Protect yourself from cyberattacks!
The Invasion of Internet-Connected Objects
New forms of cyberattacks emerge every single day, ranging from viruses to ransomware, all designed to disrupt (and occasionally devastate) your life. Our interactions with potential threats are increased on a daily basis, thanks to our growing reliance on insecure devices and platforms. From smart-home ecosystems to birthday updates on social media, our reliance on new technology has become easily exploitable. In this article, we’ve highlighted the major ways consumers open the doors to identity theft and cyberattacks, and what can be done to prevent them.
Tech enthusiasts no longer corner the market on convenience. Digital home automation, in the form of smart home ecosystems, has increased by more than 20% in the last year, compared to previous years. Despite the comfort these devices offer, the Internet of Things (IoT) is not a secure environment. Your smart light bulb is more vulnerable to hackers than the browser you haven’t updated for 3 weeks.
Your digital assistants respond to your voice commands, but who else is listening in on your household? You bring your smartphone with you everywhere you go, but what information are you sharing without your knowledge or consent? These devices memorize your routines, and that information is accessible by outside forces.
What can I do to keep my information secure?
How can you protect yourself? Consider asking yourself the following:
- How do you use these devices?
- What permissions do these devices have?
- How strong are their password protections?
- When were they last updated?
- What limitations have you put on your personal information and social presence?
The first step is to analyze how the technology in these devices is utilized regularly. What are your smart devices able to see and hear? If they are stationary devices, are they in a location where they can record sensitive information? Make sure those devices are at an angle where they are high enough not to have a clear view of the room they are kept in. Do not use that room when discussing private information like your credit card number, vacation plans, or anything else of a personal matter.
While your smartphone isn’t likely to record your conversations, your phone’s GPS and camera may be giving your location away to interested parties. A study conducted by Northeastern University’s computer science professor found that more than 9000 Android apps secretly take pictures and videos of our smartphone activity. This could easily record screenshots of credit card and other personal information. The best practice is to be mindful of what information is accessible on your phone, and to limit the apps you download to just the most important ones.
The next step is to consider what permissions you have allowed the devices and apps in your life. What information do they have access to? Do any of the permissions seem out of the ordinary? If so, there is a chance these devices are running background processes that collect your data. Decline any permissions you don’t find reasonable, and make sure your apps are verified and from trusted vendors.
Any device that connects to the Internet should have a password associated with it, which you will be required to change upon set-up. If your smart device does not require a password or does not have a strong one, that means anyone can easily access it. But how do you create a strong password? Rather than relying on the same tired system of incomprehensible and complicated passwords, we recommend switching to a “passphrase” system. We have done a video about strong passphrases below:
You should be updating your devices and apps at every available opportunity. The security updates exist to fight off the latest threats so you can go back to your day. By not updating, you put yourself at greater risk for Zero-day Exploits. We know that sometimes it can feel excessive, even unnecessary, but just like cold viruses, internet viruses mutate and the only way to stay a step ahead is to make sure you’re using the most up-to-date version of your software. It is designed to combat the latest viruses and threats, so make sure to do every update as soon as it becomes available.
How much do you really want to tell strangers?
The most commonly ignored step to internet safety involves limiting all accessible information about yourself. Any site where you input your personal information should be handled with a healthy level of suspicion. Whether you’re buying a product from an online store or tweeting your vacation photos, you are putting yourself at serious risk.
When was the last time you added your address to a profile you filled out online? What about your birthday, so your friends could send well-wishes your way? How about your email address? Every day, we commit our personal information to forms without a moment’s caution. But who is on the other side of that form, and who may be looking in?
Sharing your location on social media and other sites gives thieves the opportunity to know when you aren’t home. Rather than updating your friends in real time about your vacation, consider posting about your trip once you have returned home. You can recount the highlights of your adventure and answer any questions they might have without having to worry about Internet connection or time zone differences.
If you intend to start a blog, consider doing so under a pseudonym. Avoid sharing information about where you live or work to deter impersonators or stalkers. Keep in mind, people who steal the identities of others are often able to get all the information they need via social media. Remember to limit all your social media pages to friends-only, and make sure you know every single person you approve as your friend. You can also change your photo albums so that only certain people can view them.
Blogs and social media are especially risky for children. Children have no control over what exists about them on the Internet. As they get older, information leaked from their childhood may lead to embarrassment or difficulties getting hired. Even scarier, by posting pictures of your children on public platforms, you put them at a greater risk of identity theft. According to the FTC Child Identity Theft Report, 2012, 26% of identity theft victims were between the ages of 6 and 10, while identity theft has doubled for children ages 5 and younger.
The same level of precautions should be extended to your friends. Whether you’re referring to them by name, posting pictures of them online, or checking into a location with them via social media, you should have their explicit permission before posting. Your friends may be trying to keep their information secret for their own personal reasons, on top of the threats already described.
Keep in mind, there is no such thing as a true “delete” button on the Internet. As soon as it is put out there, that information is accessible worldwide and can be screenshotted or researched anytime thereafter, even if you have erased the page. Privacy is not a guaranteed concept on the Internet and anything can be dug back up.
A good rule of thumb when posting your information online is to ask yourself, “Am I comfortable with everyone in the world seeing this?” If not, then you should avoid posting it online.
For more information, please visit https://niccs.us-cert.gov/national-cybersecurity-awareness-month-2019.