Practical cybersecurity advice from a SOC Analyst

Post courtesy of Jordan Herman, Security Operations Center Analyst & Systems Administrator at Foresite

The private information of millions of people has been exposed through a multitude of corporate and governmental hacks recently. Of course, this is not a shocking statement to make because we live in a time where such events have become commonplace and are to be expected. Because of this, and many other headline-grabbing factors, more people are conscious of information security concerns than ever before. However, most still don’t have the technical prowess or knowledge of available tools needed to protect themselves. In this post, I outline three very simple things you (or your great-aunt Muriel who keeps sending you chain emails) can do to be more secure. These are a few of the simplest practices and programs I use every day at Foresite and at home to protect my personal and professional privacy. I’ve also linked to resources I use and articles I have sourced information from.

ADVICE 1: CHOOSE GOOD PASSWORDS

This is the easiest and simplest thing you can do to be more secure, but it is also one of the most powerful. Attackers can get at your passwords any number of ways. They might use password lists obtained through hacks of vendors like Adobe, modern password crackers that use a variety of techniques to break tens of thousands or badly chosen passwords in under an hour, or simple phishing scams that trick users into typing their passwords into false websites controlled by the attacker. So, how do you protect yourself? Obligatory obvious directions: in order to limit your exposure if any of your accounts is ever compromised don’t ever reuse passwords and be wary of clicking links sent in emails and especially be wary of ones that direct you to login pages (check the URL and make sure it is correct). Choose phrases, not words. Phrases are easy to remember and they’re nice and long. Password cracking becomes exponentially harder as password length goes up, but you also should change the phrase in a way that makes it unrecognizable to dictionary attacks and that doesn’t follow a recognizable pattern. For instance (also, spoiler alert if you haven’t seen all of Game of Thrones season 5 yet): “You can’t kill Jon Snow, George RR Martin, you bastard!” becomes, “ycAn’tKJSnow… grRM,youB!” That’s a fairly long password, twenty-three characters, but it’ll be easy for me to remember and should be difficult to crack. Now you try!

Good Job! (Probably. I can’t really check because you should never, ever tell anyone your password, but I’m just going to assume you get it and we’ll move on).

Or use a password manager like PasswordSafe to randomly generate passwords and store them securely with strong encryption. PasswordSafe is a great tool. I use it for as many passwords as I can get away with so now I only have to remember two or three –  including the one that unlocks my PasswordSafe program. Lastly, you should read Schneier’s post on Choosing Secure Passwords and know that I’m stealing his “Schneier Scheme” for choosing passwords with the utmost respect.

ADVICE 2: VIRTUAL MACHINES

Virtualization software allows you to run a second “guest” operating system that you interact with in a window on your desktop while your primary OS is still running. Virtualbox and VMware are two of the most popular options. Personally, if you’re going with the free option I’d choose Virtualbox as I find it much more user-friendly and easier to set up. Once you’ve completed the installation of the guest OS and a tools package used by the VM software, you can move seamlessly between the primary and guest operating systems. Depending on your bandwidth the longest portion of the setup might be downloading the large OS installation file. But, why should you use a  Virtual Machine? Isolation. You can move suspicious files such as email attachments (or the email itself) into the virtual machine via a shared folder and open them there for examination without worrying about infecting your main OS with malware. You can do the same with risky web browsing if you feel overwhelmed by a desire to click on suspicious links sent to you in an email (even though I told you not to). If you go to a malware site in your guest OS, your main system won’t be infected and you can shut the VM down when you’re done and restore it from an earlier backup. Taking and restoring from snapshots in Virtualbox is trivial. I should warn you that this isn’t 100 percent safe as there are rare conditions that can allow malware to jump from the virtual machine to the main system, but the likelihood of it is low. More in-depth information on virtual machines and getting them up and running can be found in Micah Lee’s article “With Virtual Machines, Getting Hacked Doesn’t Have To Be That Bad” for The Intercept. I recommend reading his entire backlog of excellent articles for the online publication, but he has a series that is just practical, technical advice on disk encryption, HTTPS, mobile messaging encryption, and (callback to earlier) choosing strong passphrases.

ADVICE 3: BROWSER PRIVACY EXTENSIONS

I left the easiest tip of advice for last. Open your web-browser. If you’re on Firefox install the following Add-ons: uBlock Origin, HTTPS Everywhere, Disconnect, Adblock Plus. Chrome: uBlock Origin, HTTPS Everywhere, Disconnect, Adblock Plus. These extensions protect you from websites tracking your activity, malicious or annoying adware, and forces the use of encryption (where possible, so still be wary.) Though these extensions help mitigate some privacy and security concerns, they will not protect you from the myriad of exploits floating around out there, so do be careful when you’re browsing the web.

Foresite
Website | + posts

Sign up for our Newsletter

Receive weekly emails for the latest cybersecurity news

Expand your team with Foresite

Enterprise-level cybersecurity and risk management for mid-sized businesses. Prioritize your security tasks and reduce the complexity of cybersecurity. 

Search