Canon Marketing Japan Co., Ltd. ESET SPECIAL SITE Canon MJ Security information Cyber Security Information Bureau ESET Bureau 5 Basic Bureau 5 Basic

Demand for personal computers increases due to remote work, and dormant PCs are also used.

Demand for personal computers from remote work shifts due to corona evil has increased.On the other hand, there was a situation where personal computers could not be obtained due to the suspension of production lines due to the effects of the corona and the increase in global semiconductor demand.As a result, many users will use a PC that had been dormant at home or company for remote work.

If you use a newly purchased PC or dormant computer for remote work, security measures are often not enough.In fact, cyber attacks have been confirmed on a personal computer with such vulnerabilities.

According to the Cyber Security Report in the first half of 2021, released by Canon Marketing Japan in September 2021, the particularly noticeable cyber attacks related to remote work can be classified into the following two types.

Attacks using adware and fake ads

The top3 domestic malware detected in the first half of 2021 is a malware that is executed on the Web browser, one of which is the "JS/ADWARE" that displays illegal ads..It was "Agent".Inadvertently clicking illegal ads may be guided to fishing sites and other personal information.

Attacks aiming for vulnerabilities of office software

A representative of the attack aiming for office software vulnerabilities is an attack that abuses macros.Although it is an old attack method, it has recently become more sophisticated, and Word macros have been used for the spread of "Emotet", which had been rampant before.In addition, there are more attacks that are difficult to deal with without vulnerability measures, such as "doc/fraud", which is infected just by opening a file.

In addition, there are also attacks aimed at network peripheral devices, such as attacks aimed at vulnerabilities of VPN (Virtual Private Network) and RDP (Remote Desktop Protocol), which are used for remote control to the environment of workplace in remote work.See.If you use a dormant computer, or even a newly purchased computer, if you do not take security measures properly, the risk of such cyber attacks will increase.

Five basic security measures when using a personal computer

In order to protect your computer from cyber attacks, it is important to take five basic security measures below.

1) Review of login password settings and Wi-Fi settings

It is not desirable to make a personal computer login password that is easy to guess, such as "123456" or "000000".When setting a password, I want to set a complicated and difficult to be guessed password with an alphabet, numbers, symbols, etc. in 15 digits or more.Recently, the number of PCs that support biometric authentication such as fingerprint authentication and face authentication has increased, and convenience is increasing.However, as in the Pin code of Windows 10, it is also possible to authenticate by entering a password (passcode) in the event of a authentication error.Therefore, the password (passcode) is also strong.

In addition, when using Wi-Fi or wireless LAN, it is also essential to check the security settings of the Wi-Fi router and properly restrict the encryption and connection devices.

2) Update to the latest version of OS and software

As with smartphones, the PC should be updated as soon as the update is distributed on the OS or software.As soon as the vulnerability is discovered, it aims for a short time before the update is applied, so the faster the update timing is more effective.

3) Introduction of security software

It is also essential to introduce security software that can achieve comprehensive security measures.For example, ESET Internet security has not limited to malware detection and extermination, but also has a firewall function and phishing fraud, so that it can protect a computer from the threat of various cyber attacks.

4) Understanding OS support deadline

It is also important to know the OS support deadline when reusing a computer that was used in the past and had dormant dormant without using it for a while.Already in Windows 7 and Windows 8, even the OS extension support has ended.The end of the extension support is that even if the vulnerability is discovered, there is basically no update to resolve it.Windows 8.For 1, the mainstream support ended on January 9, 2018, and extension support will end on January 10, 2023.If a highly dangerous vulnerability is discovered, an exceptional update may be made after the end of the extension support, but it should be recognized as an exception.

Keeping the use of a computer with the supported OS is to recognize that the security risk is large, and use a PC that has a continuous version of the OS.

5) Acquisition of regular backup

Backing up regular data is also important.In the unlikely event that it is difficult to get rid of it due to malware, it is possible to initialize the main unit if there is a backup.In addition, even if the data is infected with a ransomware that takes the data as a hostage, the backup can be initialized and the data can be restored from the backup, so that the damage can be minimized.

For Windows 10 or later, Windows Defender offers a variety of security functions as a security center.However, users who are worried about IT literacy and skills will be considered to be considered to use security software that includes support without leaving Defender.

Danger in the use of personal computers that can cause security measures

The following risks may occur if you do not take measures described above.

Malware infection

Infection with malware not only has a delay in personal computers and posting suspicious pop -ups, but also data destruction, leakage of personal information and confidential information, and infections on other devices that are connected to the network.Various damage can occur.

Hijacking

If login information is leaked from a PC that has been infected with malware or a user account is hijacked by social hacking, remote control can lead to significant damage.In some cases, a computer with low frequency of use was taken over without knowing it, and was involved in DDOS attacks.

Backdoor installation

The backdoor is an invasion entrance for the attacker to invade the system.A long -awaited method for installing a backdoor is a method of installing a Troy wooden horse in a downloaded program.In some cases, it is caused by human errors, such as forgetting to erase the backdoor created intentionally for application tests.When the backdoor is installed, there are concerns that the attacker will be able to enter freely, leak confidential information and to be a steppiece such as DDOS attacks.

If you neglect security measures, these risks can lead to significant damage, such as writing online payments by information leakage, spoofing, and unauthorized use of online payments.

It is important to increase security awareness

By taking the five security measures introduced earlier, the safety of cyber attacks increases.Both are basic measures, but it is important to be sure to do it because it is basic.

On the other hand, as important as that countermeasures, users who use personal computers are security awareness.Basic security awareness and literacy are important, such as the attachment of emails received from an unknown person, not to open e -mails, SNS and suspicious links for SNS and chat.

Attackers are trying to deceive users in a natural situation in a daily way.

We hope that you have a high security awareness and refer to information sites such as the Cyber Security Information Bureau, and grasp the latest cyber attack methods and examples.