Technology is becoming an increasingly important aspect of our lives, and as such, topics like computer security have come into discussion, both online and in media. With the increase of awareness, people often question why they should care about securing their companies and systems. Security experts are often met with questioning about the time, effort and cost of security, with statements like:
“I have nothing to hide anyways. None of my data is confidential, so who cares if I get compromised”.
The fact of the matter is in the day to day use of technology, the software and hardware you interact with gathers and stores more information that you are aware of. There is more sensitive information on your system worth protecting than you are likely aware of. In this article, I will show you that even the simplest systems can cause a lot of damage when compromised.
Consider a simple system, that is used for only email and nothing else. Think for a minute about what kind of emails you receive on a day to day basis. If you’re like me, you probably have a large number of emails in your inbox, and don’t know what information is available.
Suppose an attacker was able to gain access to your email, using any number of methods, such as a keylogger or even as simple as guessing the password. The attacker would now have access to all of the information in the emails. As technology progresses, more and more data is being sent through email. Items such as receipts, tax forms, pay stubs, and credit statements are all examples of data that could be available in an email. If an attacker even gains access to a receipt, the impact could be larger than you think. A receipt often contains information such as partial credit card numbers, total cost, and the company that charged you.
You’re likely thinking that this information is rather useless. In some cases however, partial credit card numbers can be used to identify the type of card. With access to an email, a partial card number, a receipt, an attacker could convince a credit card company to give them access to your account. This type of attack is not uncommon, and it is only the tip of the iceberg when looking at email attacks alone.
Using your email account, an attacker could also send emails posing as you, in order to convince your contacts to reveal information, or possibly get infected as well. Emails are also typically linked to other accounts, meaning that if an email is compromised, any other accounts will also be compromised. By attacking something as simple as an email account, an attacker could compromise almost anything you possess.
Seeing this may be concerning, however there are simple steps that anyone can take to protect themselves from attacks online. Here are a few tips you can keep in mind to help secure your systems, and ensure that your devices will remain safe.
- Anti-virus is not perfect
Anti-virus can be good for protecting your computer against simple attacks, however it is easy to get around. Overconfidence in anti-virus is often a mistake users will make. They assume that if a file scans without issues, it is safe to open. In reality, most anti-virus relies on the virus being seen before, and uses a signature to check if it is the same. If the virus is written manually, or a new exploit, it will not get caught by your anti-virus.
To better protect yourself, make sure the source of a file is trustworthy before opening files. In addition, keep in mind that any file extension can be malicious. Most commonly, .exe, .xlsm, and .docx are used to attack users.
- Verify emails before downloading attachments and clicking links
An increasingly common attack type is a phishing email, which is when an attacker imitates a legitimate user or company to try to convince you to click a link or download an attachment. In general, if you weren’t expecting an email, do not click any links or attachments in it. If you are in doubt, call or contact the sender using a trusted communication method.
- Keep software up to date
A large bulk of attacks rely on outdated or unpatched software. You can cut down on the risk of a compromised system by making sure you have up to date software and operating system installed on your computer. Updates might take time and seem like a pain, but the benefit of patching security vulnerabilities outweighs the cons.
Overall, it is important to protect your computer and technology, in order to protect yourself from compromise of data. As technology continues to advance and play more of a role in our lives, security of technology will become more and more important. Remember that as a user of technology, you have the power to learn and educate yourself about security issues present on your devices. Being cautious and understanding the risks present is the best way to protect yourself.