How your data falls into the wrong hands – and what you can do about it
Take note of our tips below and follow our key precautions, and you should be safe enough.
You’d have to have been living in a cave for the last few years not to realize that cyber-crime is on the increase. Virtually every week we hear about some massive data breach from a large company in which thousands of people’s personal details are hacked, with potentially costly consequences for them. Research has shown that it can affect organizations in virtually any sector all around the world. It’s also estimated that the most significant threat comes from hackers getting into systems followed by data being accidentally lost or stolen.
It’s also a problem that’s not likely to go away anytime soon, and organizations in many countries are on a permanent state of high alert in case it happens to them. The advice from security agencies isn’t exactly reassuring either with Ciaran Martin. Head of the UK’s National Cyber Security Centre recently stating that it’s not a question of whether there will be a major attack affecting the country’s infrastructure, it’s more of a case of when it’s going to strike.
But while Martin’s looking at the situation on a national level, and one which will affect whole organizations, there are also countless threats to our online safety. So although there’s very little we can do personally if an organization holding our data is hacked there are a number of ways that we can ensure our personal security.
In a moment we’ll look at some specific examples, but one over-riding principle always has to be having as strong a password as possible for all the sites we visit and which need one. A recent survey found that around 35% of people have weak passwords that can be easily cracked by anyone using a so-called brute-force attack. But one sure way to make any password far tougher to work out is by using numbers and special symbols like %, $, #, and ^ as part of it as well as having separate passwords for each different site. This may sound impossible to manage, but there are plenty of online managers available that make this relatively simple to control.
That said, a strong password may protect you from a wide range of dangers online, but there is still a number that you must always be wary about.
In phishing, the cybercriminal is attempting to get you to volunteer as much information as they can possibly get out of you which they can then use to access your accounts. Often this takes the form of an email purporting to be from your bank or internet service provider stating there is a problem with your account. There is generally a link you’re invited to click on to resolve the problem. But if you do it will either download malware on to your computer or take you to a login page where you’ll be invited to enter your personal information – thus handing over all the information the criminals need.
There’s a simple solution, of course. Treat every kind of email like this with the greatest suspicion, and never click on a link in an email unless you know that it’s absolutely genuine. Get yourself an anti phishing training as well to know what other actions to take to avoid being devastated by these attacks.
Sharing too much on social media
In this age of Facebook, Twitter, Instagram, etc. it can be very tempting to live our lives far more out in the open than ever before. But it can be equally easy to give away enough information about ourselves, our movements and even our families for the cyber-crooks to steal our identity. Say, for example, you wish your mother a happy birthday via social media. Anyone wanting to use that information for their own criminal ends would then know your mother’s identity and could conceivably then discover their maiden name – a key security question for many sites.
Even saying that you’re looking forward to a holiday could be giving away too much information as anyone who can link your name to an address, for example through a site like 192.com, could know that your home will soon be empty.
So the moral is simple: be careful what you share.
Using public wireless networks
When we’re out and about or traveling abroad, lots of us are wary about notching up data roaming charges on our phones or just want a quick or convenient way to get online with our tablets or laptops. So when we see that there’s free Wi-Fi, it seems like great news. Often these networks don’t even need a security key to connect up with them, but beware. There’s a distinct danger that others could see which websites you’re visiting and, if they are not encrypted, even what pages you’re looking at and forms you’re filling in. There have also been cases of criminals creating malicious hotspots with the sole intention of stealing data.
So never use an unencrypted Wi-Fi network. Better still, think about using a VPN when you’re out.
Using public charging points
Your phone or your tablet may, first and foremost, seem like an invaluable tool to you but each one is also huge storage device that holds a great deal of your data. The fact that these devices use the same socket and cable for recharging as they do for uploading or downloading data also makes them vulnerable to a method of attack which, although uncommon, is still possible.
Many places now offer public charging points, but there have been instances of criminal gangs installing hardware in them designed to access your data while they are on charge or to download software giving the criminals remote access to the device in question.
The answer? Take your own charger with you when you go out.
You’re careless with your hardware
The final example is probably the most simple to rectify. Every day thousands of phones are left on trains, laptops are left open while you pop to the counter for another coffee or USB drives are mislaid. Once anyone with dishonest intentions gets their hands on any of these, then you’re in trouble. They can access your data, work out your passwords and even start to assume your identity. And the solution is just to be more careful with your belongings.
Of course there are many other ways that your data can be at risk, but hopefully, this has given you a good guide to avoiding the main ones. It also goes without saying that it’s essential to keep your firewall and virus protection software fully up to date at all times.
But do this, and follow our key precautions, and you should be safe enough.