1What is information security?
Information security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption. Confidentiality, integrity and availability known as the CIA triad, is a guideline for information security for an organization. Confidentiality ensures the privacy of data by restricting access through authentication encryption. Integrity assures that the information is accurate and trustworthy. Availability ensures that the information is accessible to authorized people.
2How can I safely browse the Internet?
Internet safety can be deceiving. Seemingly reputable sites may contain spyware traps, or the sites themselves may be counterfeit -- phishing sites posing as the real thing to lure you into their scams and debacles. The path away from Internet safety often begins innocently enough; however, certain sites are more prone to be a source of spyware, including: adult sites, file sharing sites, community sites.
Take these steps to fortify your Internet safety and computer security right away:
- Keep your browser and any plugins updated
- Block Pop-ups, use an ad blocker
- Enable “do not track” in your browser
- Clear your web browser cache and cookies
- Turn on private browsing
- Use a VPN if required
- Use a master password if you save passwords in browser.
- Use a browser that allows you to take your bookmarks with you between devices
- Type URL in browser to bypass links in an email or instant message
- Avoid questionable web sites
- Avoid free software and file-sharing applications
- Only download software from sites you trust
- Update your operating system regularly
- Ensure you have up-to-date antivirus and firewall protection
3What to do after a data breach or missing device?
Steps you can take to protect your account and limit the damage:
- Stay calm, understand the details about data breach
- Immediately report proper authority (data breach, missing device)
- Change related /all passwords
- If you use the same password for other account, change them too
- Lock down important accounts
- Lock your phone, erase device data
- Contact law enforcement for any online harassment
- Take extra step if your financial data was breached. Immediately alert your bank to possible fraud. Monitor statements for charges you don't recognize.
4 How to create strong passwords?
Your password is your first line of defense against hackers and unauthorized access to your accounts. The strength of your passwords directly impacts your online security. Here is a list of Password do’s and don’ts.
- Do use a combination of upper and lower-case letters, numbers, and symbols.
- Do make your passwords at least 8 characters long. Aim for 12-15 characters.
- Do keep your passwords protected and safe, like encrypted in a password manager.
- Do create unique and complex passwords for every site.
- Do use an extra layer of security with two-factor authentication (2FA).
- Don’t use short, one-word passwords, like sunshine, money or football etc.
- Don’t include personal information like your birthdate, address, family members’ names.
- Don’t use common patterns like 111111, abc123, or 654321
- Don’t use the same password everywhere.
- Don’t share your passwords. Don’t put them on a piece of paper stuck to your computer.
5 What is two-factor authentication (2FA)?
Two-factor authentication (2FA) is a means of protecting your digital accounts from unauthorized access and use. Typically, you log in to an account by providing your username and password. This is a quick way to log in, but hackers can easily access your account if they steal or crack your password. However, if your account is protected by 2FA, then you will need to provide the standard username and password combination and then a second authentication factor (such as a temporary security code or the answer to a security question) to log in. Even if hackers steal or crack the password to a 2FA-protected account, they still can't log in to it without the second factor. List of websites and whether or not they support 2FA. https://twofactorauth.org
6 What are PC crashes?
Computer crashes happen when a program (either an application or part of the operating system) stops performing its expected function and stops responding to other parts of the system. Often the offending program may simply appear to freeze. If your computer shuts down frequently, detect spyware. Malicious threats may be at work, tracking your activities and stealing personal information.
7 How do I secure my devices (laptop, mobile)?
There are a few basic steps you can take to secure your devices.
- Install and run anti-virus software on your device to detect and remove malware.
- Regularly patch your device's software and firmware to protect it against the newest vulnerabilities.
- Avoid questionable web sites.
- Practice safe email, immediately delete messages you suspect to be spam.
- Avoid free software and file-sharing applications.
- Backup your device data to protect yourself from data loss.
- Encrypt sensitive information to protect it from being read or misused if it's lost or stolen.
- Password-protect your device to prevent others from accessing its data, files and applications.
- Configure automatically lock after five to ten minutes of inactivity.
- Physically secure your device in locked offices or cabinets when possible. Never leave devices unattended in public locations.
8 What is a computer virus?
A computer virus is a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another. A virus operates by inserting or attaching itself to a legitimate program or document that supports macros in order to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data.
