Friday, July 22, 2016

Feedly:Understanding Java Code and Malware | Malwarebytes Unpacked. How to protect your IP address



from Understanding Java Code and Malware | Malwarebytes Unpacked


What if everyone in the world knew your home address? It would be terrifying, right? People could use your address for any number of indiscretions—posing as you, sending products, people, and services to your house, even adding your house to a burglar’s checklist. What if I told you that cybercriminals can essentially do the same things by finding the “address” of your digital devices?

This “address” is your IP address, or Internet Protocol address. It’s a unique combination of numbers that identifies computers or devices from one another to allow them to communicate through the Internet. It might look like this: 192.168.10.10.

Your digital devices work much the same way as your physical address—your device needs an address in order to send an email to another device’s address. But here’s the issue: Your network’s public IP address is accessible to everyone on the Internet.

What can someone do with my IP address?

There are many reasons why cybercriminals might want your IP address, ranging from just messing with you to future larger-scale, targeted malicious attacks. Three of the main reasons they’re on the hunt for IP addresses are to do the following:

Download illegal content under your IP address’s identity: They can download pirated movies, music, and videos—even child pornography or content that threatens national security. This puts an unnecessary target on your back for law enforcement to come after you. For example, in 2012 online threats to local police in Indiana were traced back to an IP address. After a SWAT team busted down the door and threw flashbangs into the entry, they realized they had the wrong place.

Hunt down your location for larger-scale attacks: When given an IP address, attackers either know your home coordinates or your Internet Service Provider’s (ISP). They might want to know what region you’re in to decide if your area is a worthy target for future attacks. For instance, they may be looking for IP addresses in wealthier locations or less security-literate areas to receive more payoff from an attack or penetrate a system more easily.

Hunt down your location for direct attacks: Criminals can not only use your IP address for larger-scale attacks, but also to directly target your network and launch a variety of assaults. One of the most popular is a DDoS attack (distributed denial-of-service). This type of cyberattack occurs when bad guys use previously infected machines to generate a high volume of requests to flood the targeted server or servers (using IP addresses to locate). By doing so, it creates too much traffic for the server to handle, resulting in a disruption of services. Basically, it shuts down your Internet, which in turn blocks you from accessing vital resources.

Online gamers are at particularly high risk for this, as their screen is visible while streaming (on which an IP address can be discovered). They accounted for over half of all of the DDoS attacks last year, according to Akamai’s Q3 2015 State of the Internet—Security Report. If someone’s IP address is known by other gamers, they can launch a DDoS attack, kicking them off of the game and Internet. Even worse, it could lead to a SWATTING attack, where an attacker pinpoints the location of their victim and deceives authorities enough to dispatch an emergency response team to the victim’s house. Imagine them barging through your door unannounced!

How do criminals find my IP address?

Just as they do to find personal info online in order to target users for malware infection, cybercriminals can be awfully crafty to find your IP address. Here are some of the ways attackers drill down to see that magical number.

Attackers can use For example, they can find you through Skype and other instant messaging applications, which all use IP addresses to communicate. If you happen to chat with strangers using these apps, it’s important to note that they can see your IP address. Attackers can even use a tool called Skype Resolver, where they can find your IP address when all they know is your username.

In addition, criminals can track down your IP address by simply following your online activity. Any number of online activities can reveal your IP address, from playing video games to commenting on websites and forums.

After finding your IP address, attackers simply go to an IP address tracking website, such as whatismyipaddress.com, type it in, and then BAM—they have a location. With a little elbow grease, hackers can cross reference if they want to validate whether or not the coordinates are your home. They can use LinkedIn, Facebook, or other social networks that show where you live, and then see if that matches the coordinates given. For example, the IP address coordinates I found for Steve Smith are located in Seattle, WA, but on his Facebook account it says he lives in Portland, OR, so I know that the coordinates I was given are his ISP’s location.

How can I protect my IP address?

You are assigned either a static (constant) or dynamic (changes periodically) IP address by your ISP. There is some debate as to which is safer, though it is arguably more secure to have a dynamic IP address because “there isn’t a constant target for the attacker,” says Steven Burn, Lead Malware Intelligence Analyst at Malwarebytes. “However, if there’s something vulnerable to attack on the IP, the fact that it’s dynamic isn’t going to help much. It’s already game over.”

It all boils down to the steps you take to secure your IP address. Here’s how you can keep your IP address out of the hands of criminals.

Use a Virtual Private Network (VPN): This protects your data online by the use of encryption. It hides your IP address and redirects your traffic through a separate server, making it much safer for you online. VPN services are without question the best practice for hiding your IP address, says Burn. They can be found online with monthly service charges, however, the price might not be worth it for every home user.

In addition, you could run a A proxy acts as an additional hub through which Internet requests are processed, all while hiding your IP address. It can determine legitimate over non-legitimate requests.

Update your router and firewall rules: Your router forwards data between networks, and your firewall prevents unauthorized access. Ensure that the administrative password you received at the time of purchase is different now. Each default password provided by your ISP is the same and can be easily searched online. Also, set your firewall rules to not allow any ping requests from the Internet. This makes sure unauthorized visitors won’t get through.

Change privacy settings on instant messaging applications: Only allow direct connections from contacts and don’t accept calls or messages from people you don’t know. Changing your settings to private makes it harder to find your IP address because people who don’t know you cannot connect with you.

Update your antivirus solution and add security layers: Making sure you are caught up on all of your security software’s updates ensures you’re protected from threats. Adding additional security on top of your antivirus further protects you. For instance, Malwarebytes Anti-Malware blocks malicious URLs from emails and offers web protection. If an attacker tries to send you a known malicious link that, when clicked on, will disclose your IP address, it will block the connection to it. The attacker wouldn’t receive anything.

Protecting your IP address is protecting your identity. Securing it through these steps is one more way to stay safe against the wide variety of attack vectors cybercriminals are using today.

Web Analytics