BATON ROUGE — Today, virtually every device with a screen is connected to the internet. The ability to complete everyday tasks from a pocket-sized phone certainly makes life easier, but as technology becomes more central to consumers’ every move, the more data will be stored about their personal lives.
The “Internet of Things” is the culmination of all these devices connected by the internet – a vast system of networks collecting and sharing consumer and business data. For skilled cyber criminals trained to find the holes in security, one unprotected smartphone or laptop is their golden opportunity to infiltrate a network. Once these criminals are in, they can quickly gain full access to the entire network and all the data contained within it. They can steal passwords, locations and bank card information. Data breaches of this nature have devastating consequences for its victims.
October is National Cyber Security Awareness Month, which means businesses and consumers are encouraged to commit themselves to understanding and improving their personal cyber security practices. Surveys show that Americans know about online security, but don’t take it seriously. In 2017, a survey by the Pew Research Center found that most Americans admit to failing to follow most measures that would protect their data from cyber criminals.
This cyber security awareness month, SBS CyberSecurity, a company that works with clients across the country to identify weaknesses in their networks and strengthen cyber security practices, has information for consumers about making sure they are owning their devices, not letting their devices own them.
Download apps only from trusted stores.
Last year, the Electronic Frontier Foundation announced that hundreds of gigabytes of personal data was stolen from consumers who downloaded what they believed to be the popular messaging tools WhatsApp and Signal from links they received through phishing campaigns. The links directed them to storefront-like pages that were actually download pages for malicious apps disguised as WhatsApp and Signal. Once downloaded, these apps performed like the regular messaging apps would, but first asked for excessive permission to the device’s location, camera, and other apps. Many consumers allowed access without thinking about it, but were unknowingly allowing hackers to access their data.
If an app is offered on an App Store or Google Play, it’s been approved and rated and there’s a stronger chance the app doesn’t contain malware, though nothing is 100% secure today. Consumers should only download apps on the App Store or Google Play, check reviews to validate the app is legitimate and trust their gut is something feels phishy.
Keep the software on ALL internet-connected devices and apps up-to-date.
Many consumers falsely assume that their smartphones are virus-proof. However, smartphones are small computers that run on specific operating systems, just like laptops and desktop computers. Just like a computer, if the software on a device is outdated, cyber criminals can more easily break in without the consumer knowing. Frequent updates to smartphone operating systems are released, and part of those updates include improved security measures and fixes to holes that cyber criminals use to infiltrate networks.
Don’t allow browsing apps to save passwords or bank account information.
Most browsers such as Google Chrome and Safari are programmed to “remember” credentials to simplify the login process on certain websites with the user’s permission. Consumers often opt in for the “autofill” option and forget that that means their log in credentials are saved by the browser. If the device is hacked, the hacker would have full access to everything saved on those browsers and can then log into the consumers’ accounts or use their bank account information.
Frequently check the privacy settings on a phone or laptop.
Some apps have features that require the consumers’ current location for best results. For example, Google Chrome might ask the consumer for their location if they make a search for “best taco shops in my area.” That’s pretty standard – however, a consumer might allow an app to track their location and forget about it after one use. Some apps may be tracking a consumer’s location in the background of their phone without their knowledge. Consumers should be meticulous about which apps they allow to track their location, frequently check their phone’s privacy settings to review what information is being shared, and regularly delete unwanted apps.
Public or free Wi-Fi is not always secure.
Free or public Wi-Fi points are often not encrypted, meaning the data being used or accessed while connected to that Wi-Fi is visible to skilled eyes who know how to find it. Consumers should never use public Wi-Fi in places like shopping centers and restaurants.
As cyber criminals employ more sophisticated methods for stealing personal information, it’s impossible to say that the data stored on any “smart” device is completely secure. That’s why consumers need to take ownership of their devices and security, update software frequently, and understand the risk of information or a device being hacked.
For more information and best practices for cyber security, visit https://sbscyber.com/education/blog.
SBS CyberSecurity, LLC (SBS) is a premier cybersecurity consulting and audit firm.