Protect Yourself from Cyber Attacks
Edited by Shelley, Eng, Melissa Rae
Just because the month of October is National Cyber Security Awareness Month, doesn't mean that the importance of cyber security stands valid and important only for the month of October. "Cyber attacking" was born along with the invention of the internet. It has, since then, only been evolving at an aggressive rate. A compilation made by Tested.com showed that even big technology companies and organizations succumbed to cyber frauds at one point or another.
On one side, there are governments preparing cyber agenda against enemy nations. Like the Stuxnet, a malicious malware worm designed by the U.S. and Israel government agencies to infect uranium enrichment facilities in Iran. On the other, we have agencies like WikiLeaks that constantly target government organizations in a quest for bringing out the truth.
Recently, at the House Intelligence Committee in Washington, the directors of the FBI, CIA, NSA and other intelligence agencies expressed their concerns and discussed the cyber challenges faced by the United States and the international communities.
James Clapper, the Director of National Intelligence said, "Cyber threats to U.S. national and economic security are increasing in frequency, scale, sophistication and severity of impact. We foresee an ongoing series of low-to-moderate level cyber-attacks from a variety of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security".
As we can see, when the time comes, we may not be spared. How do we make sufficient arrangements to ensure that our cargoes of data are at a safe shore when the cyber pirates plot to attack?
Know Your Personal Data
How much do you know about your personal data and its security? Let's look at some of the fundamentals.
- 1What are you scared of losing? For organizations, it is their commercial data. For individuals, it is the candid and fragile information of their personal lives. For an architect, it is the blueprint. For an advertising agency, it is the idea. Everybody has something to lose in the online world, should bad cyber prophecies come true.Advertisement
- 2Where do you store? Typewriters can't be attacked. They might be slow, stringent, and unifaceted, but they serve their purpose. It all depends on where we store our most important things. The advanced world endorses cloud technology. But how much do you know about the cloud? Clouds don't have walls. Have you ever thought about that? Merely because something is convenient, doesn't necessarily mean it is safe.Advertisement
- 3What use is your information to somebody else? If we find a wallet on the street, what is our first emotion? Those who thought about finding the rightful owner, please raise your hand. Those who thought, "screw it... I have no money... this is a Godsend" raise your hand. There is always a value to everything. Even garbage has value to someone. That brings us back to our original question, with much more signified relevance - what is your information worth to another scheming individual or organization? Priceless.
Be Aware of Interoperability and Data Portability
We are much too reliant on technology these days.
- 1Limitless networking of smart devices. With the internet connecting almost every gadget and piece of technology we own, most of them are interconnected and networked internally without our knowledge. This is quite fascinating, and at the same time, devastating. This means that something you have saved on your iPhone can be accessed by your brother's Android watch, which in turn can be accessed by your brother's girlfriend's Windows desktop.Advertisement
- 2Trust is inevitable. Back in the day, we stuffed our wallets full of cash and cards. Whatever happened to that? Not only are email service providers enabling you to maintain business and personal transactions through email, they also offer wallet services. We can even pay for products and services with our smartphones. Slowly but steadily, we are eliminating the concept of physical money.
- 3Guarding our assets. We are entering a time where we're willing to dump all of our precious valuables into something "safe" that we can't really see or touch. We are convinced that the encrypted protection compounds are going to guard our assets against calamities. The fact that we have been unnervingly captivated by the reliability of virtual banks and their security protocols truncates the inspiration to worry about the adverse effects of virtual banking.
Don't Take Your Online Privacy for Granted
What is done can't be undone.
- 1Online recluse. Just as it is difficult to be socially reclusive in today's world, it is highly impractical to remain immune to the changes and impacts brought around by the digital world. There is always one reason or another to be online. However, don't make "digital" a life partner. Having a non-committed relationship with the online universe is recommended.
Avoid the Risk of Getting Your Data Stolen
The risk of getting your data stolen is very high because everything that connects to internet can be accessed.
- 1Insecure Public WiFi. Cafés, metros, airports, malls... these are the kinds of places where we tend to use public WiFi. Though not every public WiFi set up is bad and dangerous, not every public WiFi is safe either. Use tools like Virtual Private Networks (VPN) on WiFi networks and access your private information. Dr Malcolm Pattinson, an information security expert for University of Adelaide labeled WiFi as "the most insecure mechanism" when it comes to sharing extremely sensitive information. He said, "It's so easy to tap into and they can track keystrokes. They get your credit card number and your password".
- 2Suspicious emails. Attacking through emails is very easy and effective for the cyber fraudsters. They engage in schemes like "corporate account takeover" and "business email fraud" and trick businesses into transferring large sums of money into fraudulent bank accounts. Between October 2013 and June 2015, companies across the world have lost more than $1 billion in such email scam attacks. They make it seem like the sender is someone you know. The truth is, it is someone sitting in a remote hilltop in a South American village. If the email is confidential, if it involves exchange of money, or it contains any banking information, please check the source of the mail. First check the IP address of the email. Then use Google to cross-check the IP address of the sender.
- 3Clouded by the cloud. Users are mushrooming the cloud. The cloud is good, but it has to be used under certain guidance. The infamous iCloud cyber attack of 500 celebrities in 2014 took us by surprise. Experts are under the impression that storing sensitive information on cloud will soon be the only way to store and share files. But, that has a catch. We need to understand very finely and read between its lines, how it really works, else it will be a "Sex Tape" movie sequel. Satnam Narang, a security response manager at Symantec says, "Convenience trumps security very often when it comes to various services".
- 4Stolen Passwords: Last year, the most common password was "12345". Just as how our house is only as secure as the lock we use, our online data is only as protected as its password is. Set a strong and advanced password for yourself. It's also good to change your passwords at frequent intervals, AND never use same password for multiple accounts. In the Ashley Madison cyber-attack, the attackers who go by the name "CynoSure Prime" decoded 11 million passwords of the 36 million accounts registered on the infidelity website. CynoSure Prime took advantage of the flaws instilled in the developers' algorithm by using a password obfuscation process known as hashing. There are some very interesting ways to procure passwords:
- Keyloggers Keylogger takes citizenship in our system and becomes a "task" that starts running from the bootup. Keylogger registers all keystrokes as we type and eventually sends them to the attacker. Keyloggers are so adaptable and legitimate-looking that they actually show up in "processes" under Windows task manager.
- RAT (Remote Administration Tool): With this, the attacker is able to connect to our systems from any remote location. He sees the exact same screen what we see on our computer. Also with the help of his built-in keylogger he is able to copy all files from the hard drives of our computer.
- Trojan: One of the more comprehensive forms of malware. It infects and enables the attackers to gain administrative control of a computer through keygens and codes equipped in free software available online.
Protect Your Personal Data Against Cyber Attacks
For first-class protection against cyber attacks, follow these tips:
- For banking and other highly confidential information, whenever possible, use an online/virtual keyboard.
- Never store passwords for devices and accounts on any digital device. Try as much as possible to memorize it.
- Install the best antivirus and malware protection software on all devices.
- Never download executable files from untrusted sources and websites.
- Don't download attachments unless really necessary. If you have to, please use a removable device as the default destination for attachment downloads.
- Some websites automatically provide the secure HTTP. Otherwise, please activate secure browsing from your browser settings.
- Despite all the precautions and measures, should something bad happen, have your backup software ready. This will make sure that you always have a backup of all your files.