What do you think?
Rate this book
Personal Cybersecurity: How to Avoid and Recover from Cybercrime
Discover the most prevalent cyber threats against individual users of all kinds of computing devices. This book teaches you the defensive best practices and state-of-the-art tools available to you to repel each kind of threat.
Personal Cybersecurity addresses the needs of individual users at work and at home. This book covers personal cybersecurity for all modes of personal computing whether on consumer-acquired or company-issued devices: desktop PCs, laptops, mobile devices, smart TVs, WiFi and Bluetooth peripherals, and IoT objects embedded with network-connected sensors. In all these modes, the frequency, intensity, and sophistication of cyberattacks that put individual users at risk are increasing in step with accelerating mutation rates of malware and cybercriminal delivery systems.
Traditional anti-virus software and personal firewalls no longer suffice to guarantee personal security. Users who neglect to learn and adopt the new ways of protecting themselves in their work and private environments put themselves, their associates, and their companies at risk of inconvenience, violation, reputational damage, data corruption, data theft, system degradation, system destruction, financial harm, and criminal disaster. This book shows what actions to take to limit the harm and recover from the damage.
Instead of laying down a code of "thou shalt not" rules that admit of too many exceptions and contingencies to be of much practical use, cloud expert Marvin Waschke equips you with the battlefield intelligence, strategic understanding, survival training, and proven tools you need to intelligently assess the security threats in your environment and most effectively secure yourself from attacks. Through instructive examples and scenarios, the author shows you how to adapt and apply best practices to your own particular circumstances, how to automate and routinize your personal cybersecurity, how to recognize security breaches and act swiftly to seal them, and how to recover losses and restore functionality when attacks succeed.
What You'll Learn
Discover how computer security works and what it can protect us from
See how a typical hacker attack worksEvaluate computer security threats to the individual user and corporate systemsIdentify the critical vulnerabilities of a computer connected to the Internet
Manage your computer to reduce vulnerabilities to yourself and your employer
Discover how the adoption of newer forms of biometric authentication affects you
Stop your router and other online devices from being co-opted into disruptive denial of service attacks
Who This Book Is For
Proficient and technically knowledgeable computer users who are anxious about cybercrime and want to understand the technology behind both attack and defense but do not want to go so far as to become security experts. Some of this audience will be purely home users, but many will be executives, technical managers, developers, and members of IT departments who need to adopt personal practices for their own safety and the protection of corporate systems. Many will want to impart good cybersecurity practices to their colleagues. IT departments tasked with indoctrinating their users with good safety practices may use the book as training material.
Personal Cybersecurity addresses the needs of individual users at work and at home. This book covers personal cybersecurity for all modes of personal computing whether on consumer-acquired or company-issued devices: desktop PCs, laptops, mobile devices, smart TVs, WiFi and Bluetooth peripherals, and IoT objects embedded with network-connected sensors. In all these modes, the frequency, intensity, and sophistication of cyberattacks that put individual users at risk are increasing in step with accelerating mutation rates of malware and cybercriminal delivery systems.
Traditional anti-virus software and personal firewalls no longer suffice to guarantee personal security. Users who neglect to learn and adopt the new ways of protecting themselves in their work and private environments put themselves, their associates, and their companies at risk of inconvenience, violation, reputational damage, data corruption, data theft, system degradation, system destruction, financial harm, and criminal disaster. This book shows what actions to take to limit the harm and recover from the damage.
Instead of laying down a code of "thou shalt not" rules that admit of too many exceptions and contingencies to be of much practical use, cloud expert Marvin Waschke equips you with the battlefield intelligence, strategic understanding, survival training, and proven tools you need to intelligently assess the security threats in your environment and most effectively secure yourself from attacks. Through instructive examples and scenarios, the author shows you how to adapt and apply best practices to your own particular circumstances, how to automate and routinize your personal cybersecurity, how to recognize security breaches and act swiftly to seal them, and how to recover losses and restore functionality when attacks succeed.
What You'll Learn
Discover how computer security works and what it can protect us from
See how a typical hacker attack worksEvaluate computer security threats to the individual user and corporate systemsIdentify the critical vulnerabilities of a computer connected to the Internet
Manage your computer to reduce vulnerabilities to yourself and your employer
Discover how the adoption of newer forms of biometric authentication affects you
Stop your router and other online devices from being co-opted into disruptive denial of service attacks
Who This Book Is For
Proficient and technically knowledgeable computer users who are anxious about cybercrime and want to understand the technology behind both attack and defense but do not want to go so far as to become security experts. Some of this audience will be purely home users, but many will be executives, technical managers, developers, and members of IT departments who need to adopt personal practices for their own safety and the protection of corporate systems. Many will want to impart good cybersecurity practices to their colleagues. IT departments tasked with indoctrinating their users with good safety practices may use the book as training material.
