VPNs, or Virtual Private Networks, have been in the news a lot lately. In July, there was the revelation that Apple had removed VPNs from the Chinese App Store, and more recently in October, it turned out that VPNs were an effective safeguard against the worrying Krack Wi-Fi vulnerability. Even with all the publicity, there are plenty of people who still don’t know what a VPN is and how to use it – the name alone can seem strange and abstract to the average consumer. However, using a VPN couldn’t be simpler. Let’s take a quick look at how the software works and why it’s an essential tool for your digital life.

How a VPN works

When you access the internet without a VPN, your computer connection is basically ‘naked’, as it were. Your Internet Service Provider (ISP) can see what content you access. That includes streaming sites, torrents, and games. But when you connect to a VPN, the VPN server acts as an intermediary between your computer and the web.

To put it simply: you send a request to the VPN, the VPN sends a request to the server where the content is hosted, and then the process runs in reverse. However, because the VPN is between you and the content, your ISP will only see you accessing the VPN. Thus, it won’t see your internet activity. Besides acting as an intermediary, VPNs protect you in two other key ways: they encrypt your internet traffic and grant you a new IP address (so your real IP is hidden).

Encryption 101

On a basic level, encryption involves using advanced mathematics to make your data unreadable to third-parties – it will look like gibberish to everyone other than you and your VPN. In effect, a VPN, can hide your internet traffic not just from your ISP, but also from anyone else on the same Wi-Fi network as you. That makes VPNs a necessary tool on public Wi-Fi in places like cafes or libraries.

Why IP addresses matter

VPNs also grant you a new IP address. This not only safeguards your anonymity, but also widens the amount of content you can access. Think of your IP address as being like a physical address in the real world – it tells internet servers where to send information and content you request. But because a VPN provides you with a new IP address, sites you access only know the IP of the VPN, and not the one tied to your computer.

Also, many content providers like Netflix and BBC iPlayer use IP addresses as a way to figure out whether or not to allow you to access content that is limited to a particular region. By using a VPN server in a different country, you can get a foreign IP address, unlocking tons of media you might not otherwise have access to.

VPNs vs proxies: what VPNs actually hide

Of course, if you’ve ever used a proxy, a lot of this might sound familiar. Plenty of people use proxies to surf the web. However, the major difference between proxies and VPNs is that while proxies mask your traffic via your web browser, VPNs cover all your internet activity, including torrent clients and games. What does that mean for the average consumer? If you want total privacy and encryption, then VPN is the way to go.

Picking a VPN: what to look for

Now that you’ve gained a bit of VPN expertise, you may feel ready to try one for yourself. But how to choose? Even so, you might also want a few considerations to help you judge for yourself. Below are three questions (and some related follow-up queries) that will come in handy.

Can you use the VPN on all your devices? A good VPN provider should be able to offer you a working service wherever you go. On the road? You’ll need a VPN on your smartphone or tablet. Want peace of mind at home? Get a VPN on your desktop computer or network router. When checking to see what platforms a VPN service provides apps for, also check the company’s device usage policy. Can you connect to the VPN on more than one device at a time? If so, how many devices are supported?

What VPN protocols are available? VPN protocols control how data is passed between your device and the VPN server. PPTP is the fastest protocol, but it’s also the least secure. Meanwhile, OpenVPN is probably the most secure, but it doesn’t work on all devices. A good VPN provider should have multiple protocols available, allowing you to switch between them as circumstances require.

Those are some basic points to look out for, but the truth is that VPN providers can offer a raft of all sorts of different features. But beyond various settings and extras like proprietary security protocols, at the end of the day, what’s most important is trust.

You’re entrusting a VPN provider with your privacy, so you should make sure they have the track-record and reputation to back up that responsibility.

When cybercriminals strike, it is often the groups or individuals responsible for the attack (e.g., Anonymous, Guardians of Peace, MafiaBoy); the victims (e.g., Target, Sony, Dyn) or the malware itself (e.g., WannaCry, Shamoon, Conficker) that make the headlines. The critical role of botnets in the organization and the launch of cyberattacks is less commonly written about. This article explains what botnets are, how they operate and what can be done to protect your computers and devices from being recruited to a botnet.

