LearnKey Blog

Your QRF (quick reaction force) of device security

Just as in natural or organic life, in cyberspace, a virus is something that you do not know you have until it reveals itself.

Silhouetted figures against a bright sky, climbing on a giant rope net in an outdoor setting. The ropes crisscross to create large squares. The climbers are at various points on the net, grasping and stepping on the ropes, suggesting a military exercise.

Note: Names have been changed in this post to protect individuals’ privacy.

While reading cybersecurity headlines, a cadence from my military days and a story sprang to mind:

Up in the morning at the break of day;
I don’t like it—no way!
Eat my breakfast way too soon;
Hungry as a hippo by noon.
Went to the mess sergeant on my knees:
“Mess sergeant, mess sergeant, feed me, please!”
Mess sergeant said with a big ol’ grin,
“If you wanna be airborne, you gotta be thin.”

Once, we were flying our unit into our base camp during a deployment. After landing the helicopter, the soldiers were egressing out of the aircraft, and we could see something was wrong. We noticed one of the soldiers, Pvt. Royce, had a jaw that had swollen to twice its normal size, and he looked like some blue cartoon genie character, minus the being blue and living in a lamp. He had an infected tooth, and the altitude had made the infection fester and spread. He was given antibiotics to isolate the virus and remove it from his system before he could get the tooth removed and back to normal—or at least normal for him.

I know you’re wondering what this has to do with cybersecurity. Just as in natural or organic life, in cyberspace, a virus is something that you do not know you have until it reveals itself. As you might have guessed, we are discussing why you need to install antivirus software and do patches or updates.

1. Install and maintain antivirus/anti-malware software

Why is antivirus necessary? Consider Pvt. Royce’s swollen jaw as an analogy. Pvt. Royce was given antibiotics to kill and stop the infective bacteria from multiplying. He needed to follow a strict dosing schedule and take the entire regimen of pills. Similarly, an up-to-date antivirus that performs regular scans will actively detect, isolate, and remove malware from the system before it causes irreparable damage to a system.

An antivirus on your computer creates a safety barrier and an early alert for your local intranet, keeping it safe from viruses before infection happens. Yes, I spelled ‘intranet’ correctly, for the record. Just like there is the internet, the world wide web that connects everyone around the world (think infinite cosmic powers, all at your fingertips), there is also what is called the intranet. Think of it as a smaller, private version of the internet that is custom-built for your home or workplace (mini, somewhat infinite cosmic powers in your living space).

With the wide acceptance of remote work, a Windows computer can be safer in a coffee house wi-fi than at your home. What do I mean by that? With all the safety features turned off at home, any device with malware on your local intranet that connects to your device can infect it. Every day, you can open the cybersecurity headlines and find where a virus, trojan, or some malware has infected a device and part of the CPU is being used for nefarious purposes, such as illegal crypto mining, slowing down your performance, or, worse yet, being added to a botnet to launch a DDoS (distributed denial of service) attack against a target.

There are many suitable antivirus applications you can purchase or use. Windows Defender is already built into Windows, and there are several alternatives with different strengths and weaknesses. For my devices, my personal favorite is Malwarebytes. This blog is not a paid endorsement unless Malwarebytes wants to change that. Anyone? Anyone? Well, maybe next time. Back to Pvt. Royce. If he had not taken the antibiotics or followed the schedule, his infection could have been fatal. Whatever antivirus you choose to use, install it and keep it on with at least hourly updates and twice-daily scanning.

2. Don’t forget about your internet browser!

For most of us, our internet browser (Firefox, Chrome, Edge, Brave, etc.) is our computer’s primary connection to the world outside our intranet. Your computer’s antivirus provides some protection against web-based threats, but your browser, like Pvt. Royce’s teeth, deserves special attention and additional protection.

Optimize browser security settings and practices. Remember that security starts with you! Never save passwords in your browser. Explore your browser’s security settings, especially cookie handling and privacy preferences. Changing your cookie settings to “Ask me each time” gives you better control over the data websites collect and enhances privacy and security.

Install browser antivirus extensions. Add extensions to block ads, tracking, and threats to enhance your browser’s built-in security. Browser extensions—uBlock Origin, Malwarebytes, or Privacy Badger, to name a few—can give you an extra layer of protection by identifying and blocking malicious websites or scripts:

A close-up of a stethoscope resting on a laptop keyboard, illuminated by blue light. The stethoscope's diaphragm is centered and in focus, implying a metaphorical diagnosis or maintenance of computer health

3. Patch and update your systems

Regularly update software and systems. Keeping the operating system (Windows, Mac, and Linux) and software applications up to date is imperative. On average, according to the University of Maryland, every 39 seconds, a computer is attacked while online. On average, that is 2,244 times a day! Software and operating system updates are your first line of defense. They often contain security patches that fix known vulnerabilities. Many attacks can be stopped in their tracks by simply updating your OS and apps.

In the military, we had what was known as the QRF (quick reaction force). These soldiers were the early warning system and were considered expendable; their job was to hold off an attack and provide alerts to keep the core unit safe while waiting for backup. Think of updates as your QRF. As attacks are reported to developers, they release patches to seal the hole for found exploits.

Automate your updates. By enabling automatic updates for your operating systems and software, you ensure that you receive critical security patches, which reduces the risk of an attack. Regarding software, here’s my rule of thumb: if I have not used it in six months, I remove it. Everything you keep needs to run occasionally to check for updates.

Conclusion

Well, it’s time to land this chopper. Remember, you need a healthy antivirus to fight off, well, the viruses. If you have a hole in your patching, things will slip through, so automate it, if possible. Deploy your QRF tools or your quick reaction force to keep you alert and able to react to threats. Get busy protecting your data, or else you’ll need to—as we used to say in the military—get ready to suck it up, buttercup.

Protect Yourself Online

Evolving Threats

Cybersecurity threats are ever-growing! I for one am not the most up-to-date on what is happening and how I can protect myself. With the rise of hackers, we need to educate ourselves on how to protect our information! I was able to take a short cybersecurity course with a coworker recently and learned how to do just that! And MAN, I have learned that even the simplest things that I was doing were putting myself and others at risk! I wanted to share what I learned from this course.

Protect Yourself When You Leave

By understanding how hackers can get my information I am able to better protect myself, my family, and my coworkers. Work is a place where I have grown comfortable enough around the people I am with that I HARDLY ever lock my computer when I leave my desk to go grab something from the print, refill my water bottle, or run to lunch. Well…that is a big mistake! The idea is that if you don’t lock your work computer when it’s unattended, a hacker is going to stroll up to it, sit down, install some malicious code or swipe some important files, then sneak back out before anyone’s the wiser may seem like something out of a movie but it’s a more common threat than you think. As an employee, you have access to your organization’s data and network. That access alone is something that is valuable to hackers – “access” to company networks and results in the loss of sensitive data, and sometimes financial loss. Even if it’s to walk 10 steps away, take the extra second to lock that computer of yours.

Stay in the Know

Cyber threats are constantly happening around you and the hackers keep getting better and better every passing second. It’s important for us to stay up to date on the latest trends and tactics that are being used. By educating ourselves we can stay ahead of these attacks and threats and protect ourselves and others around us.

LearnKey’s Cybersecurity: Protecting Yourself and Your Organization

This course simplifies what individuals and organizations must do to protect digital assets. Topics include: protecting email, protecting information, protecting devices, physical security, and working remotely.