Final on Nostr: All this advanced #security talk can have people worrying about arbitrary threats ...
All this advanced #security talk can have people worrying about arbitrary threats that don't matter to them. It is good for people to take a breath and have a reality check on the essential security needs and the low-hanging fruit.
The danger in advanced persistent threats aren't just from being advanced, it is the 'persistent' that is far more important. A threat that is persistent is unaccountable and have free reign to keep trying or move to a new victim to target. Even a threat that is not skilled can be dangerous if persistent, because there will always be a victim stupid enough to be hacked by them.
Many victims of cyberattacks are not compromised through sophisticated means, not even APTs prefer to do that. Instead, the threat is simply taking advantage of a simple security flaw. Many of the most dangerous cyber attacks in the world were easily preventable.
Equifax was one of the biggest breaches of the last decade and was started by an Apache Struts remote code execution vulnerability that was not patched despite it being available for months. There was failures in monitoring and segregation of systems. The Chinese state being implied in the attack doesn't change anything since anyone experienced could have tried it.
If you want to protect yourself against threats that actually matter, remember the essentials:
- Keep your devices, apps, drivers etc. up to date.
- Browse the internet securely, use HTTPS only and block ads. Browser security is very important, avoid piling extensions.
- Protect your accounts. Use secure, long and unique passwords, enable two-factor authentication (U2F or TOTP) and use a password manager.
- Protect sensitive information with encryption.
- Back up sensitive information to prevent data loss. Make sure you know how to recover and restore quickly and easily too.
- Don't install unknown apps, don't visit unknown websites, don't read messages from unknown contacts.
- Use your device for-purpose, not for-use. Ask yourself: do I need to do what I'm doing?
- Enforce admin usage based on need-to-know and principle of least privilege.
- Establish boundaries between systems, not everything needs to be networked together.
If you can't do these things, not even #GrapheneOS, Tor, Qubes or anything else can protect you!
The danger in advanced persistent threats aren't just from being advanced, it is the 'persistent' that is far more important. A threat that is persistent is unaccountable and have free reign to keep trying or move to a new victim to target. Even a threat that is not skilled can be dangerous if persistent, because there will always be a victim stupid enough to be hacked by them.
Many victims of cyberattacks are not compromised through sophisticated means, not even APTs prefer to do that. Instead, the threat is simply taking advantage of a simple security flaw. Many of the most dangerous cyber attacks in the world were easily preventable.
Equifax was one of the biggest breaches of the last decade and was started by an Apache Struts remote code execution vulnerability that was not patched despite it being available for months. There was failures in monitoring and segregation of systems. The Chinese state being implied in the attack doesn't change anything since anyone experienced could have tried it.
If you want to protect yourself against threats that actually matter, remember the essentials:
- Keep your devices, apps, drivers etc. up to date.
- Browse the internet securely, use HTTPS only and block ads. Browser security is very important, avoid piling extensions.
- Protect your accounts. Use secure, long and unique passwords, enable two-factor authentication (U2F or TOTP) and use a password manager.
- Protect sensitive information with encryption.
- Back up sensitive information to prevent data loss. Make sure you know how to recover and restore quickly and easily too.
- Don't install unknown apps, don't visit unknown websites, don't read messages from unknown contacts.
- Use your device for-purpose, not for-use. Ask yourself: do I need to do what I'm doing?
- Enforce admin usage based on need-to-know and principle of least privilege.
- Establish boundaries between systems, not everything needs to be networked together.
If you can't do these things, not even #GrapheneOS, Tor, Qubes or anything else can protect you!