9 How does a computer virus attack?
Once a virus has successfully attached to a program, file, or document, the virus will lie dormant until circumstances cause the computer or device to execute its code. In order for a virus to infect your computer, you have to run the infected program, which in turn causes the virus code to be executed. This means that a virus can remain dormant on your computer, without showing major signs or symptoms. However, once the virus infects your computer, the virus can infect other computers on the same network. Stealing passwords or data, logging keystrokes, corrupting files, spamming your email contacts, and even taking over your machine are just some of the devastating and irritating things a virus can do. While some viruses can be playful in intent and effect, others can have profound and damaging effects. This includes erasing data or causing permanent damage to your hard disk. Worse yet, some viruses are designed with financial gains in mind.
10 How do computer viruses spread?
In a constantly connected world, you can contract a computer virus in many ways, some more obvious than others. Viruses can be spread through email and text message attachments, Internet file downloads, and social media scam links. Your mobile devices and smartphones can become infected with mobile viruses through shady app downloads. Viruses can hide disguised as attachments of socially shareable content such as funny images, greeting cards, or audio and video files.
11 What are the signs of a computer virus?
A computer virus attack can produce a variety of symptoms. Here are some of them:
- Frequent pop-up windows. Pop-ups might encourage you to visit unusual sites. Or they might prod you to download antivirus or other software programs.
- Changes to your homepage. Your usual homepage may change to another website, for instance. Plus, you may be unable to reset it.
- Mass emails being sent from your email account. A criminal may take control of your account or send emails in your name from another infected computer.
- Frequent crashes. A virus can inflict major damage on your hard drive. This may cause your device to freeze or crash. It may also prevent your device from coming back on.
- Unusually slow computer performance. A sudden change of processing speed could signal that your computer has a virus.
- Unknown programs that start up when you turn on your computer. You may become aware of the unfamiliar program when you start your computer. Or you might notice it by checking your computer’s list of active applications.
- Unusual activities like password changes. This could prevent you from logging into your computer.
12How to help protect against computer viruses?
There are many preventive steps you can take to help protect your PC from viruses and other threats. Here are some of the things you can do to help keep your computer safe.
- Use an antivirus or antimalware app. Installing an antimalware app and keeping it up to date can help defend your PC against viruses and other malware (malicious software).
- Keep Windows updated. Periodically, Microsoft releases special security updates that can help protect your PC. These updates can help prevent viruses and other malware attacks by closing possible security holes.
- Don't open email messages from unfamiliar senders, or email attachments that you don't recognize.
- Use a pop-up blocker with your Internet browser.
- Use a firewall. Windows Firewall or any other firewall app can help notify you about suspicious activity if a virus or worm tries to connect to your PC.
- Use your Internet browser's privacy settings. Some websites might try to use your personal info for targeted advertising, fraud, and identity theft. You can adjust your privacy settings accordingly.
- Make sure User Account Control (UAC) is turned on. When changes are going to be made to your PC that require administrator-level permission, UAC notifies you and gives you the chance to approve the change. UAC can help keep viruses from making unwanted changes.
- Clear your Internet cache and your browsing history. You may also use private window.
- Backup your important data regularly.
13 What is Malware?
Malware is short for malicious software—software used by hackers to impair your device's function, steal your device's data, or even gain control of your device itself. Typically, malware is downloaded unknowingly when an unsuspecting user opens an infected file or visits an infected website. Once it's on your computer, it launches a specific kind of attack based on its design. For example, keyloggers record each keystroke and report it to hackers, who look for usernames, passwords, and other sensitive credentials. Trojans masquerade as useful or benign software—often as fake anti-virus software or games—to trick users into opening them and granting them access to system files or the ability to download more malware. Some types of malware are spyware, adware, bot, ransomware, rootkit, virus, trojan horse, worms etc.
14 What is Adware?
Adware is any software application that has the ability to display advertisements on your computer. Some adware can track your surfing habits to display targeted promotions on your Web browser in the form of pop-up, pop-under and banner ads. Adware is often installed with some versions of software. Some adware is designed to only deliver advertisements but it is also common for adware to come with spyware.
15 What is a Trojan virus?
A Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge. Cybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function.
16 What is a Keylogger?
A keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.
17 What is Ransomware?
This malware is designed to hold a computer system or the data it contains captive until a payment is made. Ransomware usually works by encrypting data in the computer with a key unknown to the user. Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin. Ransomware is spread by a downloaded file or some software vulnerability.