Understanding Botnets

As we discussed in a previous post about cybersecurity ignorance, over 70 percent of Americans are unaware of what a botnet is. When the security of a computer or connected device is compromised by an attack, there are several things that its payload can do. It could execute a piece of ransomware, encrypting user files and display a message demanding payment for their release. It could launch spyware to collect information about the user, stealing personal data or harvesting contacts. It could even cause damage to your hardware and shut down your device – although this is not usually in the cybercriminal’s best interest.

Or it could connect your computer to a hidden network of similar hijacked devices and inform its master that it is ready to take orders. It would become what is termed a bot or a zombie, and while it may still operate normally in other respects, it has become the latest addition to a botnet.

Once recruited, a bot will start monitoring for messages from its new master or masters. These messages could originate from a dedicated server (sometimes termed a command and control server) or even via code on a website. This is the traditional server-client botnet. Some of the latest botnets operate on a peer-to-peer (P2P) basis, with each new device acting as both zombie and zombie master in a distributed network.

Methods of Attack Using Botnets

So what can a botnet do? There are certain types of attack that a botnet will usually instigate, although its activity can be quickly changed through altering instructions. Since the devices in question are already compromised, there is no security to overcome and no resistance to its orders.

One of the most common tasks of a botnet is to distribute spam, which will usually contain ransomware. To give an idea of the scale of the problem, Cisco’s 2017 Annual Cybersecurity Report shows that spam accounts for 65 percent of all email, with 8 to 10 percent cited as malicious. Due to a combination of spam filters and consumer education, this method of attack is relatively unproductive and relies upon vast numbers of messages being sent out. For example, when ESET uncovered the Windigo botnet in 2014, it was sending out 35 million spam messages per day.

Another mode of operation is the infamous DDoS attack. In an instant, all bots in the botnet can be instructed to flood a server or servers with connection requests, effectively taking that service out of action. Again, this is a blunt, relatively unsophisticated weapon and, due to improved DDoS mitigation technology, is usually short-term in nature.

For client-server types of botnets, the messages are usually transmitted using the internet relay chat (IRC) protocol. Such communication can be relatively easy to detect and block or even hijack, so smarter forms of attack are being developed to outwit the cybersecurity provider. For example, it has been proven possible to issue commands via Twitter, LinkedIn and even JPEG metadata and to switch between such channels. The P2P type of botnet mentioned above also avoids the pitfalls of IRC communication.

Lack of Vigilance is Still the Weakest Link

Facing up to the power and sophistication of botnets can be scary at first, but it must be remembered that there are equally smart minds at work in the battle against cybercrime. The best forms of protection remain unchanged: install regular security updates, use strong password protection, look for the padlock next to a URL before divulging sensitive information and never click on email or social media links unless you are 100 percent sure they are genuine.

As explained in Malwarebytes’ ‘State of Malware Report,’ there are specific concerns about the prioritization of security when it comes to the Internet of Things and DDoS attacks. These vulnerabilities were ruthlessly exploited in October 2016 by the Mirai botnet, which targeted Dyn Inc. and effectively shut down Twitter, Spotify and other sites.

It was discovered that Mirai’s ability to launch such a ferocious DDoS attack (at one point reaching speeds of 1 tbps) was due to its choice of bots – IP cameras, home routers and other devices rather than PCs. Many of these were configured with their factory passwords and so were simple to hack.

As the Internet of Things grows, it will become more important than ever for companies to choose devices with robust security protection, to update passwords upon setup and to up-skill their IT support teams to monitor for threats. Likewise, homeowners should shop for smart devices with security in mind and change their default passwords.

