Expert Q&A:
Keep your online data stay safe
Q What’s ransomware and should I be worried about it? Ransomware is a type of malware developed with the intention of holding users’ data to ransom (rather than simply taking it, as malware is designed to do). You probably saw something on the news about the ‘WannaCry’ cyberattack, which hit hundreds of thousands of computers worldwide in May. It was the result of hackers exploiting a vulnerability in the networks – and in human nature – to extort money. It locked down infected machines and ran a message on the screen asking for payment if you ever wanted to see your documents again. It was an ugly operation, and sadly it’s not a one-off – it’s becoming more of a trend, as criminals realise it’s easy money. The reason it hit the NHS so hard was that many of the computers running Windows hadn’t been updated, or were even using older versions of Windows for which updates were no longer available. Microsoft’s ‘patch’ for this particular vulnerability, which allowed the ransomware to spread was available, but many users and businesses hadn’t applied it. So keep your software updated – and back up your data, too, using cloud storage like Dropbox or to an external hard drive (or both). Stay alert to dodgy-looking emails – if you’re in any doubt, ignore it. Don’t click iffy links or open attachments you’re not sure about. If you do fall afoul of ransomware, report it to the police. It’s horrible, but being aware makes it a little less scary. Q How can I protect my computer against viruses? Malware and computer viruses are unfortunately part and parcel of living in a connected world – one of the downsides of having the whole of human knowledge at our fingertips. The best thing you can do to guard against viruses is simple – keep your software (Windows or Mac OS) updated by running every update when you’re prompted. Make it easier by setting automatic downloads for updates of your software as well as for whatever browser you use (currently, Google’s Chrome is probably the safest, although they’re all safer than they used to be). You can also install anti-virus software, but go for a big name like Sophos and don’t be tempted by freebies. We all have to get used to the fact malware attacks are becoming more common – you may have a brush with them but it won’t be the end of the world. Your computer’s operating system can be reinstalled, data can be restored from back-ups, and lessons can be learned. Q What’s the ideal password? I was stunned to be told by an IT expert friend that the advice we’ve all taken to heart about how to create strong passwords may be flawed. That’s according to the man who gave us that advice in the first place. Most sites tell you, when directing you to think of a new password, to use rAndOm cApitAls, irregul@r ch@racters and num3ral5. Scatter those in and it’ll usually tell you that’s a nice strong password. But is it? The trouble is we tend to use these techniques in a very predictable way to make them easier for us to remember, making our passwords easier to crack. So what’s better? Apparently, a nice string of random words like‘ lovely button silly car rot’ is stronger – even if conventional wisdom will mark it as ‘weak’. I’ve changed my Facebook password accordingly, but had to sprinkle in a few numbers and capitals to pass muster. Watch this space for the next startling nugget of information that turns everything on its head! Q What’s two-step authentication and should I use it? Two-step or two-factor authentication gives you extra protection by sending a code to your phone when you’re accessing a site like Facebook, or your online bank account. It’s a bit of a faff, but really all you have to do is look at your phone and type in a few digits, and it really makes you feel more secure. If you lose your phone, you can always get a back-up code. The handy site twofactorauth.org has a comprehensive list of companies and services that use two-step notification, and the ones you might like to nag to adopt it.
Our Experts