How to Secure Yourself When Everything is Connected

This week I begin a series on cybersecurity. I’ll be tackling this important subject over three posts. Today I’ll focus on personal cybersecurity – across all the different devices you use. Next week I’ll look at cybersecurity for business. The third edition will be about ensuring your family and children are safe online.

Cybersecurity is a massive topic that encompasses not only the three categories I’ve mentioned (personal, family, business), but many other specialist subjects – such as cloud security, encryption, and privacy. The topic is so big that I’m not aiming to be comprehensive in my analysis. Instead, my goal is to highlight the key trends in cybersecurity that affect the average Internet user (and in the case of next week’s edition, the average organisation). Plus of course, I’ll point out ways to protect yourself and your family.

Making your computing experience secure is harder than it’s ever been, due to the high number of Internet devices and services you’re in contact with every day. In this article I’m going to address four different aspects of personal cybersecurity:

  1. PC / laptop
  2. Mobile / tablet
  3. Wearables
  4. Smart Home / Internet of Things

PC / Laptop

Everyone reading this should be familiar with antivirus software. If you’re a Microsoft Windows user, this software is essential. It’s the reason why John McAfee has been able to live out his outlaw fantasies – he got filthy rich by selling his McAfee antivirus software to millions of Windows users.

Nowadays you don’t need to shell out so much money to the likes of McAfee, but it’s still advisable to pay for Windows antivirus software. As Tom’s Guide put it, “even the best free software leaves out features we consider essential.” It recommends Bitdefender Antivirus Plus 2016, which will cost around US$30 per annum.

If you’re a Mac user like me, you may think you’re practically invulnerable to cyber attacks. In fact, malware (software designed to disrupt or damage a computer system) is a threat for Mac users too. The good news is that Apple’s OS X updates do a pretty good job of keeping malware out. Comparitech notes that malware detection was introduced with OS X 10.6. So as long as you keep installing those free OS X upgrades, you should be ok. If you want to be super-secure, Tom’s Guide recommends the free Avira software (although one commenter on that article complained that Avira was hard to set up and a drain on system resources).

Regardless of whether you use antivirus software, you’re vulnerable to “social engineering” hacks. In other words, targeting the end user. After all, who among us has never clicked on a dodgy attachment in one’s email? Only now, the threat goes well beyond email – thanks to the prevalence of social media. For example, watch out for fraudulent customer care accounts on Facebook or Twitter. Proofpoint, a cybersecurity company, warns that such accounts are used “to phish credentials [and] steal personally identifiable information.” [Incidentally, social engineering is how Edward Snowden got access to so much secret data – he persuaded 20-25 other NSA workers to give him their passwords.]

Mobile / Tablet

When it comes to your smartphone and tablet, one of the main threats is malware hidden inside apps; even apps you download from the official Apple or Android stores. According to Proofpoint, “2015 witnessed several watershed moments in mobile app security, chief among them the disclosure of XcodeGhost for iOS and the Stagefright vulnerability for Android.” Don’t worry about what those names mean, the point is that mobile security became a major issue in 2015. What’s more, Proofpoint predicts an increase in app store malware in 2016.

What can you do to protect yourself? The simple advice is keep your apps up-to-date and upgrade your OS when your phone tells you to.

Wearables

With the advent of wearable technology – such as the Apple Watch or a Fitbit – cybersecurity must now cover your body too. Not only that, but much of the data that wearables provide is of the most personal kind possible: your health. So you want to be sure it’s not compromised. Jacob West, chief architect for security products at NetSuite, published a report on the security of wearables in February. The threats identified include rewriting health data on a device, spoofing data uploads using a known device or user identifier, and the unintentional revealing of sensitive data.

While the report is aimed at producers of wearable technology, to ensure they safeguard their users, Jacob West says that security “is a concern that consumers should be aware of and educated about” too. So make sure you follow normal Internet security processes with wearables – such as using a password manager, like 1password – and read the privacy policy for the device.

Smart Home / Internet of Things

With the number of Internet connected devices increasing at an exponential rate in the world, security is a primary concern. As just one example, it could be disastrous if your car got hacked. An Intel report from last year listed “malware, trojans, buffer overflow exploits, and privilege escalation” as threats to Internet-connected cars.

The problem with personal cybersecurity for smart homes and IoT is that you’re reliant on organisations – like the car companies – to protect you. Worse, as Paul Adams from Alcatel-Lucent noted, the Internet of Things (IoT) “lacks a common set of standards and technologies – and commonality is usually central to the approach of security systems.”

While we wait for security standards to emerge for the IoT, all we can do is stay vigilant and hold organisations accountable for securing their products. For example, Google’s Nest product has a webpage that outlines its security policy and what it does to protect consumers. At the very least, all organisations that deploy smart home and IoT products should have an information page like that. If a product you’re considering buying doesn’t have a visible security policy, then caveat emptor applies.

Conclusion

The key learning from this article is that it’s critical that you take an active interest in ensuring the Internet products you use are safe and secure. As noted in the smart home / IoT section, sometimes security is outside of your control. But you should at least be aware of the risks and hold the device makers (or service providers) responsible for security.

The good news is that the big companies – like Google, Apple and Microsoft – are generally vigilant about security for their users. To the point of not even letting the government in! But when it comes to personal cybersecurity, the weakest link is usually the end user. So protect yourself too.

Lead image: University of West Florida

2 thoughts on “How to Secure Yourself When Everything is Connected”

Comments are closed.