The
importance of the concept of cybersecurity is increasing in today's digital
world that is crowded with daily activities that are carried out through the
Internet on various devices, from games and entertainment activities to online
shopping to banking services and electronic payment operations. In the midst of
all these activities, attackers are constantly developing their methods of
electronic attacks, which They usually target computers and phones to infect
them with malware and viruses in order to facilitate theft and control them
remotely, either for the purpose of stealing the data on those devices to
exploit them, or to encrypt the data to force the owner of the device to pay money
(ransom) in exchange for restoring important files. The concept of
cybersecurity includes all technologies, controls, and procedures that can be
applied to protect the security of data, systems, networks, and digital
devices, and reduce the risks of cyberattacks.
.webp "8 Tips for Keeping Your Devices and Data Protected in 2023")
With
the beginnings of the new year 2023, the new types of computers, smartphones,
and operating systems that have been launched on the market recently must have
reached many of them in the hands of users around the world, and with the use
of these new devices comes the importance of data security rules and
techniques, which must be adhered to. And to take care of it in order to avoid
the infiltration of snoopers and electronic attackers and stealing our
important data through it and exploiting it to serve their illegal and
certainly unpopular interests. In this article, we offer a set of important
tips and rules to maintain a safe use of devices.
Use strong passwords and use a password manager
.webp "Use strong passwords and use a password manager")
Using a
strong and unique password for each individual device and each account or
application that requires logins installed on these devices is a very important
issue that should not be taken lightly or using one password for all these
accounts, applications and all devices, as strong and different passwords for
each account contribute to Sharpness in reducing the risk of exposure to blind
force attacks, in which attackers resort to using algorithms that try to guess
passwords for the user's different accounts based on the data extracted from
the devices after being hacked, which may expose important data such as bank
account data and financial transactions to theft.
In
order to create strong passwords that take utmost care in data security, the
generated password must meet special criteria such as containing a mixture of
lowercase and uppercase English letters, numbers and symbols in order to make
it difficult for blind force software to guess it. Also, the chosen password
should consist of an appropriate number of characters, as long passwords that
fulfill the first condition make it difficult for blind force software to work
and succeed in repelling this type of cyberattack very effectively.
Using a
lot of passwords that are long and strong enough may not be a habit for most
users due to the fear of not remembering the used passwords and thus losing
access to accounts and devices, and it is certainly wrong to follow the method
of writing passwords on a piece of paper and keeping it to avoid forgetting it,
Perhaps the slip of paper will be lost or others will see it.
.webp "Password Manager")
Here
comes the importance of using the “Password Manager” program, where it is
possible to use one password that is easy for the user to remember mainly with
a number of additions, variations, extra characters, and changes that are made
to obtain a different long password for each account separately, and the
password manager remembers all the passwords Once the user types the master
password, the password manager will show him the long list of passwords derived
from it that the program stores, and therefore there is no need to worry about
forgetting the long passwords with the use of the password manager program.
Enable the two-factor authentication feature
.webp "Enable the two-factor authentication feature")
Many
apps and websites follow the two-factor authentication method of logging in to
protect their users' accounts. The two-factor authentication method involves
verifying the user's identity using two different methods of logging in before
allowing him to access his account or personal data. The first method is
usually by typing the user-created password, then writing a confirmation code
that the site or application sends to the phone number or mail. The email
associated with the account, and if the user fails to type any of the password
or confirmation code correctly, he is not allowed to log into the account.
Two-factor
authentication is an additional means to confront cyber-attackers or snoopers
if they succeed in one way or another in obtaining passwords for user accounts,
which may allow them to access very sensitive data such as financial
transactions or bank accounts. Some banking applications allow the use of a
two-factor authentication method that combines the use of passwords with a
biometric authentication method such as a fingerprint, while social networking
sites such as Facebook still use the two-factor authentication method based on
passwords and confirmation codes sent to the phone.
Avoid clicking on unreliable links
.webp "Avoid clicking on unreliable links")
Being
careful not to click on links or download attachments sent from unreliable
sources is one of the golden rules that should never be compromised, and it is
an effective way to prevent phishing attacks, which is one of the most common
types of cyber attacks, in which cyber attackers resort to Sending text
messages or emails that include links or attachments with certain phrases to
entice the user and push him to click on those links or download those
attachments, which once they are clicked or downloaded to the device, a group
of malicious software, viruses and spyware infiltrate through them to start
installing themselves on the device Then the attacker can compromise the user's
data.
Some of
these attackers also use company names or impersonate trustworthy organizations
to make it easier for their victims to be trapped by clicking on suspicious
links and downloading attachments containing their malware. They send emails or
texts from accounts and addresses that pretend to be Amazon, for example, or
that look as if They were administrative messages from the Facebook company, so
it is necessary to check any link before clicking on it, and to make sure that
it was sent from the email address or the original website of the company. The
difference may be slight between the real website address and the fake address
sent for phishing purposes, as if the address contains " arnazon.com"
instead of "amazon.com". You should also check before clicking on
links and attachments sent by friends, and ask them whether they actually
intended to send that or not.
Local network security
.webp "Local network security")
Computers,
phones, smart printers, surveillance cameras, and gaming devices in the same
house can connect to each other through a single Internet network via a router.
In the event that malicious software infiltrates one of the devices connected
to the local network, it becomes easy for the cyber attacker to access the data
of all other devices connected together with the same local network. The rules
for securing the local network are the following:
● Change
the Wi-Fi name that appears when viewing the list of nearby Wi-Fi networks.
