Erka is a veteran in cyber security. With over 10 years working in the industry with the finnish government, he is currently an adviser for F-Secure, a top European cyber security company. Erka recently did an “Ask Me Anything” questionnaire on Reddit.
Here is a recap of some of the most intuitive questions on cyber security:
From a personal level, what sort of things can we do, other than installing anti-virus software, to make sure our data remains secure? As a secondary point, what’s your go to anti-virus software to use, again, on a personal level?
“In anything you do in terms of protecting yourself online, please remember that it is increasingly difficult to distinguish between your professional and personal presence. So, if your job requires you to be mindful of what you share online and how to keep hackers out, please be as vigilant in your personal capacity as well. Otherwise you may end up becoming the low-hanging fruit that the attackers exploit in order to get after your employer, its customers or its partners.
Now, having established that, this is what I always do with my personal stuff:
- Everything starts with fresh install. The bloatware just sickens me.
- I patch, harden and lock-down all my gear so that there is as little as possible attack surface to go after
- I use full disk encryption together with strong password protection
- I backup, backup my backups and locate the backups of my backuped backups somewhere else than my home (did I already say about encrypting your backups)
- I keep a record of my family’s gear, encryption keys and backups; nobody remembers this by heart
- I am wary of what networks I connect my devices with
- I am conservative on who I let to our home networks. Nobody get in the inner parts of the network.”
When working in cyber security industry like you are, do you feel like being out of the general public knowledge or otherwise being “off from the radar” would be beneficial for some positions in the industry?
“The off-the-grid approach is actually what the classified systems are designed around. For instance, a system classified as SECRET cannot be connected to public networks such as internet.
And this is where the spies enter the game: if you truly hold secrets that mean anything to somebody else, they will go after your secrets regardless of how you defend them. You will find that it is really difficult to operate off-the-grid. For economical and human behavioral reasons you want to limit the amount of off-the-grid data and transactions to absolute minimum (of course all the time relating to the value of the secrets that you protect). Otherwise people start to get “innovative” and end up inviting the spies in.”
Recently, our company faced a ransomware attack. Would have any suggestion of how to prevent it and manage it once the wolf is in the henhouse ?
“Cosmin and Vangelis from ENISA already provided excellent advice. I have yet one more thing to add: regardless of your Anti-Virus product, now would be the moment to take a close look at the configuration and enable the more advanced behavioral detection mechanisms. In our products these go by the names DeepGuard and Advanced Process Monitoring. These detection engines are your last line of defense, make good use of them!”