254 pages, Paperback
Published January 12, 2017
6 people are currently reading
22 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 2 of 2 reviews
September 10, 2021
Most of the book is history and background that most readers will find boring and unnecessary. The most useful chapters are 9 and 10, which have specific advice for protecting against and responding to attacks.
The author explains the importance of continually taking steps to increase your cybersecurity. He says,
Notes
How Does Computer Security Work?: It's Harder than It Looks
"The strength of a password depends on the character set the hacker thinks you are using, not the character set in the password." The length of a password is more important than the mixture of characters in it. "Stringing together random word combinations into long passwords can be easy-to-remember and strong."
Your Computer is a Target: What Are the Shady Hombres After?
The danger of letting your browser remember your passwords is that if someone gets into the account you use to log into your browser (such as your Microsoft account for Edge, or your Google account for Chrome), they can get your passwords. If you use a password manager that requires a master password to use it, that makes it harder for a hacker to get your passwords.
What hackers want
• Passwords to financial sites, to steal your money or identity, or to target your friends.
• Cloud data (backups, documents, etc.)
• Gaming accounts (Steam, Xbox, etc.)
• Entertainment accounts (Hulu, HBO, Netflix, etc.)
• License keys for software
• Email accounts (because of the sensitive data in email, which can be used for spam, harassment, phishing, identity theft)
Cloud Threats: Clouds are Good, but Not All Good
Cloud services are supported by professionals who are better at protecting systems than a typical consumer, but their attack surface is larger.
"You can reasonably expect that at any moment in time, data encrypted 10 years before is now easily decrypted."
Why Doesn't Somebody Stop It?: Where are the Authorities?
You can report Internet crimes to the US Department of Justice.
Several US federal agencies (FBI, Secret Service, Department of Homeland Security), accept reports. In most cases, the Internet Crime Complaint Center (IC3) is the best starting point.
In the European Union, Europol has advice for reporting cybercrime.
Personal Defense: Stay Safe
It's OK to keep passwords on paper in your home, as long as you protect them like other valuables (keep in wallet or purse, or lock up).
On Windows, use a regular user account, not an administrator account. On macOS, regular users don't have admin privileges.
About Windows Defender, the anti-malware built into Windows: "There are other tools that have better kill rates, but Defender is respectable and it only takes a single click to activate it."
Anti-malware tools on phones and tablets generally don't prevent bad downloads from app stores, or lost or stolen devices, which are the most important attack vectors for mobile devices.
Keep the Windows firewall enabled. Enable the firewall in macOS. You probably don't need a third-party firewall.
Public Wi-Fi safety
• Avoid sensitive actions (financial, personal, etc.) over public Wi-Fi. If you must make them, only do them on HTTPS sites.
• Use a Virtual Private Network (VPN) when on public Wi-Fi.
Bluetooth safety
• Avoid important actions, such as banking, when in public and using Bluetooth.
• Turn Bluetooth off when you're not using it.
• Assume a Bluetooth connection is insecure unless you're certain that it's encrypted.
• Be aware of your surroundings, especially when pairing. Assume that Bluetooth transmissions can be snooped from 30 feet (or more) in any direction.
• Delete unused Bluetooth pairings.
• Turn off discoverability when you're not pairing.
"Email is not private." Even if your email service is secure, you don't know about the security of your recipient. Assume that anything sent by email can become private. You can make email more private through encryption.
Internet of Things (IoT) safety
• Reset device to factory defaults, in case it's already been hacked.
• Use strong passwords.
• Disable remote access (telnet, SSH, etc.).
Protecting children
• Open credit records for kids with the credit bureaus (Equifax, Experian, Trans Union, and Innovis), then freeze the records.
• Have kids use their own limited accounts, not your accounts, unless they're supervised. That applies to Internet accounts and accounts on computers and other devices.
• If a child is frequently hacked, or you're very cautious, periodically completely restore the system from a known good backup.
Disaster Recovery: When, Not If, You Become a Victim
Accept free identity theft monitoring services. They're another layer of protection. You probably don't need to pay for such a service, as long as you diligently monitor your accounts.
What do to if hacked
1. Cut power by unplugging, removing battery, or fully powering down.
2. Disconnect device from network (wired or Wi-Fi). Start device in safe mode.
3. Run a thorough anti-malware scan.
4. Restore a good backup, even if anti-malware scan finds no more threats. After restoration, run another scan.
5. Change all important passwords. Watch for anything suspicious.
If you notice ransomware start to encrypt your device, turn it off immediately. Follow steps above for what to do if hacked.
Report cybercrimes to Internet Crime Complaint Center (IC3). For issues that are clearly local, such as a neighbor stealing bandwidth or local email fraud, report to local authorities. Many states' attorneys general have cybercrime offices.
