Let me give you a few introductory thoughts on online security!
Everyone wants to feel safe and secure when they are at home with their doors locked and the alarm system activated. They want to know that they are protected from danger. Today, it has become equally important to protect your self online.
Cyber security can appear to be very complicated, something that the IT department handles. That’s true to some extent but when it comes to your personal cyber security, it is totally up to you. Luckily for us, staying safe online actually isn’t that complicated. It can be a lot to think about, and it may not be something that is highly priorotised in our every day life, but the tools are out there, ready to be used by us. Let us start by asking the right questions.
Security begins with identifying the threats you are likely to encounter. Then your level of security should be based on what your situation is. How digital is your life? How much important data do you store online? How dependant are you of a safe working online situation? Do you have kids? How much time are they spending online and what are they doing there?
Remember that you live in the age where information is one of the most valuable goods. Also, remember that you live in a world where the internet has enabled the most heinous things imaginable to be more available than ever before in history.
THESE ARE THE TWO THREATS YOU ARE MOST LIKELY TO ENCOUNTER!
Spyware, Adware, Virus, Worms and Trojan horses are all examples of malicious software built with the sole purpose to invade, damage and disable computers and systems.
The art of manipulating people into giving up important confidential data such as passwords, bank information and credit card numbers. Social engineering relies on the human factor.
LEARN MORE ABOUT MALWARE
Malicious and software put together becomes malware, a generic name that include a wide range of harmful software designed to infect your computer and access unauthorised information, without you even knowing it.
Malware is one of the biggest threats individuals are facing. The malware gets distributed through social engineering techniques such as phishing e-mails or from downloading files from the internet.
Other examples are self-installing malware from USB-drives, installing bogus browser toolbars and software. The methods are endless and only creativity sets the limit of what can be done.
The majority of malware is created with the intent of stealing confidential data such as passwords, usernames, credit card details or other sensitive personal identifiable information. This sensitive information is then used to launch further attacks on individuals and businesses or is sold to other malicious actors. Everyday, hundreds of thousands of new malware are discovered.
LEARN MORE ABOUT SOCIAL ENGINEERING
With social engineering criminals try to trick you in to performing a task that may seem perfectly normal when in fact, it is not. The tasks are usually simple things like clicking a link or downloading a file.
Other examples include e-mails claiming to be from a legitimate source asking for credentials or leaving a USB-drive with self installing malware in a public place for someone to pick it up and plug it in. These are common social engineering tactics and are called phishing.
Social engineering works because of the human factor, it exploits the common emotional reactions and lack of knowledge. It is used because it’s much easier to trick people into unknowingly giving up their passwords instead of hacking it, which is actually very hard.
It’s very likely that you have encountered this type of attack at some point. In fact, social engineering is the type of threat that you are most likely to encounter.
OTHER THREATS YOU MUST BE AWARE OF!
Brute force attacks, dictionary attacks and key logging activities are all methods used for intercepting passwords. Weak passwords are still a huge reason why people get their accounts stolen. Sometimes accounts are stolen simply by researching the target and then guessing the passwords.
Always remember that when you create a password for something, it is stored somewhere. The hacker knows this and therefore attacks databases where passwords, usernames and e-mails are stored. Now, if you’re like most people that uses the same password everywhere, your accounts are pretty exposed. Database breaches happen all the time and hundreds of millions of account details are leaked. Frequently changing passwords and diversifying passwords between accounts will limit the possible damage.
MAN IN THE MIDDLE ATTACKS
A type of eavesdropping attack where an unauthorised party intercepts communication and steals or alters your data. Sniffing, packet injection, session hijacking and SSL stripping are examples of man in the middle attacks.
The man in the middle refers to the hacker being positioned in the middle of you and the service you are communicating with in order to intercept information. For example, the hacker could set up a fake wi-fi in a public place, like a coffeeshop. When someone tries to connect to that wi-fi thinking it belongs to the legit coffeeshop, instead you will be connected to the fake wi-fi and all of your traffic can be monitored and stolen by the hacker.
Ransomware is a type of malware that prevents users from accessing their data and demands a ransom in order to regain access. It’s likely that the hacker demands payment via cryptocurrencies such as bitcoin because those are much harder to trace than standard currencies.
There are several ways your computer might get infected by ransomware. In some way or form, the hackers need to get their malicious code onto your computer. The most common method is by sending you spam e-mail. The e-mail will be carrying some kind of attachment that the sender wants you to download. The attachment infects your computer and could be things like PDFs, word documents or even links to bad websites that will infect your computer simply by visiting them.