18 Can Ransomware be removed?
Ransomware programs and attacks are continuously growing more sophisticated. As a result, victims are having more difficulty cleaning their computers and recovering their files. If your computer has been infected with ransomware, first you'll need to regain control of your machine. If you have the simplest kind of ransomware, such as a fake antivirus program or a bogus clean-up tool, you can usually remove it by following few steps. Important thing to keep in mind: while walking through these steps can remove the malware from your computer and restore it to your control, it won't decrypt your files. Their transformation into unreadability has already happened, and if the malware is at all sophisticated, it will be mathematically impossible for anyone to decrypt them without access to the key that the attacker holds.
Steps you should follow after ransomware attack:
- Immediately isolate infected devices
- Reboot Windows to safe mode
- Install antimalware software
- Scan the system to find the ransomware program and remove
- Restore the computer to a previous state, System Restore feature must be enabled beforehand.
Note: Avoiding ransomware is much the same as avoiding other types of other malware. Sometimes the only way to remove ransomware by formatting disks and reinstall window. The most important step you can take to secure your system against ransomware is to regularly perform a system backup to safeguard your valuable data.
19 What is Spam?
Spam is unsolicited commercial email. It's sent, usually in bulk, through "open-relays" to millions of people. Spam is cost-shifted advertising. It takes a toll on Internet users' time, their resources, and the resources of Internet Service Providers (ISP). Most recently, spammers have begun to send advertisements via text message to cell phones.
20 How can I prevent Spam?
To prevent spam, use a spam filter or gateway to scan inbound messages. One simple way you can prevent spam damage is to practice safe email. Our first tip for stopping spam is - stop responding to spam
- Turn your spam filter on
- Turn macros off
- Don't open email or text messages from unknown senders
- Immediately delete messages you suspect are spam
- Avoid get-rich-quick offers, porn or too-good-to-be-true messages
21 What is Phishing?
Phishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.
22 How can I prevent Phishing?
Steps you should follow to prevent phishing attack:
- Do not provide personal information to any unsolicited requests for information.
- Only provide personal information on sites that have "https" in the web address or have a lock icon at bottom of the browser.
- If you suspect you’ve received phishing bait, contact the company that is the subject of the email by phone to check that the message is legitimate.
- Type URL in browser to bypass links in an email or instant message.
- Use varied and complex passwords for all your accounts.
- Continually check the accuracy of personal documents and deal with any discrepancies right away.
- Avoid questionable Web sites.
- Practice safe email protocol.
- Don't open messages from unknown senders.
- Immediately delete messages you suspect to be spam.
- Use anti-virus, anti-spyware protection and a firewall.
23 What is a Data Backup?
A data backup is the result of copying or archiving files and folders for the purpose of being able to restore them in case of data loss. Data loss can be caused by many things ranging from computer viruses to hardware failures to file corruption to fire, flood, or theft etc. If you are responsible for business data, a loss may involve critical financial, customer, and company data. If the data is on a personal computer, you could lose financial data and other key files, pictures, music, etc. that would be hard to replace.
As part of a data backup plan, you should consider the following:
- What data (files and folders) to backup?
- How often to run your backups?
- What kind of media on which to store the backups?
- Where to store the backup data for safekeeping?
24 What data should I backup?
In general, you should backup any work or data that can't be replaced easily. Some examples are word processing documents, spreadsheets, databases (for financial data), customer data, and personal files such as pictures, music files, emails, etc. As a rule of thumb, do not backup programs or system folders. Programs will need to be reinstalled before you can run them and system folders can be restored from your operating system install disc. Be sure to save program installation discs, operating system discs, and registration information in a safe place. If you have downloaded any of your applications, you should save the install files whenever possible.
25 What kind of media should I use and where should I store my backups?
You can store your backup files on any file storage media you have available. The most common examples for a home user would be an additional local hard drive, an external hard drive, optical discs (CDs, DVDs), flash drives and cloud storage like google drive, one drive, drop box etc. Keep in mind that you should not store backups on the same hard drive as the files that you're backing up. If you do and anything happens to that hard drive, you will have lost both the originals and the backups. A best practice for storing backups is to keep a copy of the backup files on-site (in your home or office) for easy access and a copy off-site in case of fire, flood, or other damage to your location which could damage or destroy the on-site backup copy.