What is Cyber Security?
Cyber security, also known as computer security or information technology security, is the protection of computer systems from theft or criminal use of electronic data. The aim of cyber security is to prevent the disruption of a person’s life by enhancing hardware and software security related to a person’s accounts.
Why is cyber security important?
Cyber criminal activity is on the rise. Now, more than ever, our data needs to be protected. During the first half of 2019, data breaches all over the world exposed 4.1 billion records.
According to a University of Maryland study, hackers attack every 39 seconds or about 2,244 times a day. Since hackers are after your data, this can lead to identity theft. If the criminals were able to get into a company’s system, sensitive information and their reputation are also put at risk.
By knowing the basics of cyber security, you can take preventive measures to protect your online accounts and private information.
Cyber security vs. information security
Though there are overlaps, information security and cyber security are still two different concepts. Information security, also called data security, is all about the confidentiality, integrity, and availability of your data.
While most modern businesses keep their files on servers, there’s a possibility that they still have confidential forms, contracts, etc. stored away in a file cabinet. In short, information security is concerned about the protection of all data in all forms.
On the other hand, cyber security is about the protection of data in electronic form — in computers, servers, networks, mobile devices, etc. The two components of cyber security are: 1) knowing the risk exposure of data, and 2) applying the technology needed to protect data.
Areas of cyber security
Remember the saying, “Knowledge is power”? In the digital age, this is particularly true. Data can be monetised and weaponised. Any information that hackers can steal from you may be valuable to them in one way or another.
That is why it’s very important to be cyber-secure. Listed below are some areas of cyber security that directly affect your private or professional life.
IoT or Internet of Things
You may not realise it but our information is everywhere. Our info is not just stored in our computers but also in our appliances at home. And anything with a Wi-Fi connection is vulnerable to attack.
Connected refrigerators, microwaves, security and heating systems can now all form part of the Internet of Things or IoT.
It makes our lives more convenient but it also gives hackers various entry points to attack. For example, since your phone app is connected to your microwave, hackers can actually hack it to get into your phone.
When you take photos or store information online it goes into something called the cloud. The big tech companies like Google, Microsoft, and Amazon are some of the cloud providers which consumers access using their applications or websites. If the data in the cloud is breached, then the information stored there could easily be accessed.
Preventing unauthorized access and protecting the data of corporate networks is called network security. It’s implemented by tools to prevent unwanted people from accessing networks and devices connected to them.
You should also be security-conscious when using apps on your phone. Though the responsibility for this falls on the shoulders of the app makers, users can also protect their phone by using software that finds, fixes, and enhances the security of the apps.
When cybercriminals try to access your personal information or assets for monetary gain, that is called financial fraud.
One of the most common types is credit card fraud, wherein hackers get a hold of your credit card information so they can use it themselves.
Another type is the “advance fee” scam wherein illegal corporations or groups pretending to be a legitimate company, ask for money from you in exchange for some kind of bogus offer.
Sometimes, criminals get a little more creative and employ phishing. Phishing is the act of tricking you into giving your own information to the criminals via phone or email. When they get your personal data, they can build a fake persona or impersonate you in order to access your medical and social benefits. This is otherwise known as identity theft.
For some people, it’s already too late when they detect that their identity has been stolen. However, there are things you can do to protect yourself like setting up a cyber security notification whenever someone tries to illegally access your accounts.
Cyber security incidents
Though cyber security seems like something that only corporations should be worried about, once these companies are affected, their customers’ data can be compromised too. Here are some of the biggest cyber security incidents in recent years.
Yahoo account breaches
Back in 2016, 3 billion Yahoo accounts were hacked. It was one of the biggest breaches of all time. This attack actually happened in 2013 but Yahoo only revealed this breach after Verizon acquired them in 2017. A separate attack happened a year later, this time affecting 500 million accounts.
Uber hacker attack
When Uber was negotiating with U.S. regulating agencies about claims of privacy violations in 2016, another tragedy struck them. Hackers stole information of their drivers and riders. Over 57 million accounts were compromised in this breach. Uber actually tried to pay off the hackers to delete the stolen data.
Equifax database unauthorized access
Cybercriminals gained access to the database of Equifax, a consumer credit reporting agency in the US. The company came clean and reported the incident to the public, which happened from mid-May through July 2017.
The information accessed by the hackers included names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers. Aside from these personal pieces of information, credit card numbers for 209,000 U.S. consumers were also exposed.
Facebook accounts breach
In September 2018, personal details of 30 million Facebook accounts were hacked. The criminals took advantage of the social media giant’s code vulnerabilities to gain full access to personal data.
The sensitive information that the cybercriminals were able to access include a user’s location, relationship status, devices used and recent searches. Because of this massive breach, Facebook issued a warning to all its users to check whether their accounts were exposed or not.
Types of cyber security threats
There are more and more types of cyber security threats because hackers are getting more and more resourceful. They use a variety of ways to attack a secure system, break its barriers, and gain valuable information. Here are some of them.
Social engineering is the act of tricking someone into divulging information using technology. What these criminals usually do is take advantage of a victim’s natural tendencies or emotional responses.
For example, a social engineer can pretend to be a technical support person to trick a new employee into giving their login credentials. They can also send emails, posing as a long-lost friend and asking for monetary help from a potential victim.
The most common type of social engineering is phishing which is usually done via email or phone. The criminal may pose as an insurance or bank agent. Other times, they may contact you with a bogus offer.
