The c’t security checklists 2021 | heise online

As you read these lines, millions of hacker attacks are taking place around the world. At this moment, a bot may be trying to get into your mail account with captured access data or to take over your Facebook account. Your router may also be under attack or a banking Trojan is waiting for you to make a transfer. Those who take danger lightly are easy prey.

More from c't magazine

More from c't magazine

Because the cyber gangs target not only high-level targets like government organizations, but each and every one of us. And the argument “I have nothing to get anyway” has long ceased to count: even an outdated smart home center is still good enough for attackers to abuse it as a bot and thus to further systems around the world infect. First of all, you have the trouble, because the follow-up attacks are based on your IP address.

The good news is that you can do something about it. And that with little effort. IT security is a complex field, but the most important defense measures against hackers are so simple that anyone can – and should – implement them. We have compiled the basic steps for securing computers, smartphones, WiFi routers, social media accounts and much more in our security checklists for you.

It usually takes no longer than five minutes to go through a checklist and, if necessary, to improve it. You will also learn how you can prevent the next data loss with Trojan-safe backups and what makes a secure password. If you take the tips in this booklet to heart, you will be immune to the most common cyber attacks.

We have again tailored this year’s edition of the security checklists to the current threat situation and updated them comprehensively. An important innovation is the home office checklist, which shows you how to work safely from home. Security shouldn’t be neglected here in particular: if a Trojan breaks out at home, it can paralyze the entire company. The “Server & Hosting” checklist is also new. It shows you the most important steps to secure servers and web hosting packages.

Some recommendations run like a thread through the security checklists – and for good reason. This includes the advice to pay attention to the use of the latest software. This is essential because operating system updates and new program versions not only bring new functions and eliminate annoying bugs, the updates often also close serious security gaps. Anyone who wants to keep cyber attackers away – and who doesn’t want that – should install updates promptly after their publication, regardless of whether it is about Windows, the smartphone, the WLAN router or the WordPress installation.

Passwords are also repeatedly discussed in the checklists. Billions of hacked passwords are circulating on the Internet, and evaluations of this data show that many users still recklessly choose passwords that are far too simple or even use the same password for several services. It’s like using the same lock everywhere: If your mailbox key is stolen, the thief can not only clear out your apartment with it, but also drive away in your car. A good password is not only long, but also unique. It only fits one service. We have summarized everything to do with the topic in the “Passwords & Accounts” security checklist.

Since everyone has a right to IT security, we want to reach as many people as possible with the security checklists. You can help us: Pass the checklists on to acquaintances, friends, relatives, colleagues and employees so that everyone can implement solid basic protection in a short time. The print edition of the c’t comes with a small booklet in the handy A6 format that contains the most important tips in brief.

The You can also reorder the booklet and download as PDF. This has already worked well in the past: The previous editions of the security checklists were distributed to employees in banks, offices, companies and educational institutions as part of awareness measures.

The security checklists deliberately only contain the most important steps that everyone should implement in order to protect themselves from the most common cyber attacks. If you want to delve deeper into a certain topic, c’t still has the opportunity to do so – in previous and following editions.

If you have gone through the checklists and find that you have already implemented everything: Excellent, now is the right time to pass the booklet on – for example to someone in your family or friends who has so far been less concerned with the topic of IT security. Perhaps you can even use it to intercept a few emergency queries, for example because the next crypto-Trojan will be successfully fended off or, in the worst-case scenario, at least a Trojan-safe backup was created in good time. But enough of the preface, we are fresh to work!

This article is from c’t 20/2020.


To home page