We’ve all heard the stories. Over the past decade, cyber attacks have compromised the personal security of at least 100 million people around the world. Companies affected include the likes of Yahoo!, Marriott-Starwood Hotels, Under Armour’s My Fitness Pal, eBay and Target Stores, to name just a few, with breaches in email addresses and login information leading to concomitant breaches in online banking and financial information. So what should you do to protect yourself, and your data, if you work or simply gaming online keep you busy in cyber space for several hours a day?
The first of six important tips for protecting yourself from succumbing to cyber victimhood is that of varying your passwords extensively across sites and services. Failure to do this makes your accounts that much more seamless to hack and could see you becoming one of billions of people whose private data is “shared and traded online by cyber criminals”, says Digital Shadows director Dr Richard Gold. Don’t feel alone if you’re ill-equipped to come up with a dynamic password for each login in you make – few of us are, meaning that 51 percent of us simply re-use a few passwords and therefore lay ourselves open to risk. The answer could be to employ the assistance of a password-manager app, which will do all the work for you.
“But it’s only the big corporations that fall victim,” you may argue. “It will never happen to me!” Well, sorry, friend – the latest research shows that while hackers used mostly to target the large international companies, over the past 12 months an increasing number of individuals – celebrities, executives and politicians – are falling victim. Could it be because they travel more, and spend more time plugging in or using wifi in public spaces; because of the recent rise in geopolitical rivalries; or because bank systems are just not sophisticated enough to keep the hackers at bay?
Probably a bit of all three, say the security experts. “Juice jacking” is a relatively new scam that sees cyber thieves injecting malware into devices that get plugged in at airports, train stations and hotels; and it is not that difficult for experienced criminals to manipulate public wifi to steal the personal info they desire off your device. Cautionary behaviour for those in-the-know includes carrying your own power bank, or USB charger and international plug; and employing a virtual private network (VPN), which serves to create an encrypted “tunnel” around your device and remote server, which should see hackers moving on to a more vulnerable party. Such safety blankets will “help keep your data out of the wrong hands”, enthuses Varonis’ technical director, Matt Lock. You can further ensure the safety of your computers with extra protection across all platforms including data stored in the cloud. Click here for information about cloud anti-malware protection
A useful article on Harvard Political Review argues that while financial gain may be the most common reason for cyber crime, an equally likely motive could be the desire to bring about social, ideological or political change. Examples include the Facebook security breach in September 2019, in which 50 million personal accounts were hacked and the perpetrator was speculated to belong to a “foreign power” – exposing the state of cyber security in the US versus the most sophisticated of global hackers; and the group, Anonymous, which worked to bring media attention to the protests in Tunisia, to restore government-censored websites and to write code that saw activists avoiding government surveillance at the start of the Arab Spring – all with the ideological goal of transparency.
This, of course, clarifies why high-profile people with wealth and/or political clout are increasingly falling under attack; a fairly recent incident being the alleged hack of Amazon founder Jeff Bezos’ iPhone by the likes of Saudi Crown Prince Mohammed bin Salman, via WhatsApp messaging. In another recent incident, attending clients were astounded when an unnamed European bank hosted a cyber-security roundtable in which the phone of an employee in the audience was “live hacked … in seconds”.
Bring in “Bond, James Bond”, and Q’s handy ability to make things of “national security” that simply self-destruct when falling into the wrong hands. More believable real-world options for the panicky include: encrypting your passwords (see above); setting a lock-code on your precious device; setting up a fingerprint scan to gain legitimate access; or, simply setting your smartphone to reconfigure to factory settings after a certain number of incorrect access attempts.
If you’re still of the opinion that “it won’t ever happen to me”, it’s worth taking stock of the wise words of global head of research at NortonLifeLock Research Group, Petros Efstathopoulos. He believes curiosity and laziness result in the biggest threat factor. It is therefore a good idea never to click on a suspicious link or open a dodgy email, and securing your smartphone, tablet, iPad or personal computer simply goes without saying. “People need to be better informed about the threats they face, how to limit [their] exposure, and what resources they have access to in the event of a cyber attack,” says Roger Cawdette of Harvard Political Review.
Just ask yourself: have I secured my smart speakers (before your voice is copied and someone else shops online on your behalf); have I looked into two-factor authentication (which adds an additional step to your login, creating a block for cyber criminals who may already have your username and password); and have I fibbed when giving the answers to the standard online security questions (social media easily gives criminals your mother’s real maiden name, for example, so be sure to lie a bit when you log the answers online).
Cyber security may seem like a minefield to you right now, but doing your reading and putting the necessary blocks in place to head-off scamsters will see them hacking your next-door neighbor’s device, and not your own. Yip, it’s really happening that close by!