LearnKey Blog

Your QRF (quick reaction force) of device security

Just as in natural or organic life, in cyberspace, a virus is something that you do not know you have until it reveals itself.

Silhouetted figures against a bright sky, climbing on a giant rope net in an outdoor setting. The ropes crisscross to create large squares. The climbers are at various points on the net, grasping and stepping on the ropes, suggesting a military exercise.

Note: Names have been changed in this post to protect individuals’ privacy.

While reading cybersecurity headlines, a cadence from my military days and a story sprang to mind:

Up in the morning at the break of day;
I don’t like it—no way!
Eat my breakfast way too soon;
Hungry as a hippo by noon.
Went to the mess sergeant on my knees:
“Mess sergeant, mess sergeant, feed me, please!”
Mess sergeant said with a big ol’ grin,
“If you wanna be airborne, you gotta be thin.”

Once, we were flying our unit into our base camp during a deployment. After landing the helicopter, the soldiers were egressing out of the aircraft, and we could see something was wrong. We noticed one of the soldiers, Pvt. Royce, had a jaw that had swollen to twice its normal size, and he looked like some blue cartoon genie character, minus the being blue and living in a lamp. He had an infected tooth, and the altitude had made the infection fester and spread. He was given antibiotics to isolate the virus and remove it from his system before he could get the tooth removed and back to normal—or at least normal for him.

I know you’re wondering what this has to do with cybersecurity. Just as in natural or organic life, in cyberspace, a virus is something that you do not know you have until it reveals itself. As you might have guessed, we are discussing why you need to install antivirus software and do patches or updates.

1. Install and maintain antivirus/anti-malware software

Why is antivirus necessary? Consider Pvt. Royce’s swollen jaw as an analogy. Pvt. Royce was given antibiotics to kill and stop the infective bacteria from multiplying. He needed to follow a strict dosing schedule and take the entire regimen of pills. Similarly, an up-to-date antivirus that performs regular scans will actively detect, isolate, and remove malware from the system before it causes irreparable damage to a system.

An antivirus on your computer creates a safety barrier and an early alert for your local intranet, keeping it safe from viruses before infection happens. Yes, I spelled ‘intranet’ correctly, for the record. Just like there is the internet, the world wide web that connects everyone around the world (think infinite cosmic powers, all at your fingertips), there is also what is called the intranet. Think of it as a smaller, private version of the internet that is custom-built for your home or workplace (mini, somewhat infinite cosmic powers in your living space).

With the wide acceptance of remote work, a Windows computer can be safer in a coffee house wi-fi than at your home. What do I mean by that? With all the safety features turned off at home, any device with malware on your local intranet that connects to your device can infect it. Every day, you can open the cybersecurity headlines and find where a virus, trojan, or some malware has infected a device and part of the CPU is being used for nefarious purposes, such as illegal crypto mining, slowing down your performance, or, worse yet, being added to a botnet to launch a DDoS (distributed denial of service) attack against a target.

There are many suitable antivirus applications you can purchase or use. Windows Defender is already built into Windows, and there are several alternatives with different strengths and weaknesses. For my devices, my personal favorite is Malwarebytes. This blog is not a paid endorsement unless Malwarebytes wants to change that. Anyone? Anyone? Well, maybe next time. Back to Pvt. Royce. If he had not taken the antibiotics or followed the schedule, his infection could have been fatal. Whatever antivirus you choose to use, install it and keep it on with at least hourly updates and twice-daily scanning.

2. Don’t forget about your internet browser!

For most of us, our internet browser (Firefox, Chrome, Edge, Brave, etc.) is our computer’s primary connection to the world outside our intranet. Your computer’s antivirus provides some protection against web-based threats, but your browser, like Pvt. Royce’s teeth, deserves special attention and additional protection.

Optimize browser security settings and practices. Remember that security starts with you! Never save passwords in your browser. Explore your browser’s security settings, especially cookie handling and privacy preferences. Changing your cookie settings to “Ask me each time” gives you better control over the data websites collect and enhances privacy and security.

Install browser antivirus extensions. Add extensions to block ads, tracking, and threats to enhance your browser’s built-in security. Browser extensions—uBlock Origin, Malwarebytes, or Privacy Badger, to name a few—can give you an extra layer of protection by identifying and blocking malicious websites or scripts:

A close-up of a stethoscope resting on a laptop keyboard, illuminated by blue light. The stethoscope's diaphragm is centered and in focus, implying a metaphorical diagnosis or maintenance of computer health

3. Patch and update your systems

Regularly update software and systems. Keeping the operating system (Windows, Mac, and Linux) and software applications up to date is imperative. On average, according to the University of Maryland, every 39 seconds, a computer is attacked while online. On average, that is 2,244 times a day! Software and operating system updates are your first line of defense. They often contain security patches that fix known vulnerabilities. Many attacks can be stopped in their tracks by simply updating your OS and apps.