The author explains the importance of continually taking steps to increase your cybersecurity. He says,
No system is safe from a top-flight and well-supported cyberinvader, but a carefully secured personal system can give pause to even the best. the worst mistake of all: thinking that the steps to secure your computer are not worth the trouble.He also says,
The challenge is to grow our safety faster than the criminals assault us.I read this to learn more about personal cybersecurity.
Notes
How Does Computer Security Work?: It's Harder than It Looks
"The strength of a password depends on the character set the hacker thinks you are using, not the character set in the password." The length of a password is more important than the mixture of characters in it. "Stringing together random word combinations into long passwords can be easy-to-remember and strong."
Your Computer is a Target: What Are the Shady Hombres After?
The danger of letting your browser remember your passwords is that if someone gets into the account you use to log into your browser (such as your Microsoft account for Edge, or your Google account for Chrome), they can get your passwords. If you use a password manager that requires a master password to use it, that makes it harder for a hacker to get your passwords.
What hackers want
• Passwords to financial sites, to steal your money or identity, or to target your friends.
• Cloud data (backups, documents, etc.)
• Gaming accounts (Steam, Xbox, etc.)
• Entertainment accounts (Hulu, HBO, Netflix, etc.)
• License keys for software
• Email accounts (because of the sensitive data in email, which can be used for spam, harassment, phishing, identity theft)
Cloud Threats: Clouds are Good, but Not All Good
Cloud services are supported by professionals who are better at protecting systems than a typical consumer, but their attack surface is larger.
"You can reasonably expect that at any moment in time, data encrypted 10 years before is now easily decrypted."
Why Doesn't Somebody Stop It?: Where are the Authorities?
You can report Internet crimes to the US Department of Justice.
Several US federal agencies (FBI, Secret Service, Department of Homeland Security), accept reports. In most cases, the Internet Crime Complaint Center (IC3) is the best starting point.
In the European Union, Europol has advice for reporting cybercrime.
Personal Defense: Stay Safe
It's OK to keep passwords on paper in your home, as long as you protect them like other valuables (keep in wallet or purse, or lock up).
On Windows, use a regular user account, not an administrator account. On macOS, regular users don't have admin privileges.
About Windows Defender, the anti-malware built into Windows: "There are other tools that have better kill rates, but Defender is respectable and it only takes a single click to activate it."
Anti-malware tools on phones and tablets generally don't prevent bad downloads from app stores, or lost or stolen devices, which are the most important attack vectors for mobile devices.
Keep the Windows firewall enabled. Enable the firewall in macOS. You probably don't need a third-party firewall.
Public Wi-Fi safety
• Avoid sensitive actions (financial, personal, etc.) over public Wi-Fi. If you must make them, only do them on HTTPS sites.
• Use a Virtual Private Network (VPN) when on public Wi-Fi.
Bluetooth safety
• Avoid important actions, such as banking, when in public and using Bluetooth.
• Turn Bluetooth off when you're not using it.
• Assume a Bluetooth connection is insecure unless you're certain that it's encrypted.
• Be aware of your surroundings, especially when pairing. Assume that Bluetooth transmissions can be snooped from 30 feet (or more) in any direction.
• Delete unused Bluetooth pairings.
• Turn off discoverability when you're not pairing.
"Email is not private." Even if your email service is secure, you don't know about the security of your recipient. Assume that anything sent by email can become private. You can make email more private through encryption.
Internet of Things (IoT) safety
• Reset device to factory defaults, in case it's already been hacked.
• Use strong passwords.
• Disable remote access (telnet, SSH, etc.).
Protecting children
• Open credit records for kids with the credit bureaus (Equifax, Experian, Trans Union, and Innovis), then freeze the records.
• Have kids use their own limited accounts, not your accounts, unless they're supervised. That applies to Internet accounts and accounts on computers and other devices.
• If a child is frequently hacked, or you're very cautious, periodically completely restore the system from a known good backup.
Disaster Recovery: When, Not If, You Become a Victim
Accept free identity theft monitoring services. They're another layer of protection. You probably don't need to pay for such a service, as long as you diligently monitor your accounts.
What do to if hacked
1. Cut power by unplugging, removing battery, or fully powering down.
2. Disconnect device from network (wired or Wi-Fi). Start device in safe mode.
3. Run a thorough anti-malware scan.
4. Restore a good backup, even if anti-malware scan finds no more threats. After restoration, run another scan.
5. Change all important passwords. Watch for anything suspicious.
If you notice ransomware start to encrypt your device, turn it off immediately. Follow steps above for what to do if hacked.
Report cybercrimes to Internet Crime Complaint Center (IC3). For issues that are clearly local, such as a neighbor stealing bandwidth or local email fraud, report to local authorities. Many states' attorneys general have cybercrime offices.
December 8, 2018
Readable, thorough and practical, at least for those among us who have not paid their computing responsibility dues.
Displaying 1 - 2 of 2 reviews