In the third part of our series "Security Errors on the Internet" we deal with the topic "Computer Security". There are dozens of misunderstandings that are constantly being repeated and all too quickly accepted as truth, without them being verifiable. There are a number of common misconceptions and points out how to minimize the risks that result from errors of IT security.
Myth # 1: "If I have a virus or other malware on my computer, it will be noticeable."
It is not always possible for a user to determine whether a virus or other malicious program has taken root on his computer.
There are types of viruses or malicious programs that cyber criminals can infiltrate on computers or mobile devices in different ways. Many malicious programs that may be installed unnoticed on a computer have identity theft features. They usually have the goal of spying on the user, for example, to spy on access data or account and credit card numbers and can inflict considerable economic damage on the victims.
Inconspicuous for the user are malicious programs that allow an attacker to remotely control infected devices. This type of malicious code, for example, is secretly smuggled into the user's computer through e-mail attachments, the opening of a specially manipulated website or the click on an infected banner ad.
By infecting about thousands of computers with this malware, creators can launch attacks on websites (DDoS attacks) to disable them or misuse them for mass spam. While there is no one hundred percent protection against these threats, especially when so-called zero-day exploit. However, with measures such as anti-virus software and a firewall, as well as prompt installation of software updates and careful handling of e-mail attachments, users can increase their protection.
Users should also be very careful when downloading or installing software or other data from unknown sources. In case of doubt it should always be avoided.
Myth # 2: "I have nothing to hide and no important data, so I'm not a target for cyber criminals, so I do not need to protect myself."
This view is fundamentally wrong because cyber criminals can use all available data for their own purposes.
Anyone surfing, shopping, or banking online with an unprotected device uses and leaves behind a wealth of data that cyber criminals are interested in. These are not necessarily the vacation pictures, correspondence or other private documents stored on the computer. From an unprotected computer, criminals can easily steal and misuse access, account and credit card information stored or transmitted on the Internet.
On unprotected systems can also malicious programs such as ransomware nest. The authors of these programs can encrypt the infected computer in such a way that the user can no longer read his data.
The user receives only a message, a certain amount of ransom money, mostly via disguised channels such as the Internet currency Bitcoins to pay, so he comes back to his data. Many often find that they still have sensitive data such as holiday or family pictures. Also, insufficiently secured devices can quickly become part of a botnet and be abused for criminal purposes.
Myth # 3: "My data is in the cloud, so I do not need a back-up."
That's not true. Using a cloud does not guarantee that the data is always available.
Although data storage in the cloud offers a number of advantages: the security mechanisms provided by the provider, the ability to access one's own data over the Internet at any time and from any device, as well as saving storage space, especially on mobile devices.
There are cloud services whose security and availability are high. Nevertheless, the case may occur that the user can no longer access his data. Technical problems, failures at the service provider or even the attitude of a cloud service are possible reasons. It is therefore essential not only to store important data in one place - as in a cloud - but also to regularly create back-ups, i.e duplicates of the data, on an (external) storage medium. It should be kept in mind that even devices, hard disks and storage media can be unexpectedly broken or lost or stolen.
Myth # 4: "My data is in the cloud, so I do not need a back-up."
Myth # 4: "If I delete all the data from my device and then empty the trash, the data is gone forever."
Not correct. To remove data from a disk or device irretrievably requires additional steps.
If users want to sell or dispose of an old device or an obsolete external storage device, they should ensure that all data has been securely erased to prevent possible misuse. Moving files to the Recycle Bin keeps the files completely on the storage media.
Even after emptying the trash can be restored data with little effort, since this process only the references to the data in the index, the contents of the hard drive, deleted and the area is released for overwriting. Only the overwriting of data makes them disappear on certain storage media never to return.
To permanently and safely erase data, special programs should be used best. If a device or storage medium should not be forwarded in anyway or cannot be overwritten for other reasons, it should be physically destroyed. Only in this way can a restoration of the data be made impossible. However, users should be careful to avoid splinter injury from the storage drive.