A Practical Guide to Protecting Yourself in the Digital Age.
Rick Ramirez
BISO Analyst @ Johnson & Johnson | Supply Chain Risk Management | Compliance Professional | ICS & OT Cybersecurity
According to a study by the United Nations, Cybercrime has increased over 600% since the beginning of the pandemic.?[1]?This increase in cybercrime is due to the increased number of people relying on the internet for daily tasks. The pandemic has ignited a shift towards a more digital economy. People use the internet to work, study, or buy home necessities. So, cybercriminals saw the opportunity to take advantage of these new vulnerable users.?
If you are interested to learn more about safeguarding your security and privacy while using the internet, this article is for you. I will discuss the threats to personal cybersecurity, the expected attacks, and tips you can use to avoid being a victim of these attacks.
Digital Gold?
In 2017, the Economists published an article titled "The world's most valuable resource is no longer oil, but data." [2] This article explains how corporations utilize private information about their users to sell for millions of dollars. Most users are unaware of this trade-off and that corporations like Facebook and Google harvest their data.?
The value and importance of data lead cybercriminals to focus on attacking these digital assets. Cybercriminals are also getting more sophisticated and developing better strategies to access some of our most private data. Attackers target sensitive data, including login credentials, banking information, smart home management devices, health records, and much more.?
Attacks on our data
Now that we understand what cybercriminals are after, it is also essential to understand their attack methods. One of the most popular attacks on personal information is ransomware. Ransomware is the digital version of kidnapping. Cybercriminals use malicious software to encrypt their target's data. The criminal will only release the data once the victim pays the ransom. In the past year, we have seen how ransomware has had real-world consequences and has affected millions. In September of this year, a ransomware attack on a hospital resulted in the death of a newborn. [3] The number of ransomware attacks will likely continue to grow if users are not protecting themselves.?
Attacks on our Privacy
Malware developers are usually designing their code to cause damage or to steal data from their targets. One type of malware that exploits users' privacy is spyware. This type of malicious software tracks the user's activity on their device. These attacks record images from the devices' cameras, keystrokes and may exfiltrate any sensitive data. The number of cyberattacks that use malware, including spyware, is rising annually. In 2009 the number of malware attacks was recorded at 12.4 million, then hooping to 812 million in 2018. [4] Of those attacks, 92% initiate through email. [5] This percentage indicates that there is a lack of cyber awareness among users.?
How does this impact me??
Cybercriminals are aware that most computer users lack basic digital literacy. This fact makes users low-hanging fruit for attackers to exploit. An average of 60% of Americans answers simple digital literacy questions incorrectly. [6]?Technology professionals must educate users on safe practices to navigate the digital world to combat this.?
Whether you know the difference between HTTP and SMB or barely understand how to search on google. These are the common types of threats you are facing in the digital world;?
Practical ways to protect yourself from a cyber attack
领英推荐
Passwords are like underwear change often and don't let anyone see them.?
Most users use easy-to-remember passwords for their login credentials. This practice makes it convenient to remember passwords quickly; it also increases the risk of a breach in security. Cybercriminals use software that can "guess" thousands of password combinations in seconds. Security professionals recommend using long, complex passwords with at least 12 characters, including uppercase, numbers, and special characters. Make sure to rotate your passwords regularly to reduce the risk of your accounts being breached.
Ok, but how are you going to remember all this? Instead of using our brains to store our complex passwords, we should opt for password managers. Password managers are software applications that store a user's credentials and are secured by a single master password.?
Authentication... Authentication.... Authentication....
Multifactor authentication has been a common way to combat password attacks. MFA requires users to take an extra step during the authentication method. This added authentication step will be one of the five types: Something you are (Biometric authentication), Something you have (token-based authentication), Something you know (password-based authentication), Something you do ( behavior-based authentication), and finally Somewhere you are (geolocation-based authentication). This added layer of authentication helps to reduce the risk of a cybercriminal impersonating an authorized user. A standard tool used is the Google authenticator app. This application provides users with a secure token to add a layer of defense during the authentication process.
Stranger Danger!
A typical lesson that we teach our children is not to take candy from strangers. This same lesson can also be applied to the digital world; when interacting on the internet, it is good to have a level of skepticism. Do not click on any links that come from untrusted sources, including friends and family.
Cybercriminals utilize the functionality of the internet to their advantage. When you click on a link, you send a request to a server to provide you with the file that holds the requested information. This file is where attackers will place malicious code that will trigger a cyberattack. It is important to only click on trusted links.?
Another common method of attack that cybercriminals use is installing malware with a "normal" application. A Trojan horse provides a function to the user, such as an image editor or keyboard application. At the same time, they contain malicious code that executes on the target system. Users must only install applications from trusted sources such as Microsoft's App Store, Google Play Store, and Apple's App Store. If a user installs an untrusted application (sideloading), this can drastically increase the chances of a breach in security.?
Free WiFi is not Free.?
It is common for restaurants, malls, and coffee shops to provide free public WiFi. While this may seem like a great convenience to you, it is important to be aware of the dangers of connecting to these types of networks. Attackers often set up fake public internet access to be able to monitor the traffic on the network. This type of attack is why you should never use a public network to send sensitive information or conduct sensitive transactions. If using a public network is necessary, use a Virtual Private Network (VPN). You can download one of the common VPN apps on your device's app store. The purpose of this application is to encrypt internet traffic. If an attacker were to monitor your network activity, they would not decipher what you are doing.?
UPDATE YOUR DEVICE!!!
Cybercriminals are constantly finding exploits, and this requires software developers to update their applications. I know how annoying these constant updates on your devices are, but they are necessary. When we skip upgrading our devices, we leave doors open for cybercriminals to walk straight into your device. Please make sure you have installed antimalware software as these scan for common vulnerabilities in your devices. These security applications will make sure you keep your device up to date.
Conclusion
People are not aware that we currently live in a world with two realities, one physical and the other digital. People already understand the rules and guidelines needed to be safe in the physical world. It is up to security professionals to provide users with the knowledge and tools to protect themselves.?