Why the Worst Cyberattack May Never Happen

If the fear of botnets bringing down the internet is keeping you up at night, then this end section should give you some reassurance. Setting up a botnet that can successfully evade all of the security measures set up to detect and bring it down is resource-intensive; this makes it an incredibly valuable asset. The bigger a botnet is, the harder it becomes for it to fly under the radar. When large botnets are detected, it is often in the wake of a big attack that exposes its chain of command. Once found, botnets often fall hard with significant computer resources put out of action by law enforcement and people sent to jail.

In most cases, it serves the cybercriminals best to use botnets as stealth weapons, launching the occasional assault before covering their tracks, evolving and then looking for the next opportunity to strike.

It seems as though data breaches affecting millions of Americans are constantly in the news these days. If this makes you anxious about the safety of your personal information, that’s understandable. You can protect your data by using secure internet connections rather than public Wi-Fi when you’re providing sensitive information such as financial account numbers online, keeping your computer and mobile device safe against malware that may be lurking in email attachments, pop-ups and banner ads, downloading apps and other programs only from trusted sources, and being wary of anyone who contacts you unexpectedly asking for it. You can also use the security settings on social media sites to restrict who can see your posts.

In the offline world, you can reduce the possibility of identity theft and fraud by sending bill payments from public mailboxes rather than from the mailbox in front of your house and collecting your mail promptly, shredding documents that contain account numbers and other personal information when they’re no longer needed and not carrying your Social Security cardaround with you.

But when businesses have your data, you can’t control how well it‘s safeguarded. There are some simple steps that you can take, however, to make it harder for fraudsters to use your personal information if they get ahold of it.

• Create separate passwords for your most sensitive accounts. Sure, it’s convenient to use the same password for everything. Crooks know that, so if they get your password for one account, they’ll try it to log into accounts on other websites. Any account that has your financial information, Social Security number or other sensitive data should have a unique, strong password to keep would-be intruders guessing.
• Beef up your authentication. If your username, which is often your email address, and a password is all it takes to access your accounts, your defenses are relatively weak. Two-factor authentication – your password plus something that only you have, such as a one-time code that is sent to you as part of the login process – provides much stronger protection.
• Freeze your credit file. This prevents identity thieves from opening new credit accounts in your name because the lenders won’t be able to access your credit record. Since some landlords and employers also check applicants’ credit records, freezes can also stop fraudulent attempts to get jobs or rent apartments using your identity. Contact the three major credit reporting agencies – Equifax, Experian, and TransUnion – to request a security freeze. You can lift the freeze anytime you need to and reset it. In some situations you may be able to do this for free; otherwise, there will be a small fee.

Investing in smart home technology is more than just a cool party trick, it can also help you save money and energy.

1. SET SCHEDULES WITH A SMART THERMOSTAT

Your heating and cooling system can be a big contributor to your electricity bill. One of the easiest ways to save money and cut down this cost is to install a programmable thermostat. WiFi thermostats, for example, the ecobee4, allow you to save energy and change the temperature or schedule your thermostat from anywhere. You can create schedules, set reminders/alerts, make sure the temperature is turned off when you’re away from home, and more. When used effectively, smart thermostats may generate noticeable savings every month.

Shop all smart thermostats that work with Alexa

2. SWAP OUT INCANDESCENT LIGHT BULBS

Did you know that incandescent light bulbs can give off more energy in the form of heat rather than light? Because of this, the extra heat coming from your light bulbs could be making your home warmer, causing you to use more energy to cool it down. Simply changing your light bulb to CFL or LED lights can help you save money on your electricity bill. You can also reduce energy usage by swapping out your light switches with dimmers, timers, motion detectors and smart switches. Set timers and presence detection around your home to make sure your lights are turned off when you’re not at home. Connect your smart lights with your Echo device and simply say, “Alexa, trigger I’m leaving” to have all of your lights turn off at once.

Shop all smart lighting that works with Alexa

3. MONITOR ENERGY USAGE

Ever look at your electricity bill and wonder where all of that electricity is going? Take out the guesswork by using smart plugs to help you monitor which appliances in your home may be using the most energy. Many appliances, like home entertainment systems, may be consuming energy even when you’re not using them. Connecting these to a smart plug can help you track how much energy these appliances are using through an app on your smart phone. You can also set up timers to automatically turn these off when they are not in use to help you save more money on your electricity bill.

