Almost every minute that elapses on the internet, there will be reports of an active threat, a ransomware or data theft. In these cases, we (people) are responsible for 90% of the attacks; we are the vulnerability itself. To patch the vulnerability, we are going to look at the things we do which risk our online security. Always use a VPN program even for your mobile phone when browswing the internet.
Using unsecure public Wi-Fi
Everyone likes free WIFI, and that’s where everyone gets to regret the most. Public WIFI is always open and lacks the required security mechanisms. Also, all sorts of people are connected to it; you might not know if the next person is a hacker looking for vulnerabilities. Or even the owner of the free WIFI is an attacker. Once you connect to it, you will give out your details. Before putting your trust on these free WIFI hotspots, ensure you have a VPN. You can find them at vpnadviser.com. Most of them supported as an app. You can also avoid logging into sensitive accounts with your private and most valued information. In addition to that, ensure the website you visit start with HTTPS. HTTPS is the safest protocol on the internet due to encryption.
Keeping an outdated software
As it was discovered recently in the KRACK vulnerability, outdated systems are still at risk of the WIFI bug. Applying patches and updating your system software ensures current and anticipated system bugs are fixed. Also, the updates improve security, and you get extra features. Recent ransomware attacks took advantage of outdated operating systems. Apps and programs should be updated regularly to increase their security and boost performance. For those who get updates from the repository, ensure that the repositories are verified and not compromised as the update may turn out to be your worst nightmare.
According to research, the most used password in the last three years was found to be “qwerty” and “123456.” These passwords are easy to guess without the use of a brute forcing software. Another vulnerability that was found in passwords is that people use the same password for almost all of their accounts. So, if a hacker figures out a password to one of your accounts, all of your info is at risk. To avoid using the same password for every account, use a password manager. Password managers are hard to compromise, and also, they have security features such as; military-grade encryption, compatible with most devices, and a self-destruction mechanism if the master password is incorrectly entered 5 times. It will even save you the hassle of having to cram longer and complex passwords. In regards to passwords, the minimum of 6 to 8 characters is no longer stronger. Ensure your password is at least 12 characters. Your password should at least have a number, uppercase and lowercase letters, special characters and symbols and should not include a dictionary word. Mobile devices which can be let openly should have other extra mechanisms such as biometric identification.
You haven’t implemented the two-step verification system
Apart from having a strong password, the next thing you should include in the mix is a two-step verification. A two-step verification is like having a second door that you have to open in order to enter a room. It can be implemented by another email, a social account or even a phone number. This system is helpful if someone knows your password and tries to log in from unknown device or location. The system will then alert you, and you will restrict the access to your account or log out all devices immediately. Although it might be annoying if you are the one trying to access your account from another device. Like pointed out earlier, you can also use a password and biometric verifications to increase your security.
Opening any emails you receive
Emails still are the greatest vulnerabilities on the internet. Through phishing, an attacker can disguise as an office employee or your friend and then steal or infect your data. The one of the popular ransomware on the internet this year was propagated through emails. Phishing emails may look similar to original, authentic emails, ensure you check the details carefully before proceeding to do what the emails demand. To avoid the spread of malware from happening, don’t opening emails attachments especially the ones in the spam or junk folder if you don’t know what it is. If you were not expecting any emails, leave the spam folder to be as it is.
Giving all your information on social media
If a hacker/attacker wants to get to know or steal your data and info for other purposes, the quickest way to get the info is via social media. Take for example Facebook and Instagram. People update what they are doing, the specific location they are at and even whom they are with. A little investigation on their profile can give you access to their emails, phone numbers and even other details about their friends and family members. To avoid this, always review the privacy settings to ensure that you are not exposed to many threats. Also, choose carefully on what you update or share on social media. Its recommended not to share personal information, your location, photos of minors such as your children and also details about your job. You should also be careful with websites that ask you to sign up with your social media accounts, read their terms and conditions carefully.
Mechanisms to ensure you are protected
Vulnerabilities have countermeasures that reduce impact when they occur, mitigate them or making sure they never happen. Here are simple solutions to use.
For companies, educating workers about cybersecurity is the most important thing. Companies should back up their data regularly and implement powerful control access mechanism to avoid anyone from accessing their systems. Individuals can also back up data, use a powerful malware detection and antivirus program. When browsing the net, ensure you have a reliable VPN to protect you from vulnerabilities. Also, try to keep your personal life out of social media to avoid cyberbullying and other threats.
In this digital world, you won’t know when disaster strikes, the best thing to do is to implement almost all security measures that suit you.