5 Simple ways to prevent cybersecurity breach
There’s an adage that the more we talk about security, the more insecure we become. No wonder most people try to avoid to talk about it altogether. The same thing applies whenever I start discussing cybersecurity. Not many people interested to talk about the issues due to some misconceptions about cybersecurity: e.g., it is too sophisticated, too expensive, and the belief that it is a software engineer business, not theirs.
Actually, the threat of cybersecurity is real, and with the advancing technology, practically every system is attacked, exposed, and nobody is really safe.
Rapid attack even affected some of the largest tech company including Twitter, Facebook, Amazon, and Google+. In 2018, there was a substantial amount of breach activity. One of the most sensitive cases is when Cambridge Analytica harvested 50 million Facebook profiles in 2014 to build a system that can profile US voters and target them with political adverts. Also, in November 2018 approximately 383 million records of sensitive data including credit card details and passport info leaked from Mariott / Starwood group hotels including (Sheraton, St.Regis, Westin, Le Meridien, W Hotels).
The breaches are not always sophisticated; human error is still one of the most common that causes of cybercriminal success.
Many hackers use social engineering as their modus operandi. This method uses human interaction as the backbone of their malicious activity, in which they used psychological manipulation to trick users into making security mistakes. The latest research from McAfee said the malware-as-a-service families would strengthen this year and cybercriminals will be using mostly social media, cloud, and mobile phones as their principal attack vectors. This trend is also enhanced by the growing artificial intelligence such as the internet of things, digital assistant, and social media platform.
A secure cyber practice in this information era is highly essential to create a security consciousness. The following are five simple tips to prevent the cyber breach from happening to you or your organization
1. Don’t trust suspicious emails (beware of phishing scams)
More than 90% of successful cyber attacks worldwide begins with a phishing email. Phishing is a form of cybercrime when the hackers contact the targets by email, telephone, or text message and pose as a legitimate institution to lure individuals into providing sensitive data (i.e., password, credit card details, banking information). A phishing attempt will have a sense of urgency and ask you to act right away, click here or said that the offer is limited. Never click the untrusted link and delete any emails that are suspicious or does not sound right to you. If you are curious, do not click directly in the email links and use a browser to check it instead. Also, avoid any attachment that you are not expecting and if you must, scan the attachment first with antiviruses. For the organization, some products such as Phisme or KnowBe4 can deliver phishing simulation emails and train the staff directly to recognize a phishing attempt.
2. Keep the software up-to-date
Maintain your software, particularly security software, updated regularly. This is critical as it will update you from the latest threats. This action might not seem necessary and most people tend to delay or skip this process because it can take up to a few minutes. However, not updating the software is a mistake that can put you at risk as you keep your door open for hackers to access your private data and information. Make sure you check updates frequently and make it a habit to apply, including for the operating system like Windows or IOS, anti-virus, and application such as Adobe and Java. To ease the process, you can also select auto-update on software on your desktop and mobile.
3. Create a strong password
Ensure a strong password in every platform that you have. One of the tips to create a strong password is to make a longer password from random words that are easy to remember. Today computer can solve seven characters' passwords in a millisecond. Therefore it is crucial to creating a longer password with 20–30 characters to prevent hackers from figuring it out. You can also use a password manager such as Last Pass,1Password, or Dashlane
4. Use two factors authentification
Avoid using text messages to do it, as hackers can easily clone the phone number and get access to your SMS. Some of the best applications to use 2FA are Google Authenticator, Microsoft Authenticators, and Duo Mobile. You can also use a physical key as a fast identity online (FIDO) that can be inserted in your USB drives such as Yubikey or Feitian
5. Avoid oversharing
Step aside from oversharing in social media, since the attacks are mainly using social engineering and the trends, show that they will mostly utilize social media such as Facebook and Twitter. Questions such as phone number, birth date, or where you went to school are better left unanswered as this type of information can be used to break your account.
In the end, since the human factor is the basis of the cybersecurity problem, any kind of tech security solution will not work if the user is ignorant and does not use it correctly. Applying the right security protocol can significantly reduce our risk. Therefore, it is important to strive and protect our safety by protecting our identity online.
Any company, product and service names, and logos referenced herein are the property of their respective owners and are for example identification purposes only. The use of these names and logos does not imply endorsement.