Cyber security is a hot topic these days. It seems hardly a day goes by that the news headlines don’t scream out in bold letters about the latest computer virus or data breech. Many people either feel confused about how to protect themselves—or worse—they feel helpless to protect themselves at all. Below are 6 myths about cyber security and how believing and acting on those myths can cost you big-time!
o Myth #1. I have antivirus & firewall protecting me, and I keep my software and operating system up-to-date, so I should be ok.
Congratulations! That’s a wonderful start! With today’s threats, however, it’s unfortunately not enough. You’ll need to make certain your home network & all devices connected to it are secured–& yeah—that includes your mobile devices such as phones, IPads, etc. Mostly, though, protecting yourself from cyber threats is all about you. It’s about using strong passwords, using different ones for different sites, using 2-factor authentication when possible, and not being tricked into clicking malicious links, attachments, or downloading programs which contain malware that could jeopardize your security, privacy, and computer. In case you’re a bit hazy on all that—don’t worry—we’ll discuss it in greater detail as time goes by. But believe me when I tell you—your greatest asset when it comes to protecting yourself online is you!
Malware, in the event that word is unclear to you, is any malicious program such as a virus, worm, spyware, etc., that’s installed without your knowledge or consent.
o Myth #2. I also don’t go to adult sites or download stuff illegally, so I should be ok.
Every city has its neighborhoods where it’s a well-known fact it’s not safe to be there after dark. Truthfully, it’s questionably safe to be there any time. The internet’s a little like that too—illegal download, adult, and some gaming sites tend to be hotbeds of malware. Unfortunately, the landscape is changing. Cybercriminals soon began to realize that if they want to tap into the mainstream population of the internet, they had to go where the majority of people go. That means they’ve started trying to compromise, (and sometimes that successfully), legal and mainstream websites. If you own a website, that might include yours.
It’s hard to protect yourself when a website you do business with has been compromised. Often, though, cybercriminals will try to redirect you to look-alike versions of those websites, attempting to trick you into thinking they’re the real deal. It’s called “phishing”, and I’ll have a lot more to say about it in later posts.
o Myth #3. My friend/relative sent me an email/link, so it’s ok to open the attachment or click the link.
Not! I’m not saying here that your friend or relative would intentionally send you a bad attachment or link, although if you’re not on the best of terms with someone, you might want to exercise even more care. However, email accounts can and do get taken over by bad guys, or someone well known to you could get an infection on their machine. At that point, all bets are off. Don’t click on something simply because someone you know sent it. I’ll be having more to say on staying safe while using email in a later article.
o Myth #4. Even if my computer gets infected, it’s my own business, cuz I’m the only victim.
Not necessarily. I’ve already referred to the fact that a computer infection can spread by means of email—essentially by going through the victim’s contacts and sending itself to all of them. In addition, computers infected by the same or similar malware can be joined into “botnets”. “Botnets” are a network of infected computers which can be used to send out spam or launch “distributed denial of service” attacks on websites of their choosing. Basically, a distributed denial of service (DDOS) attack is when a website is flooded with so much traffic, or with the wrong kind of traffic, that it can’t handle it, and it therefore goes down. Each infected computer in a botnet is called a “zombie”, in case that’s of interest. Notable victims of DDOS attacks have been Yahoo, Amazon, Sony, and the New York times, to name just a few. DDOS attacks have been used against the websites of government and financial institutions, bringing those sites to their knees for varying lengths of time. These attacks can conservatively cost governments and businesses hundreds of thousands of dollars for time and personnel to mitigate and clean up damage from the attacks, financial and reputational losses from customers who took their business elsewhere, and lawsuits by organizations whose businesses were disrupted as a direct result of such attacks. The point here is that you may well not be the only victim.
o Myth #5. I don’t store my credit cards, social security number, etc., on my computer, so my computer and its data are of no value to a cybercriminal.
Perhaps you don’t store your social security number, credit card, or other data on your machine that could be used to initiate identity theft. However, you likely store email addresses, saved browser passwords, contact details, and maybe even appointments. Malware can steal email addresses and, depending on the browser you use, the potential exists for those passwords to be stolen as well. Appointments can possibly help cyber-thugs launch attacks—usually via email–against you, known as “spearphishing” attacks, which can make you think the email is coming from someone you know because they know so much about you. The fact is, they know so much about you because of the data they got off your machine. In other words, your idea of the data cyber thieves are looking for might differ from theirs. Your data is a target—and it can and will be used against you, if at all possible.
o Myth #6. Cybercrime seems to be so rampant, I’m basically helpless to protect myself.
This is the most dangerous myth of all. Yes—admittedly–if you were 1 of those who shopped at target between Black Friday and December 15 of 2013, you were a victim, and there was nothing you could’ve done differently to protect yourself. The truth is, however, that there are many things you can do to keep from becoming the victim of cybercrime. I’ll be discussing a variety of methods you can use in upcoming articles. I know it often seems like a hassle. But—seriously—how much thought do you give to locking the door of your home, turning on the security system, and installing an antitheft device like the Club on your car? Those things really don’t take up all that much time, but they certainly serve as deterrents to thieves, who’d rather deal with places and vehicles that are unprotected. With just a bit of thought and time, you can lock down your computer with the equivalent of those sorts of devices. I can’t guarantee nothing untoward will ever happen. The only way I can guarantee that is for you to turn the machine off and never use it, in which case, why bother to own a computer in the first place? But I can promise you’ll be a lot less likely to experience an attack when you follow the advice contained in upcoming articles on various cyber security topics. To be sure you get them, why not just fill your email address in on the subscription form and click the ‘Subscribe’ button. You’ll be sent an email confirming you really do want to hear from me, and, once you reply to it, you’ll be the first to know when I publish a post.
Thanks for reading and happy computing! By the way, don’t hesitate to leave a comment if there’s something you’d like to share. You’ll need to register or log into the site first, but, once that’s done, I’d love to hear what’s on your mind. And if you’d like to share this post on any of your social media services, I’d appreciate that, too. So might your friends.