YOUR ATTACK SURFACE
Your attack surface consists of your online access points that are susceptible to threat, vulnerability and cyberattack. While you will never be able to diminish your attack surface to zero, there are steps you can take to reduce it and thereby make your offline self much less vulnerable to online hacking. Here are 5 ways of condensing your attack surface and renew your cybersecurity awareness.
DOX YOURSELF
Brianna Wu, a game developer from Massachusetts, recently said:
“I can tell you the cheapness and the availability of the information you can get about anyone online would shock you.”
And there is a vast arsenal of data on the web about you, make no mistake. Sources include social media accounts, your WHOIS profile for your website, and any site where you have shared personal information about yourself. So dox yourself. This means searching for data about you just as a hacker would. And it’s easy. Simply open an incognito window in your browser and search for information about yourself such as your name plus address, name plus mobile number, name and birthday, and so on. This will reveal exactly what cybercriminals can get their hands on. Be aware that each data set may not look like a massive privacy risk but combing information from different sources can open up the gates of hell when it comes to your online safety and privacy.
OPT-OUT
Opting out from mailing lists, subscriptions, and needless services can significantly condense your attack surface. Use a data-removal surface such as DeleteMe to find out which data brokers are selling your personal information and provide you with a set of opt-out instructions from dozens of data brokers.
SCRUB SOCIAL MEDIA ACCOUNTS
Facebook, Instagram, LinkedIn, and Twitter accounts contain a wealth of information that can easily be gleaned by determined cybercrooks. Protecting yourself and minimizing your attack surface on social media is straightforward. Limit what strangers can see from your profile. Data-minimization steps for your profile include not including your street address, phone number, or year of birth. Put simply, don’t post anything publicly that you don’t want to share.
CHECK WHOIS
If you have a registered domain, you would have needed to provide WHOIS with some personal details. You don’t need to make this information public and any domain registrar worth their salt should publicly display their contact information instead of yours.
USE 2-FACTOR AUTHENICATION
This may be obvious but 2-factor authentication (2FA) does a lot to reduce your attack surface and secure your online accounts. While a USB security key may sound extreme, it is the safest form of 2FA, which is a special USB key that you cryptographically associate with an account and then plug into a computer, wirelessly, or telephonically, to confirm a new login. You can also use Google Authenticator and, of course, most secure sites such as Amazon, other retailers, banks, and social media platforms apply 2FA.
ZHERO AND YOUR ATTACK SURFACE
You can protect your offline self online. If you need support in reducing your attack surface – at home and at work, contact Zhero. Our cybersecurity experts will ensure that you stay safe and secure – online and offline.
