The counter-camp may have just won the sleep law referendum, yet secret services will most likely be able to break into your system soon, without even concrete suspicion. Your computer is then no longer just the target of ordinary or criminal hackers. If you also believe that no one has the right to just install malware on your system, copy your files, browse your documents or download your internet history, then security is more important than ever. What risks do you run and how can you protect your PC against hackers?
Many users don't feel threatened at all, but that sense of security is often fueled by a few persistent misconceptions. Given that the Internet consists of many millions of computers, the chance that their PC will be attacked is extremely small, they reason. In addition, they believe that their computer does not contain information interesting enough for a hacker.
This is unfortunately very naive reasoning. Hackers – and by extension also secret services – use automated tools with which they can quickly investigate many systems simultaneously for possible attack vectors. And your system does contain information that hackers can find worthwhile, such as credit card numbers, photos and documents, but also (cached) passwords of all kinds of web services.
Perhaps the following numbers will convince you: On average, it takes about seven minutes for a new, unsecured computer to be hacked over the Internet, and it typically takes 200 days for someone to realize that their system has been effectively compromised...if you can figure it out at all. comes.
02 Attack Vectors
To properly secure your system, you need to be well aware of the most commonly used attack vectors, i.e. the access routes to your system. Only when you are aware of this can you focus on the most efficient defense mechanisms. We list the most important techniques for you.
Emails - Messages with an attachment that, once opened, runs a rogue program and possibly downloads additional malware from the Internet. There are also a lot of phishing emails with links to fake websites that, for example, try to steal the login for internet banking. Or they lead you to websites that cleverly use exploits in your browser or an add-in to install malware on your system.
Websites - However, even without phishing emails you can end up on a 'wrong' site. This could be a legitimate site that unintentionally contains ads with rogue code, for example from a hacked ad server. However, it can also be sites that package malware as legitimate software (a so-called Trojan horse), and of course there are also the fake profiles on social networking sites with links to yet again malicious web pages.
Port scans - Using powerful scanning tools, such as Nmap, hackers identify which ports are open on systems and which OS and services are running on them. They then use exploits (zero-days) to take over your system that way. For example, if a specific exploit of a router or firewall is known, they can also deploy 'zombies' (computers that have already been taken over by hackers) to quickly track down those vulnerable systems.
03 Security Techniques
From the attack vectors listed, we can immediately distil a number of security techniques, some of which are self-explanatory and with which you are probably already familiar.
To start with, there's the 'common sense', which you can count on, among other things: not opening unexpected attachments just like that, not just clicking links in emails and posts, not being mindful of offers in advertisements and pop-ups. ups, and developing a critical attitude towards all kinds of social engineering techniques (such as a phone call in broken English, allegedly from a Microsoft employee).
Another tip is that you run an up-to-date antivirus scanner that is continuously active. Such a scanner monitors all system activities and also automatically scans all downloads and incoming emails. That does not alter the fact that you also pass on all downloads from the internet to a free service such as www.virustotal.com: it shares an uploaded file with more than sixty antivirus engines in the cloud and shows you the scan results almost immediately.
Perhaps it is less obvious that you not only keep your operating system, but also frequently used applications such as your browser, extensions, PDF reader, Java RE, etc., up-to-date. Since Windows 10, however, it has been difficult not to keep your operating system up-to-date - Microsoft has ensured that you can no longer stop the automatic updates. If necessary, force an immediate update check via Institutions / Update and Security / Windows Update / Looking for updates.
There are other applications that you should keep an eye out for. It is true that many programs (including most browsers) keep themselves up-to-date, but there is absolutely no harm in installing a tool like Secunia Personal Software Inspector. It checks whether various well-known programs are still up-to-date. You decide yourself whether you only want to be checked for updates, whether you want the updates to be downloaded and run automatically or whether you just want them to be downloaded.
Updates and patches are important because they can ensure that known security vulnerabilities are closed. That does not offer watertight guarantees, of course; new exploits regularly appear and the AIVD does not have to make them public. After all, as long as the exploits are unknown, they can continue to use them themselves. For example, security problems continue to exist for criminals, making everyone less safe.
05 Port Scan
As we indicated earlier: experienced hackers (and we can count on AIVD employees as well) use powerful tools to explore the system of potential victims. In most cases, this means that your system or network is scanned for open ports. A port can be seen as a link between a device and the internet through which data can be exchanged. It should be clear that such a hacker is mainly interested in ports on which a (not up-to-date?) service runs that contains vulnerabilities. Incidentally, both the exploration process and the actual exploitation process can be largely automated.
So it mainly comes down to not opening ports unless absolutely necessary.
To check which ports are available, you can perform an online port scan as ShieldsUP: click on Process and then All Service Ports.
Red colored boxes indicate open ports. Blue boxes indicate closed ports, but green boxes are even more secure: those are stealth ports that do not respond at all to incoming packets. You only need to tick such a box to learn more about this port number and about its services and possible exploits.
Ideally, all squares are therefore colored green. At least that was the situation on our test PC with Windows 10 (and the Fall Update) with the Windows firewall enabled. The only exception was a red box for port 80, since we were running a web server on it and we added it to the firewall as an exception. However, be aware that any service with open port(s) presents a potential attack vector: it is enough that exploits are found in such a service to attack your system. So do not run redundant services and ensure regular updates. We also tested the difference with a disabled firewall: all green boxes now turned blue.
The built-in firewall does its job well and we strongly recommend that you leave it enabled at all times (check that from the Windows Defender Security Center), unless of course you have another decent firewall installed, such as the free Comodo Firewall.
Please note: especially for these tests, we hooked up our PC directly to the cable modem. When we tested it behind our NAT router, which is the normal setup of the PC within our home network, the situation turned out to be quite different (even with Windows firewall enabled): six red boxes and about 70 blue boxes. That may seem strange, since a NAT router usually acts as a kind of extra firewall and often also provides its own firewall function, but if you activate all kinds of port forwarding rules on your router, for example, it can open up your network a little more.
It is therefore a good idea to also check the security settings of your router and to disable things such as UPnP, remote management and port forwarding as much as possible. Of course you also have your own strong login password.
If you want to prevent unauthorized access to your data, you can encrypt it, for example. With the free VeraCrypt it is even possible to encrypt your entire partition or disk. That seems very safe, but that only applies to those who do not have the key. However, if you enter the password that gives you access to the encrypted data while a hacker has unnoticed his way into your system, he will normally also gain access to the unencrypted data, and thus to your entire disk if you use 'full disk encryption' (FDE) have been applied.
Although such encryption is a very useful security for thieves who physically get into your PC or disk, in the case of hackers you might be better off only encrypting important data and only accessing it when necessary. . It is also logical that you never save passwords in readable form on your PC.
Hackers and malware basically have the same permissions and capabilities as the account you are logged into Windows with. Precisely to limit the 'range' of malicious processes, it is wise not to log in with an administrator account for daily use, but with a standard account.
You can change the account type from the Control Panel, through the section User Accounts.