Why is cyber security important? In the age of technology, data has become the new currency. Where once there were highwaymen and bank robbers terrorising the public out of their hard-earned cash, now we have hackers. A far cry from nocturnal, energy-drink-guzzling recluse, operating from the sanctuary of their parents’ basement, today’s hackers are sophisticated and organised;
As aptly put in this CSOOnline article, “Computers are no longer novel, and hackers are no longer messing around…Today’s hackers are skilled professionals with serious jobs. They are paid well, have human resource teams, and take holidays off.”
If we’re all surfing in shark infested online servers, how can we protect our personal data?
We’re going to hack into the minds of hackers themselves, to learn some tricks of the trade and identify exactly where we’re unintentionally leaving ourselves vulnerable to cyber attacks.
How do they identify potential targets? How exactly can they access our personal data?
THE CYBER SECURITY FAULTS IN OUR HABITS
To cope with the complexity and unpredictability of life, our risk-averse brains constantly seek patterns which in turn, create habits. Habits are small things which populate our day, triggered by subconscious cues from people, places, anything really. Your morning coffee delivers a necessary caffeine hit and reminds your brain that it’s time to wake up and get ready for work.
Habits allow us to almost sleepwalk through our days. If we break from the routine, we’re often left reeling. If you forget to put your keys in their usual bowl by the hallway, you’ll have to conduct a manic search 10 minutes before you’re due in the office.
“While these habits are good for our memory and automated habits, they are also a trap: they make us predictable; they are the keys to opening the doors to a number of possible threats to our online identity and reputation.”
Hackers rely on our habits to let them know when and how best to ambush us and make away with our confidential information. This could be by sending a phishing email that looks very similar to one we would typically get from a co-worker, thus triggering our impulse to open and click a link that’ll allow them gain access to our computer systems.
COMMON CYBER SECURITY MISTAKES
If you’re prone to forgetting passwords, we’re willing to bet that you probably use the same one across multiple accounts, most likely based on something personally significant, which means it is probably quite easy to guess for someone who has a ton of information about you. In 2019 Google conducted a study which revealed that not only did 59% of respondents use their own names or birth date in their password, but bafflingly only 45% said they would change their password after a breach had occurred! We’re seeing red.
It turns out that 59% of us are so predictable when it comes to protecting our data, we’re practically leaving the door open and rolling out the welcome mat for hackers.
OVERSHARING: UPPING THE CHANCES OF A DATA BREACH
But how do these hackers get all this information about us? Do they have to somehow install viruses on our computers to steal the information? Sometimes, yes, but other times, we simply give it all to them.
We all know that social media has revolutionised the ways in which we communicate with one another, but in our excitement to share and forge connections, we’ve underestimated just how accessible we’ve made our personal data.
When it comes to publicly available information, hackers can use a variety of tools and techniques to gather data from social media profiles. Hackers often use search engines to look for information about their target. They’ll search for the target’s name, username, or email address, and can often find information such as their social media profiles, public posts, and more;
PWC interviewed an anonymous, self-confessed hacker who described the tactics they employ to procure their target’s information.
“To discover more about Carl, LinkedIn was a good place to start. From name, professional email, job description, past professional experiences to hobbies, you can get valuable information ‘in a nutshell’. I ended up confirming my hunch about the email ID and the email server the company is using.”
We might think we’re writing an innocuous LinkedIn post, but anything we put online acts like a trail of breadcrumbs, leading a hacker ever closer to your personal data and confidential information–and potentially that of the organisation you work for, too.
To protect ourselves from these types of attacks, we should think about which information to share online and make sure to use strong, unique passwords for each of your accounts. We want to see everyone enabling two-factor authentication wherever possible to add an extra layer of protection, no exceptions!
In conclusion, understanding the tactics and techniques used by hackers is crucial in safeguarding our personal data and maintaining our online security. By recognising the role our habits play in making us vulnerable, adopting stronger and unique passwords for each account, and being cautious about the information we share online, we can significantly reduce the risks associated with cyber-attacks. Additionally, for organisations, it would be worthwhile to consider cyber security training for staff to ensure they are aware of and can counter common cyber security threats. By taking these steps, we can collectively strengthen our cybersecurity and protect our personal data from falling into the wrong hands.