12 Aug 4 Key Principles of Cybersecurity
By Hiram Machado, CEO adaQuest
Consider this, there are more than 7.5 billion people in the world, and about 4.5 billion are communicating online (according to internetworldstats.com). Imagine that when you go to a major metropolitan area, with lots of people walking around, there is always a risk that someone will try to steal something from you. Pickpockets may try to get your wallet without anyone noticing, or a more audacious thief may corner you in an alley with a gun and demand you give him/her all of your belongings. Well, this is now happening online, with 4.5 billion people going about doing their everyday lives electronically. There is more and more opportunity for these underhanded people to act and succeed.
Just like all of us should be careful when walking around a crowded metropolitan area, we should always be aware of a few principles while going about our business online. People are now buying goods online, doing bank transactions, communicating with each other, sharing information, and so on. All of these are valuable assets that an unethical person might want to have access to. I encourage you to consider these 4 principles:
Corrupt People will Exploit Every Vulnerability Possible
There are many people out there every day, spending their time trying to find a way to take advantage of someone else who may be distracted or unaware of how vulnerable they might be. The bad guys are like the “opportunistic thief” driving around the neighborhood looking for an open window, in a house where people might not be present. Instead, online thieves are looking for systems that might not be up to date with the latest patch, so they can exploit already known vulnerabilities these outdated systems have. Once thieves compromise a computer, they might be able to see where you typically navigate to, record your passwords and even record you through the camera device in your own computer.
Bottom line, you must keep your systems and software always updated. Learn how to check for updates in your operating system and software applications you have in your computer and continuously check for the latest updates and apply them.
Nothing is 100% Secure
I have good and bad news. The bad news is that no system in the world is 100% secure. The good news is that you only need to have better security than your “neighbors.”
Most hackers will go for an easier target. Of course, large organizations around the globe spend millions of dollars in cybersecurity, but their cyber defense budget is aligned with the value of the assets they possess. The amount of effort a hacker will put out is in line with how much they think they can gain if they succeed. For an average household, make sure you have the latest update of the OS and that your anti-virus is enabled.
Doing this is not a guarantee, but is likely to save you from most cyberattacks from “opportunistic thieves”. You can also enable your local firewall in your computer if not already done.
The Power and Danger of Trust
Trust is a necessary attribute for us to live in society. Most of us have positive expectations when interacting with people and technology. We trust the mechanic is going to provide a fair quote and do the right fixes in your car, and we trust the light switch will work when you turn it on. We trust the amounts and ingredients listed in a label of a product are accurate. If you have not already, you will receive an email or even a telephone call from someone disguised as a reputable and trusted source, and he/she will try to compel you to unknowingly do something of benefit to him/her and harmful to you.
You must be careful and only use sites that you can trust. Before you fill in an online form or buy from a website you have never heard of before, or respond to an email soliciting information, you should verify a few things:
a. Make sure they use “HTTPS” instead of “HTTP.”
b. Type the domain name in Google and look for customers reviews and information about them.
c. If the offering is “too good to be true” it probably is.
d. Look for contact details and call their customer support or phone number before responding to them online.
You may also consider looking up the legitimacy of the website in one of the free online website reputation checking tool such as www.isithacked.com.
Innovation Brings Opportunities and Threats
There is no doubt that technology, and innovation is a good thing for society. It brings comfort and possibilities never before imagined. But innovation also brings new threats. Alexander Graham Bell invented the telephone so people could communicate from a distance, and later people used the phone pretending to be someone else and demanding some benefit for themselves. The Wright Brothers invented the airplane so people could travel further and quicker, and later airplanes became used as a weapons in the First World War. Contemporary leaders such as Bill Gates and Steve Jobs drove digital transformation in the lives of billions of people, and now the same computers and devices that make our modern life a possibility have been weaponized and exploited.
Furthermore, the proliferation of IoT (Internet of Things) Devices is contributing to increasing the landscape of attack for a hacker. This year Trend Micro, a software security company announced they had blocked five million IoT camera hack attempts. It is becoming common for a hacker to take control of your IoT device, and from there take control over your entire Wi-Fi network where the device is connected to. Some of the things you might consider doing includes:
· Change the default name and password of your new IoT.
· Add a second factor of authentication to your device if possible.
· Ensure your software or firmware is kept up to date.
All I am trying to advocate for here is that just like you stay vigilant when you are walking in a crowded metropolitan area, you should remain vigilant while surfing and going about your business on the internet. Meanwhile, professionals of cybersecurity and law enforcement will continue the non-stop work to prevent and take down corrupt people trying to compromise the fundamentals of a society (trust).