Shop all smart plugs that work with Alexa

Maybe you know someone you’d like to encourage to be more security-conscious. Or perhaps a friend or family member is already concerned about their own privacy. They’ve already got tin foil (albeit for the turkey, not to use as a hat), so what else should you get for them? We have a few suggestions.

1. RFID Wallet

Due to concerns over security, you can turn down the offer of contactless payment on debit and credit cards. Nonetheless, fewer people are using their PINs anymore.

Criminals can take payment from contactless cards. Indeed, warnings are occasionally issued on social media about thieves preying on users of packed trains and the subway. You can do something about it, however. Radio Frequency Identification (RFID) wallets block the wireless signals interacting between a card terminal and the card.

2. Nest Indoor Security Cam

Internet Protocol (IP) Cameras are all about peace of mind. They can be used for security reasons or as baby monitors. These are digital video recording devices that generally connect to your smartphone or device to offer 24/7 surveillance. Some allow you extra remote control and will further track smart home accessories

The Nest Cam Indoor security camera is designed to help you look after your home and family – even when you’re away. With 24/7 live streaming, a versatile magnetic stand, person alerts with Nest Aware and one app for all your Nest products, Nest Cam Indoor helps you keep an eye on what matters. From anywhere.

3. WALI Dummy CCTV

Not too sure whether your family member of friend will like a camera keeping score of proceedings all the time? Opt for a fake CCTV system instead!

Dummy cameras are a deterrent to your average criminal. They won’t be keen to have their mugshots taken. Even if some suspect they’re fake, they’ll have to risk getting up close to check it out for sure.

You can typically rely on WALI’s products, and this four-pack of dummy cameras is a substantial present that’s a surprisingly good price. They’ll certainly come in handy around most homes, and because they’ve got a flashing LED, they look real.

4. Litom Solar Lights

Solar lights are fantastic: not only are you utilizing the sun’s power but you’re also improving safety and security. They come in a vast array of variations, and are available everywhere, but for Christmas, we recommend a motion detector solar light.

These simply light up an area whenever something moves within its radius. Intruders are instantly spotlighted, and homeowners are alerted that there’s someone on their property. If whoever you’re buying for has a pond or swimming pool, lights are vital to make sure no one has an accident at night.

Litom’s a solid make. These are deceptively small considering the amount of light they give off. They’re cheap too, but if the recipient places them strategically at a doorway or garage, effective enough to deter would-be criminals.

5. Shredder

Everybody needs a shredder. No, more than that — everybody needs a cross-cut shredder. Cross-cut shredders cut pieces diagonally, rendering anything you put in virtually unreadable. In this age of hacking and ransomware, you shouldn’t underestimate the importance of a good old shredder. Because plenty of important things need cutting up.

Credit card slots are ideal, but some further chop up CDs — more infrequently used, of course, but this is a present to last! Typically, the finer a shredder will cut, the better. Also consider measurements: will this be used in a workplace environment or be kept at home, and how does this affect the size you’re considering?

6. VPN Router

This could be the priciest item on the list, so you’ll want to save it for someone especially dear to you, or as a family gift. But as ever, it depends on which model you go for.

It’ll also require a lot of research. Virtual private networks (VPN) afford a solid level of security by encrypting data sent between a computer and a website. Anyone who can intercept details sent on that connection cannot read it anyway. There are many VPN services available, including for free via the Opera browser

VPN routers give a whole household a high level of security. No need for individual installation on each device. Anything connecting to this router will use encryption. The receiver just needs to set it up and then everyone can browse the internet, hassle-free… in theory.

Shop around. Roqos is a dependable brand, and yet cheaper makes might also catch your eye. Shopping for routers should be a rare occurrence, so ask yourself whether it’s worth spending a bit more to achieve some longevity. And of course, are the recipients worth it?