In the military, we had what was known as the QRF (quick reaction force). These soldiers were the early warning system and were considered expendable; their job was to hold off an attack and provide alerts to keep the core unit safe while waiting for backup. Think of updates as your QRF. As attacks are reported to developers, they release patches to seal the hole for found exploits.

Automate your updates. By enabling automatic updates for your operating systems and software, you ensure that you receive critical security patches, which reduces the risk of an attack. Regarding software, here’s my rule of thumb: if I have not used it in six months, I remove it. Everything you keep needs to run occasionally to check for updates.

Conclusion

Well, it’s time to land this chopper. Remember, you need a healthy antivirus to fight off, well, the viruses. If you have a hole in your patching, things will slip through, so automate it, if possible. Deploy your QRF tools or your quick reaction force to keep you alert and able to react to threats. Get busy protecting your data, or else you’ll need to—as we used to say in the military—get ready to suck it up, buttercup.

New Security+ on the Way

Hello, everyone. It’s fall season here at LearnKey, and a busy fall it is going to be with many new courses on the horizon. One of the major courses we are working on (in fact we are filming this one very soon) is the brand new Security+ course, to map to the CompTIA Security+ SY0-501 exam (also brand new).

This new version of the Security+ exam really reflects the changing landscape of both security needs in an organization and the role of the Security Administrator or similar position in an organization. Today’s security administrator needs to be a very versatile individual, not only able to secure an existing IT infrastructure but be more involved in planning security, specifically as it relates to Architecture and Design and Risk Management, which, by the way, are two domains on the new Security+ exam.

The other four domains on the exam are: Technologies and Tools; Threats, Attacks, and Vulnerabilities; Identity and Access Management; and Cryptography and PKI (Public Key Infrastructure). For each of these domains, we will have comprehensive video training, pre-assessment and post-assessment tests, practice labs, and a robust project workbook, all mapped to the Security+ exam objectives. And, though I won’t reveal exactly how (you’ll have to see the course to find out) we’re going to present this in such a way as to improve your employability prospects for any junior to mid-level security administrator position, I will say this: If you want to know what it’s like the first few days on the job as a new security administrator, you’ll actually feel like you are there through this course.

Well, time for me to get back to putting the finishing touches on the material for this course. Stay tuned to this space for more updates as we will be releasing several courses this fall in the areas of IT administration and programming.

MTA Security Fundamentals Released!

Today, we are excited to announce the release of our MTA Security Fundamentals course.

MTA Security Fundamentals (98-367)

LearnKey’s MTA Security Fundamentals course is geared toward those looking to learn basic operating system security fundamentals. This course will also prepare students to take and pass the MTA Security Fundamentals exam (98-367). The four main topics covered in this course are: security layers, operating system security, network security, and security software. This course will also improve employability prospects for those trying to gain an entry-level IT support/desktop position with some basic security knowledge requirements.

Our hope is that through our courseware we may provide learners with the guidance, preparation, and skills they need to succeed. For more information and to learn about additional LearnKey products visit our website.

LearnKey and the Heartbleed Bug

If you have paid attention to news in the IT world over the last week, you may heard of the Heartbleed bug. The Heartbleed bug exploits a vulnerability in certain versions of OpenSSL. It allows attackers to gain access to usernames, passwords, and other sensitive information, even though a site’s address bar displays the letters “https” or a padlock icon. Heartbleed is a serious vulnerability, and millions of users worldwide could be affected. If you have purchased courseware through LearnKey’s website, you may be concerned that your information has been compromised.

This is not the case. Learnkey uses a tool called FoxyCart to process transactions on our web site. FoxyCart has thoroughly checked their systems and have assured us they are not affected by this bug.

Though our systems are unaffected, you may still be vulnerable to the Heartbleed bug. Several large companies have been affected, including several popular social media sites and search engines. If you even suspect your information has been compromised, you should think about changing your passwords. ConnectSafely.org has a list of tips for strong, secure passwords. Some of these tips include:

  • Don’t use just one password
  • Create passwords that are easy for you to remember, but hard for others to guess
  • Make your password at least 8 characters long
  • Include numbers, capital letters, and symbols
  • Don’t use dictionary words
  • Don’t post your password in plain site

For more information on affected sites, check out CNET’s list of the top 100 sites across the Web.