Be cautious of giving out your personal information to anyone. Banks and agencies will always issue official statements whenever your personal details need updating. They rarely do it via phone calls or unsolicited emails.
Advanced persistent threat (APT)
A prolonged and targeted cyber attack is called an advanced persistent threat or APT. Usually, these hackers choose a company to infiltrate and they try to gain access to the network.
Often, they go undetected for a long period of time because they don’t necessarily change anything in the system. Instead, they monitor network activity and steal data, which they can later use to sell or blackmail the company.
Some hackers actually apply brute force into trying to get into your account. They would guess your password using information they know about you.
So if they know your full name, your birthday, or other details, they may try to use those as your password and see if they can get in. This is why it’s not advisable to use a password that contains information found in your ID or social media.
Another thing you shouldn’t do is be lazy about creating your password. The most common password for 2019 are still:
Distributed denial-of-service (DDoS)
This is an attack targeted at websites to disrupt or overwhelm the servers that run it. Since websites rely on servers and are used to a certain volume of regular traffic, they may not be able to handle the sudden flood of visits.
If this happens, the website will crash and people won’t be able to access the site anymore.
These are any programs or files that are harmful to a computer user and include computer viruses and spyware (software that’s used to spy on a computer’s activities). If you download malware, the hackers will be able to see private information and even passwords.
How to protect yourself from cyber security attacks
After reading the threats mentioned above, do you think you’re at risk? The first step in protecting yourself against such attacks is to assess your risk level.
You can do this by running a network diagnostic using a security program. It’s worth mentioning again that you can also set up a cyber security alert because these can be great at warning you if someone ever tries to access your valuable data.
After assessing your risk, here are some practical steps you can take to improve your personal cyber security.
Use two-factor authentication
Signing in to your online accounts and typing your password every single time can be a bit tasking. However, it’s the safer option compared to staying logged into your accounts across different devices. That’s because if your physical device gets stolen, then hackers can easily access your accounts.
If you want to be extra careful, you can also implement a two-factor verification for your online accounts. An example is signing in your email accounts. If you’re using Gmail, you may have noticed that they can ask you to include another email or phone number where they can send a code.
Once you get the code, you can type that in the page to access your account. The code also changes every time and you get it in real time. This means that even if hackers know your password, if they don’t physically have your phone, they can’t get in anyway.
It’s an extra step to access your account but very worthwhile to protect you from cyber security threats.
Invest in security software
Do you think buying security software is too costly? If you pay for your software protection now, you may be saving yourself the hassle of losing more money in the future.
Make sure to invest in a trusted security software brand that understands your needs and your lifestyle.
Keep software up to date
Often, the reason why there are software updates is because the company has enhanced their security features so that cybercriminals cannot exploit weaknesses in the system. With regular updates, you minimize your exposure to risks.
Avoid suspicious advertisements
If you get pop-ups or receive advertisements that don’t look like from a legitimate company, it’s in your best interest to completely avoid them. No matter how tempting the offer, don’t fall for their tricks.
Don’t open unsolicited emails
Did you know that hackers are getting more creative when it comes to tricking you into giving your personal information? There are criminals who would pose as insurance agents, bank agents, and ask for your information.
Sometimes, they send you offers or tell you that you’ve won something but you need to send your personal details to claim the prize. Be cautious of these types of emails, especially if you don’t remember joining a contest in the first place.
Browse only using secure Wi-Fi
Wi-Fi available publicly? No password? Think twice before you jump straight in. There are hackers that use this tactic to get people’s personal details. Once you log into the “free” Wi-Fi, it’s possible that whoever owns the network can get any information you use when you’re logged in.
They do this by injecting malware into the connected devices. Once a victim connects to the suspicious Wi-Fi, the hacker who set up this hotspot can then intercept data from the connected devices.
Avoid websites that are not secure
There are instances when the websites you visit can compromise your security. Make sure to visit just the secure websites. The easiest way to know this is to check the website URL. Does it say “https” or just “http”? The “s” at the end of the URL signifies that it’s secure.
Hire a personal cyber security consultant
If you have a lot of assets online that need protecting, you may want to consider hiring a cyber security consultant. Also called information security analysts, their job is to plan and execute security measures to protect computer networks and systems.
These cyber security consultants have to constantly monitor for threats. More often than not, they should also be available on call. This is probably why they’re quite expensive and only large corporations and top executives can afford to hire them.
Get a personal cyber security insurance
On top of all the emotional distress, victims of identity theft could also be liable to financial charges. Though the basic liability of victims can simply amount to $50 for the credit card usage, the damage can sometimes amount up to hundreds or thousands of dollars.
One way to protect yourself financially is to take up cyber security insurance which can provide reimbursement for the costs associated with the theft of digital information and assets.
Some of the companies offering this type of insurance include State Farm, AIG, Chubb, and PURE. The average personal cyber insurance endorsement covers $15,000 in combined cyber extortion and cyber attack damages for $25 per year .
Consider personal cyber security software solutions
Making sure your computer is secure from hackers shouldn’t be difficult. Thankfully, there are cyber security apps available that make it easy while giving you best-in-class class protection.
The internet has revolutionized our lives. We should be free to keep pushing our digital horizons without fear of being hacked or tracked so we can live our best online lives freely. At Clario, we want to work with you to achieve just that. Any questions about anything covered in this article, just get in touch. We’d love to hear from you.