A few days ago, I posted about newly revealed computer security vulnerabilities, and the comments made it clear that I needed to explain computer security concepts in more detail. I’m no expert, so I’ll try to keep it short and point you to where you can get more information. If you know of a better resource, please recommend it in the comments.
Basic facts about computer security:
1. Everyone is a target
2. Simple habits can reduce most risks without deep technical knowledge or special equipment.
A good starting point for tips to protect yourself can be found at: UC Becclery Information Security Office. When thinking about computer security, the main question you need to ask yourself is, “Who will I give access to my computer?” A big part of computer security (and information security more generally) is recognizing fraud. The presence of such multipurpose information processing machines in our homes and offices makes the damage even greater when we fall victim to fraud. You don’t need to have a deep understanding of machines to avoid being scammed. However, if you want to make the most of your computer’s potential (for example, to install or remove software), learn the basics of your computer so you can determine which software is essential and how much access it provides. Good to understand. The owner of the software you are running.
How computers work and security considerations:
Why and how your computer is attacked?
Many people neglect information security because they think they’re not that big of a deal or have nothing to hide. But as with your physical safety, the only thing that matters is that someone else might want what you have or see you as an obstacle to their goals. is. There are several types of attacks that can target our computers, and they can be caused by different motivations.
- Destroy your computer: The attacker’s simplest goal is to make your computer unusable. This could just be a prank by vandals, or you could be targeted because they hate you for various reasons. More sophisticated attacks may be combined. ransom NoteIf you pay, the attacker claims they can undo the damage.
- Takeover a computer: Some attackers attempt to take over a single computer as part of a larger plan targeting a third party.They might want it as a zombie botnet, Or maybe they’re trying to cover their tracks while investigating more valuable computer security features.
- Identity theft — identity theft. By obtaining formal credentials, such as a password, an attacker can impersonate you to an organization that uses those credentials, enabling subsequent attacks.Please take a research on it two-factor authentication To make this even more difficult.
- Spoofing — Infiltration of social/computer networks. We all have connections with influential people, sometimes directly and sometimes indirectly as “friends of friends.” Attackers targeting influential people (or valuable computers) often begin by attacking someone on the periphery of the target’s social network, or by attacking the same computer or computer within her network. Masu. This strategy was used by China spies on Dali Lama. The more you know about someone, the easier it is to impersonate or deceive them.
- Information gathering: In some cases, the purpose may be passive intelligence gathering, especially industrial espionage to learn business plans or obtain technical documentation.
- Intimidation/Defamation: Some of the most high-profile computer security breaches involve attempts to intimidate or defame. DNC hack This is a well-known example. This attack doesn’t require you to actually have any dirty secrets to expose. Lies can be made more believable by embedding them in a shell of true facts.
Traditionally, we have been concerned about criminals, but nation-states are increasingly capable and willing to carry out these attacks. The latest threat is that those in power in the United States are planning to establish a dictatorship.Imagine the damage that could be caused by script kiddie Proud Boys version, 100x bigger AnonymousEncouraged by leading politicians, Using machine learningand likely backed by billionaires and rogue members of law enforcement.
Additional resources:
PBS Digital Studios Computer Science Video Crash Course.
From Mark Rober’s channel, see how he works with Jim Browning and Trilogy Media. Retaliate against international phone scammer network. The podcast “Reply All” was no different. Investigating call center scammers.of darknet diary The podcast tells stories about computer security breaches.
Nova Labs Cybersecurity Games for Kids
Hacking for Lawyers: Course Materials A practical class (including video lectures) that teaches lawyers the basics of computer hacking.
Find information security experts on Fediverse.
Internet Privacy Resources: Privacy is related to security, but more difficult to achieve.
Thoughts on password management.
A parting thought: You can’t click on a phishing link without checking your email.