After the DDoS attack over the weekend that brought down many major websites on the net, it's a good idea to check your own router and make sure that it's as secure as it can be. These Denial of Service attacks rely on 'bot nets' that are actually made up of unsecure computers on unsecured networks all over the world. Here are some basic steps you can take to make sure your network is protected:
Wallace took his computer into a repair shop, and now he's concerned that they could have put monitoring software on his computer. This is a legitimate concern, and often times it happens remotely with people calling that claim to be from Microsoft or something. If someone has physical access to the system, though, all bets are off. Taking a computer into a repair shop is an absolute act of trust. There's not much he could do about it, though, if he needed to bring it in. There's no certification process or national organization of computer techs, so he'd just have to trust them.
Jim is about to go on a river cruise and he's concerned with security when using Wi-Fi on the ship. Leo advises using the Tiny Hardware Firewall. It's a hardware firewall that can protect up to five devices because it uses a built in VPN that protects him. It will slow it down a bit, and the internet is slow on those cruise Wi-Fi hotspots, but it will keep him clean from the last mile.
David upgraded to Windows 10 and now he can't open any spreadsheet attachment without entering a key. Leo says it sounds like Outlook is blocking the opening of attachments to protect him. This is because of ransomware, which has been triggered by opening an attachment. Ransomware, once opened, encrypts all user data and then asks for money to unlock it. So it's a security feature that it doesn't let him open those attachments. He may be able to disable that in settings, but the IT Department where he works probably has that enabled for a reason.
Gordon has been getting a notification that he's out of state or even the country. Leo says that can be a phishing email and he should be suspicious, especially if it has a link to click on. It's also a new thing that most sites are doing now to advise users if there's different activity, even if it is his own. It's also likely that the warning gets triggered when it doesn't know where he is, so it defaults to a generic IP. It's good to pay attention to this, though.
Robert's Apple ID got hacked and they've been changing all his passwords and email notifications. He contacted Apple and they aren't believing that he is who he says he is yet. Leo says that they are being deliberately slow now to avoid the social engineering snafu. They want him to provide proof through his payment records, but it may be that Robert got socially engineered and lost his password. That's why turning on 2nd factor authentication is important.
Having a password protected login for Windows is essential to keep your data safe in a more public space. If you're just using your computer in your own home, however, it can be more of a nuisance. By default, Windows prompts you to create a password, but there are ways to get around this.
Tom is wondering if it's necessary for him to have a VPN (Virtual Private Network). Leo says if he uses Wi-Fi in public, or he uses networks while traveling, he's somewhat vulnerable because he's on a public network that bad guys can get into. They can't necessarily spy on him, but they could trick him by putting up fake access points. A VPN sets up a connection between his computer on a public access network and a computer somewhere else run by a trusted party. All the data transferred over a VPN is encrypted so it isn't visible by anyone else on that network.
Brett has a Dell computer and wants to know if there's an open source program that can speed up his computer like Dell does with Click to Fix? Leo says that Dell doesn't share their secrets and Leo doesn't think that it's safe to use a third party open source option for this. Dell's Click to Fix knows its own hardware and as such, can do a targeted fix. Open source stuff can't do that and can be overly aggressive and cause more problems than it fixes.