Cyberspace, cyber security, cyber-crime, cyber-bullying, cyber Monday (well, maybe not so much of Cyber Monday) – we hear these words get thrown around the media quite a lot, ever so often in the past decade alone. Why should we care? And should we really care? What is cyber security anyway?
You may have already thought that the word cyber in itself refers to anything related to computers and information technology. So the simple answer as to whether we should care about cyber security is yes. The subject does concern a high number of us and yet only a handful of people are aware of what cyber security is about and why it is important. We all live and are linked in this cyber culture. Our mobile phones are mini computers which are are connected to the world network, called the Internet, amongst other Internet of things (IoT) devices. Even our car keys, fridges and ovens are now connected to the internet! Nearly 40% of the world is connected to each other via the internet. And as you read this article online you too are connected to this massive global network which potentially means you are exposed to 3 billion other people around the world. Thinking about this can be quite scary. Being connected to the internet can be likened to stepping into the middle of the Wembley Stadium in a crowd of nearly a hundred thousand people. Ignorance of cyber security is therefore like being in that crowd and expecting not to be seen.
It’s a known fact within the information security industry that any network can never be 100% secure. In essence the internet is only somewhat secure. There’s a high chance that your own internet security (or privacy) has been comprised at some point. Remember that email link you unwittingly clicked on and some rather tempting pop-up message showed up? If you followed on with that link you may have just risked your privacy then. While still on the subject of privacy, ever noticed that after you’ve been on Amazon and had been looking at that cool gadget or dress you want to buy and then a few minutes later when you check your Facebook you see an ad about that same item you just looked at? That’s because those advertising guys are tracking your activity. Of course it’s not terribly bad, it’s for marketing purposes, but it proves the point I’m trying to make on that there’s little privacy or security on the web. But seriously, if you really think you are 100% secure on the web, think again. Check out this TED talkby James Lyne and you’ll be astounded by the findings on this talk.
So we all hear of cyber attacks happening to big companies on the news and just brush it off like it’s nothing, right? Well, cyber attacks are a bit like car accidents, illnesses and any unforeseen circumstance that you think will never happen to you, till it actually does. We tend to ignore or not be aware of internet threats out there and how vicious that world really is. If we look at the cyber attack statistics that’s when it gets more interesting. For example, nearly an average of 25,000 (or even more) cyber attacks are carried out around the world on a daily basis! As a matter of fact you can watch these attacks live as they happen here. And these are just the detected or reported attacks so there’s likely to be more. It is also worth noting that 3 in every 4 Americans has fallen victim of some kind of cyber crime.
The truth is, the weakest link in any information system is the human factor, as said by Mary Aiken, a Cyber Psychologist. Many reasons as to why a malicious hacker may successfully breach a user’s security is mainly because of the user themselves. Social engineering is the psychological manipulation of a person into getting them to reveal confidential information. This is how the CIA’s director’s email account was hackeda few months ago when a hacker entered the building pretending to be a Verizon worker and managed to convince the employees in the office to reveal some information which the hacker then used to get into the director’s email account.
“The weakest link in any information system is the human factor”
Passwords are a big deal nowadays. They are one of the easiest and convenient methods of authentication. They are also one of the most targeted security breaches. And it’s fairly easy to crack a password. A lot of us tend to have passwords that are names, a date of birth or some corny coined up phrase like “hotbabe_90”. Some of these passwords tend to be used across our multiple web accounts. This then means it’ll take a hacker to just figure out the password for one of your accounts to then be able to get into the rest of your accounts.
These dictionary word passwords are also ever so easy to crack with sophisticated password cracking tools. Oh, and yea anyone can get hold of these tools. And did I mention that they are super easy to use? When creating a password do try and use a mix of different characters such as lower and upper case letters, numbers and symbols. Also if the account you are signing up to permits, make the password at least 12 characters. An example of a strong password is the one below:
There’s a super cool tool online which you can use to check how strong your password is. Go to https://howsecureismypassword.net and check it out. As a demo, if you were to use a password such asjanet90, it would take only 19 seconds to crack that password. But if you used a password like the one above,j8n£T-C4rt3., it would be a blistering 17 billions years for that password to be cracked! Nobody has got time for that!
I know the much more secure option of the passwords may not be easiest to remember, but if you look carefully that password spells outJanet Carter. So that is one way of creating a secure but yet memorable password. And after a while you will get used to this habit.
There’s a lot of ways in which our privacy can be compromised other than just cracking of passwords. One thing to watch out for is the free open internet around town. Wi-Fi security is already limited, let alone the public Wi-Fi which has a dozen other random people traversing that network. There’s a high likelihood of someone looking at what you are getting up to while using the free public Wi-Fi. That person could also steal sensitive information about you.
Someone with malicious intent could even setup what’s called an “evil twin”. This is when a hacker sets up a rogue Wi-Fi access point of their own in a public area that appears to be the legitimate one. For instance, let’s say Starbucks offers free Wi-Fi calledStarbucks_Wifi, the hacker will have their own Wi-Fi access point also called Starbucks_Wifi. Once you connect to the hacker’s network you have now fallen victim of their trap. They can then trace every transmission of your connection and possibly traverse into your computer.
I’m not saying you should stop using free public Wi-Fi, but just be cautious. I strongly advise using VPNs for connecting to the internet. These ensure that your Internet connection is encrypted. Keep your computer and other devices up to date with regular software updates. This means that the manufacturer can patch up any found security vulnerabilities as soon as they are discovered. Also be careful what kind of information you upload onto your social media or any internet service. Keep all sensitive information away from the web. If you really want to be 100% safe just unplug from the internet. I don’t really mean that, but stay secure.