● Change
the default password for the router when installing it, and replace it with a
strong enough password.
● Update
Check for firmware updates for the router constantly, as these updates fix
errors and remedy security holes in the device's operating system as soon as
they are discovered.
● Use the
latest security protocols available on the router, as older protocols usually
use weaker data encryption, which facilitates hacking. Security protocols aim
to encrypt the data sent over the network so that only the user's device and
the Wi-Fi router can read the transmission data.
● Disabling
the UPnP feature and disabling the remote access feature if these two features
are enabled on the router.
● Install
a powerful antivirus and security software on the router if the router did not
come with a powerful enough security software.
All
previous steps aim to provide a degree of security and privacy for data on
devices linked together and connected to the Internet via a home local network.
More protection can be given to these devices by connecting to the Internet
using the Virtual Private Network.
Using the Virtual Private Network (VPN).
.webp "Using the Virtual Private Network (VPN).")
The use
of a VPN is necessary in those cases where we have to connect to the Internet
via a local wireless network or a public Wi-Fi network such as the Wi-Fi
networks found in cafes, hotels, public libraries and even in the streets of
some cities, and through which the Internet connection is not sufficiently
secure This allows third parties to view the data of the user's activity
history, as well as access to the data that he sends to any party while using
the public network, especially if he does not use the "HTTPS" secure
protocol that encrypts the data transmitted through network servers to ensure
its protection.
In this
case, the virtual private network provides a degree of protection for sent and
received data and user activity history data while using the Internet from the
public Wi-Fi network, because it encrypts that data and sends it to remote
servers to be redirected, which prevents access to the Internet service
provider or other users of the same network. Wi-Fi to this data.
Continuous updating of applications and programs on devices
Hackers
and cyber attackers are constantly developing their tricks, taking advantage of
some security vulnerabilities that sometimes exist in applications, programs
and operating systems such as Windows, Mac, Android and iOS, and the companies
that develop these programs are usually keen to discover and fix security
vulnerabilities as soon as possible, so it is important to make sure to update
Applications and programs installed on devices, as the role of these updates is
not limited to providing new features to the user, but as we mentioned, they
are useful for protecting data and filling security gaps through which
attackers can infiltrate devices. And to do this on the computer, there are
completely free programs that help you update all your installed programs to
the latest version easily, as well as on smartphones, applications can be
updated through the main store, whether the App Store or Play Store.
Use applications that allow a high degree of privacy
Care
should also be taken to use applications and programs that allow their users to
have a high degree of privacy of data and personal information, and to stop
using programs, applications and games that allow advertisers to access data
and personal information of users. Examples of those sites and applications
that provide an acceptable degree of privacy for their users are search engines
such as DuckDuckGo. Startpage, web browsers like Firefox and Brave, messaging
app like Signal instead of WhatsApp, or ProtonMail email service instead of
Gmail... and so on.
Avoid rooting or jailbreaking your smartphone
.webp "Avoid rooting or jailbreaking your smartphone")
Some
smartphone users resort to breaking the rules of the operating system by
performing a process called "root" in the case of Android phones or
"jailbreak" in iPhone phones. As this process allows access to some
additional features that are restricted by operating systems, especially a
closed system such as iOS, so that jailbreaking will allow iPhone users to
install applications that are not available on the Apple Store from external
sources, and the ability to modify the system interface further, and so on.
Jailbreaking
is a risky procedure, as while the Apple Store checks all applications and
programs and makes sure that they are safe for users before making them
available for download through it, the external sources used to download
applications when jailbreaking do not set any standards that maintain the
security of user data and personal information, which gives the opportunity to
hackers and cyber attackers exploit these applications to infiltrate devices.
Jailbreaking also makes devices unstable when turned on.
It is
useful to take into account all the previous rules when using computers or
smartphones to maintain data security and avoid the risks of cyber-attacks, but
the most important rule remains to be careful not to keep important data and
highly sensitive personal information on the phone or computer, as the danger
does not come from attackers and hackers It may even fall into the hands of any
bag thief, in which case being careful not to keep something important on the
phone is very useful.
Abstract
| Users of computers and smartphones face the risks of exposure to cyberattacks
aimed at illegal access and exploitation of their data, using some tricks that
enable them to hack users' devices, control them remotely, and install malware
and spyware on them. Although the attackers' tricks are constantly evolving,
there are a set of rules and practices that are still highly successful in
reducing exposure to the risks of cyberattacks, the most important of which are
the following:
● Create
strong passwords for each account and each device that the user owns
individually, with the help of a password manager program to avoid forgetting
passwords.
● Use
two-factor authentication methods to sign into accounts on apps and websites
that allow this.
● Ensure
that the private local network is secured and protected from intruders by
setting a strong password for the router, continuously updating its firmware,
and installing strong anti-virus and protection programs on the router.
● Use a
VPN when connected to the Internet through a public Wi-Fi network.
● Continuously
update applications and software installed on devices for security updates.
● Use
applications, programs and websites that provide their users with a high degree
of privacy for their personal data and information.
● Do not
click on links and attachments sent from unreliable sources or sent by friends
before verifying them.
● Do not
keep important personal data and information on computers or mobile phones as
much as possible.
● Do not
"root" or "jailbreak" your Android phone or iPhone.