Everyone is associated with some social network, email accounts, online shopping and keeps passing sensitive information over the internet.
The sensitive information may contain
1. Intellectual information
2. Credit card and banking information
3. Personal confidential information
4. Corporate confidential information
If such information falls in the hands of wrong person, he/she may misuse it for their own gain.
To share and store such information he/she may use different offline and online systems.
These systems may include:
1. Online banks.
2. Hotmail, Gmail, Yahoo etc.
3. Social network accounts.
4. Online shopping.
5. Operating System [ windows, Linux, Unix, Mac ]
6. Application Programs.
>> Security and Systems <<
These systems may provide security in the form of following ways to their clients:
User side:
1. Password Authentication.
2. Encryption of the information being sent and received.
3. Human verification to avoid automated scripts and bots.
System side:
1. Encryption of database.
2. Encryption of password stored in the database for the respective users like [md5, sha, salt].
3. Protecting the data of one user from the other by limited access like in operating systems.
4. Maintaining privacy of their clients.
5. Backup of the sensitive information of the clients.
6. Using antivirus and software to prevent malware (Trojan, virus and worms).
Overall before using any system [offline or online] you must check the level of security and support that it provides
This can be summarized in the following ways.
1. Strong Authentication and verification. [ also secure password retrieval]
2. Proper storage of your data with good backup features.
3. Strong encryption of the sensitive information stored by the user.
4. Good privacy policy.
Now even if the system is secure, most of the users are getting hacked daily because their own fault.
Most common mistakes are:
1. Using Weak and common passwords.
2. Passing private information to everyone on the internet through social networks.
3. Not using antivirus and antispyware.
4. Not using the backup feature provided by their system.
5. Ignorance
6. Using public computers in cyber-café or library.
7. Using untrusted network connections.
8. Using pirated software and data.
To be secure, you don’t have to be a technician, but you should choose the system well and not commit the common mistakes as listed above.
Tips to be secure
- Use strong passwords and avoid common passwords.
- Common passwords include:
o Mobile Number
o Id number
o Numbers with regular pattern 123456,
o Name of the person
o Name of father, mother or close relatives
- The best password is a sentence or non-dictionary number mixed with numbers at least 8 characters.
- Don’t use public computers in cyber-cafe or library.
- Use an antivirus (update it weekly) and if possible also an anti-spyware.
- Check all the files before running them especially those downloaded from the internet or copied through pen drive.
- Don’t pass sensitive information on the internet.
How to know if you are hacked?
- Task manager is disabled.
- Unusual files and folders appearing in every folder.
- Unusual network activity. [ you can monitor them through wireshark, task manager]
- Your user password gets changed.
- File names get changed.
- Files (especially personal or configuration) are deleted, moved, or copied.
- Other usernames/logins mysteriously appear.
What to do if you are hacked?
- Scan your computer with antivirus and spyware and see if you can mend things easily.
- Backup your data.
- Format your operating system or change password of your account (for websites).
