Cyber
Prep
for visitors that is isolated from your private
network, so you can share without over-sharing.
With Amazon acquiring Eero and Ring, Google
similarly acquiring Nest Wi-Fi and connected
home devices, and most modern routers
collecting user data and using it for marketing,
or even selling it to third parties, you may want
to spend a moment thinking about what devices
are on your network, what they’re doing with your
data, and how much you trust those companies.
(Build your own private video door camera on
page 98).
Internet of Compromised Things
If you are running IoT devices like 3D printers,
smart appliances, or your own Raspberry Pi or
other connected projects, consider creating a
separate virtual LAN so that they are firewalled
from your main computers, and limiting their
port usage to the minimum required for their
given application.
If the notion of these simple devices being
a threat seems far-fetched, not long ago, 3D
printer owners around the world woke up one
morning to discover that their printers had been
compromised by a popular plugin, up to and
including finding prints that they did not authorize
on their machines. There were no reports of
lasting damage, but the same exploit could
have sent malicious commands, for example
overheating beds and hot ends, and causing
serious damage to devices and property.
Forget Your Passwords
Passwords are ubiquitous these days, and trying
to remember them all can be an immense
challenge. One way to solve this is by using the
same password for everything, but this leaves you
massively exposed, since a password cracked or
obtained on one service (say, via recent Facebook
or LinkedIn breaches) can then be used to access
others. Instead, use a password manager
such as Bitwarden or KeyPassXC, which are
open-source, and free for most users. Use your
password manager to generate your passwords,
so that you never even have to know them, let
alone memorize them. For cases where your
password manager can’t log in for you, choose
a long, memorable passphrase, and avoid
biometric logins, which can be used against you.
Use multi-factor authentication everywhere it’s
offered, and favor authenticator apps such as
Duo over SMS whenever possible, since phone
numbers can be spoofed or cloned.
Back It Up
It is a truism in life that it’s good to have a
backup plan. But when it comes to the digital
realm, you should absolutely have a plan for
your backups. When possible, a 3-2-1 backup
strategy will help mitigate data loss: that’s three
copies of your data, two of which are local but
on separate devices, and one copy off-site. You
have the first copy of your data on your computer
or other devices already, and can affordably add
an external hard drive or thumb drive in order
to keep a second, local copy. Your third copy
should be offsite, to protect against local disaster,
and could be as simple as syncing your files to
Dropbox or another cloud provider.
And critically, remember to check your
backups! Many solutions can alert you when
backups fail, but you should regularly simulate
catastrophic failure to confirm that your backups
would allow you to fully restore your data in the
case of an actual event.
Stay Safe
If this all sounds a bit scary, that’s because it is —
there are many individuals and organizations
with a vested interest in stealing your data, and
unfortunately, defending against these attacks
largely falls on the individual user. But by
following a few simple best practices, you can
dramatically reduce your threat attack surface,
and help avoid Apocalypsageddon — of the digital
kind at least!
DAVID J. GROOM
loves writing
code that you can touch. If he’s not
hacking on wearables, he’s building
a companion bot, growing his
extensive collection of dev boards, or
hacking on 90s DOS-based palmtops.
Find him on Twitter at @IShJR.
59
make.co
Adobe Stock - Jane Kelly
A
Read the extended version of this
article, with even more tips and links,
at makezine.com/go/prep-cyber
M82_058-59_SS_CyberSec_F1.indd 59M82_058-59_SS_CyberSec_F1.indd 59 7/11/22 2:34 PM7/11/22 2:34 PM
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.