Cybersecurity

2024-10-25

img

It seems like every day I read about a website data breach where millions of people's emails and passwords were stolen.

Recently I saw the Internet Archive was under attack by hackers.

New software and hardware exploits are discovered constantly.

Big tech companies are farming people

Google tracks everything we do online and sells the information to advertisers. Apple overcharges for its hardware and software. When their hardware breaks they tell customers to buy a new one. Adobe overcharges for their software subscription and won't let people cancel.

Microsoft has turned their Windows 11 operating system into spyware with built-in ads. At the same time, they are ending support for Windows 10 on October 14th, 2025. Forcing people to upgrade to Windows 11 or choose another operating system.

All of these companies have changed their terms of service to say, "The user doesn't own the hardware or software they purchased." While adding a clause to allow them to train their artificial intelligence large language models on their customer's data and creative content for free.

Nothing in our ultra-connected digital world feels safe

I have family and friends who don't understand what's going on or take their cybersecurity seriously. They say, "That doesn't apply to me."

I've worked in Information Technology for 20 years. I can tell you it only takes one mistake to compromise your cybersecurity. I've seen highly educated professionals in corporate office environments have a lapse of judgment and click on a seemingly innocent email link, only to horrifyingly realize they infected the whole company with a virus.

That virus locked up computers, stole company information, and cost days of productivity and thousands of dollars in lost revenue before the internal security team could remove it.

The employee was written up, forced to take extra cybersecurity training, and warned that if they caused something like this again, they would be fired.

The situation is worse for home users. Visiting a shady website, clicking on a scam email link, or downloading an attachment could lock them out of their computer, corrupt their files, or allow hackers to steal all their money. Home users don't have a security team they can call for help. In situations like this, they are screwed.

There is no silver bullet

Too many of my family and friends are looking for the easy way out. They want a single software tool to protect themselves. But these days that's not enough.

I've repeatedly told them that cybersecurity is a set of practices like personal hygiene. No sane person would take a single shower and assume they are clean for the year. It's the same thing as assuming one antivirus or security tool will protect them.

I've told family and friends that most of their vulnerable personal data isn't stored on their home computers. It's stored in their Facebook profile, bank website, or a hundred other company websites they have no control over.

Those companies only need one employee to make one mistake to leak all their customers' data. I paint a bleak picture to emphasize the seriousness of the situation.

10 Cybersecurity Tips

  1. Remember that nothing is 100% secure. Cybersecurity is a moving target. Technology is an ever-evolving rapidly changing landscape. What works today will be obsolete next year.

  2. Accept that there is no escape. Even if you closed all your social media accounts, and email addresses, and gave up your phone and the internet. Your bank, utilities, and other companies will remain online and continue to store your information on their computers.

The three credit bureaus; Equifax, Experian, and Transunion, along with various other private and government websites have your social security number stored on their computers. I recommend everyone create a free account on all three credit bureau websites. Then freeze your credit, which is also free. This will make it harder for bad actors to steal your identity and run up credit card bills in your name.

  1. Don't trust emails, texts, or phone calls from unverified sources. (Text messages are not secure by default) Just because someone calls and claims to work for Microsoft or your bank doesn't make it true. It could be a scam. Tell them you're busy and you'll call back later. Hang up and call the company directly yourself. Then you can verify if they called you.

  2. Understand Social Engineering. You are the weakest link. Hackers will try to trick you into giving them information they can use to access your accounts. Don't post private information on social media. No one needs to know the street you grew up on, your pet's name, your Mother's maiden name. Or, where you went to school. Keep that to yourself.

  3. Use different unique strong passwords for every account you have online. Don't reuse passwords for anything. Change your passwords every month and use two-factor authentication to make it more difficult for hackers to access your accounts.

  4. Delete accounts you no longer use. This will reduce the amount of your information stored on other companies' computers.

  5. Use a secure browser like Brave or Firefox with security extensions. Blocking ads is nice but blocking malware-infected websites is better.

  6. Use a secure operating system. Windows 10 has issues but with work, it can be secure. Windows 11 is a security nightmare and should be avoided at all costs. MacOS is pretty secure by default. Linux Mint and POP OS are great beginner-friendly secure Linux operating systems.

  7. Back up your important data to a flash drive or external hard drive in case something happens to your computer.

  8. Stay up-to-date with the latest cybersecurity news online.

Summary

While there is no silver bullet for cybersecurity. Some steps can be taken to improve it. It starts with a clear understanding of the digital landscape and its dangers. Correct information helps everyone make better decisions.