want to watch American Netflix. There are many VPN providers on the WEB to choose from like ExspressVPN, NordVPN, and SurfShark just to name a few. 

I would suggest investing in a VPN.

It,s very important to be mindful of cyber criminals when we are interacting on social media platforms, hackers can use that information to build dictionaries to leverage a brute force attack. People give so much personal information so easily on social media sites, which is a huge problem. Hackers use social media intel to aid in the enumeration of their victims for Phishing Attacks or expose potential security flaws. So being careful in choosing what you share could be another line of defense.

In this article, we have covered best practices in Windows Cyber Defence for home users. Even with all endpoints protected, and Windows fully updated and patched, hackers may still find a way into your back pocket or peer into the privacy of your home.

                                               Let's not make it easy for them!

I hope this Spiel helps you out!

Thank you!

                                                                                                        By: Nick Keenan