The need for cyber security is greater now more than ever, and those most at-risk are the uninformed. In a high-risk environment, one must be aware of the common mistakes and real dangers in order to protect oneself. In light of recent high-profile security incidents, such as the iCloud celebrity photo breach in August or cyber attacks against Target, Home Depot and JPMorgan this year; most people are still unaware of the very real dangers posed by mismanagement and a lack of security concerning their “digital footprint”.
Your digital footprint is all the data you generate and records you leave behind while online. You may think, “I don’t create any kind of data or records, I’m just browsing.” However, every user leaves a digital footprint no matter how trivial your online activity is. Not only does this include everything you post online through social media and other means of communication, but a record is also kept automatically every time you visit a website. “But how can photos of my cat on Facebook put me at risk? I’m not that interesting!” Have you ever forgotten your email or apple password and needed to reset it? You will be asked two or three “Security questions,” like “What city were you born in?” or “What is the name of your pet?” — things that could be easily found through some digging on the average Facebook profile.
Personal information sifted from a victim’s digital footprint can also enhance another weapon in the growing cyber criminal arsenal- social engineering. Social engineering is a tactic used to trick people into giving information or performing some action by feigning the authority of authorized representative to make this request. This was in the news recently when former Google employee Naoki Hiroshima had his super-short twitter account, “@N” stolen (an account valued at over $50,000!), or when technology journalist Mat Honan had his AppleID breached and all data deleted from his Macbook, iPhone and iPad. These are two “tech-savvy” users, each with above-average security measures in place, but both were still compromised due to social engineering.
The most recent iCloud breach is a perfect example of how even normal, uninteresting computer activity can put you at risk. It’s not known exactly how this breach was accomplished, but a prevailing theory suggests that these celebrities connected to a seemingly harmless and open Wi-Fi network at a recent award show. While they navigated around the web on their phones, logging in to email or social networks, all the data sent back and forth was recorded to exploit later. How often have you connected to an open Wi-Fi network at a school, library or coffee shop?
October is National Cybersecurity Awareness Month. Just like using Daylight Saving Time as a reminder to check your smoke detector batteries, Cybersecurity Awareness Month is the time to evaluate your digital footprint. For this purpose, the University of Massachusetts Boston is hosting an event on Wednesday October 22to help you learn the risks and remedies for cyber security issues, with a presentation by John Sileo, a nationally renowned speaker and expert in this field. Learn security tips for social media and mobile devices, find out more about social engineering and how you can detect it, and learn how not to be fooled by common threats that might be right under your nose. The event will be in Campus Center, 3rd Floor Ballroom from 11:00am – 12:15pm. Attendees will be entered into a raffle to win an iPad, and other prizes. The event is free, but please register at massachusetts.edu/isocevents/boston