How aware are you of security when you use your laptop or mobile phone to log into your social media accounts, browse the Internet, or purchase goods online? Do you ever get the feeling of being watched, that every click you make and every keystroke you type is being monitored? The digital age is a dangerous one: people can get scammed, robbed, spied on, blackmailed, and violated – just about every crime possible.
2015: Bangladesh faced an $81 million virtual bank robbery remotely orchestrated by hackers in China.
Whilst banks obviously need to have sophisticated security across all platforms, ordinary individuals should exercise caution when it comes to leaving traces of private banking details anywhere in the virtual world.
Being cautious online is not limited to only keeping your banking details as secure as possible – or taking steps to ensure your built-in webcam adheres to basic safety rules – but extends to almost every aspect of your digital life while you are connected to the Internet.
2014: Over 90 people in 19 countries were arrested after a two-year operation by the FBI and country police to swoop in on users of spying software Blackshades RAT.
Most laptops now have built-in webcams, and the largest global cybercrime crackdown in 2014 arose because of this. There still exists malware – in the form of Remote Access Tools (RATs) – that can be easily bought and used to hijack computers and turn on webcams, get access to hard drives, and capture keystrokes to steal passwords.
The following tips from Phnom Penh-based IT specialist Niklas Femerstrand, Spotify IT support technician Jeff Foster, and a secretive Singaporean IT consultant, will give ordinary users guidance on how to guarantee cyber security.
• If you have a laptop with a built-in webcam, it is best to cover the lens of the webcam with a sticker when not in use, to stop visual spying.
• The most basic way of not leaving any trace of your sensitive details online is to use the ‘Incognito Mode’ of your preferred browser, so that your browsing history, caches and cookies cannot be tracked.
• Do not use an open, unsecured Wi-Fi connection, especially if you plan to access sensitive information. The owner of the unsecured network is able to easily extract the data that goes through it, including sensitive information like passwords and credit card details.
• A password manager also helps to keep hackers at bay. Many people use the same password across multiple websites, so a hacker can easily access all your other accounts if you have a repeated password. An example of a password manager site is LastPass, for which you have to remember only one master password, and LastPass will remember the rest of your passwords for you.
• It is best to have a password at least nine characters long, preferably a short sentence such as “iliketoeatpancakes”, and replace some of the letters with uppercase letters, numbers and symbols.
• For phones, always have a passcode to protect your data and back up regularly. You will want to use services such as ‘Find My IPhone’ for iOS devices and ‘Google Backup’ for Android-based devices.
• Using a two-factor verification, such as the Google authenticator, helps to add an extra layer of security to your online life. This is so that a potential hacker would need both your password and your phone to access the one-time authentication password – which expires after one minute.
• Keep your system up-to-date – whether it’s browser updates, anti-virus updates, or any new software. People should be aware that when something is prompting them to update, it is for the user’s own good.
• Have trusted Anti-Virus/Anti- Malware software – such as F-Secure or MalwareBytes, as suggested by Foster – on your PC or Mac to protect your documents, videos, music and photos from being affected by malicious programs.
• Don’t trust suspicious pop-ups that ask you to download or install software. Always install authorised software that is from the official site of the manufacturer, never from a mystery pop-up.
• To ensure you are not connecting to a suspicious Wi-Fi connection when in public, make sure that the connection has a strong password and a certain level of security that comes with it. Specifically, Wireless Protected Access (WPA) provides more sophisticated data encryption. The strongest protection for wireless transmission of data so far is WPA2; if the Wi-Fi spot you are connecting to has this enabled, you won’t need to worry.
• Proxy servers are a good means of ensuring your privacy by masking your IP address. These virtual private networks (VPNs) make it difficult to track you. However, the downside is that some proxy servers could be malicious, thus releasing viruses into your device, or gaining access to your personal details by intercepting all data heading to and from your device. One of the more trusted and reputable anonymous servers is the Tor network, which is not a single proxy server, but a triple-layer encryption that prevents anyone watching your Internet connection from modifying your data.
• For those who have sensitive and private data stored in their computers, you can download an operating system called Tails that runs everything through the Tor network. Uniquely, it doesn’t store anything – when you boot up and shut down your computer, it is a completely separate operating system. So even if you get infected, the next time you boot up your computer, the virus is gone. Tails is a Linux-OS distribution that uses the Tor network to connect to the Internet.
• Besides ensuring online safety, you can ensure that your highly sensitive documents stored in your computer are safely guarded. One method is data storage encryption, of which nowadays many people who need it make use of VeraCrypt. With VeraCrypt you can make a virtual encrypted disk volume that can be mounted and used like a real disk; encrypt a whole partition or storage device through a hard drive or a USB flash drive; or create a hidden partition or storage drive comprising an entire operating system.
With all this said, the most important takeaway is to always be vigilant on where you use your devices, especially if you are a traveller, because every area in the world is different. “It all boils down to common sense and judgment of the user,” Femerstrand says.
“Not everything in life is 100 per cent secure, but you can always take measures to be as secure as you can be, and be prepared for any situation that may arise,” Foster concludes.
DISCLAIMER: These tips have been provided by IT specialists. If you would like to utilise the more advanced tips, please conduct your own research and use your personal judgment to decide if you are comfortable with using them.