- 5
- 5
Cyber attacks are getting more prevalent and ferocious every year. According to Samir Kapuria, Vice President and General Manager of Symantec’s Cyber Security Services, there were over 27,000 reported cyber attacks in the first six months of 2017 alone. And that is only what goes reported. Several studies show that over half of cyber attacks go unreported, most likely because they are undetected.
This is enough to make anyone throw up their hands. But there are several actions you can take to lower your general chances of being a victim as an average citizen. You may think that you are too inconsequential to be targeted by a hacker, but the simplest programs hackers use are not that selective. Many look for simple password weaknesses and automatically exploit them with no regard for wealth or status.
Some of these are called brute force attacks and work with simple malware algorithms that look for password cracks.
Another occurs when you are part of a large data breach. The recent massive Equifax breach should be wake up call. Over 145 million people were affected, and if your passwords are not secure, what was stolen through Equifax could reach any of your other accounts.
One way to protect yourself is to have a dedicated complex passwords for every site you use. This may seem annoying, but it is crucial for security. It’s said that the average user has 26 password-protected accounts and only an average of 5 passwords for all of them—most of which are likely derivative. For example, do you use 5 different and unique passwords?
How to create a strong password
Length: Passwords should be at least 12 characters long. A longer and more complex password is exponentially more difficult to crack.
Random: Ideally this password does not have any English words or pronouns in it. So one thing to do use is long phrases you can remember and then use the first letters of each word to make the password. So for a sports fan something like “The Chicago Cubs won the World Series versus the Cleveland Indians in 2016!” could be: TCCwtWSvtCIi2016!
Unique: It’s ideal to have a unique password for every site—that way if one is hacked nothing else can be breached. Remembering that many passwords can be frustrating so there are reliable password managers like LastPass and Dashlane that bury passwords under piles of encryption and boast that they are super safe.
Two Step Verification: This should be used wherever possible. If you’ve ever used an ATM, you use a version of this—you have both a card and a code—that’s two steps. In cybersecurity it usually means that signing in to a secure site requires both your login information and a code that is sent via text message. Facebook and Gmail offer these services and it’s useful to take advantage. Once you verify a device it will be “recognized” and you shouldn’t have to do it again.
Learn more about set up two-factor authentication on popular websites here.
One thing you may be wondering is if you should change passwords regularly. The answer to this question may surprise you. Most of the time, shifting passwords is not very useful. There are numerous reasons why this is, not the least of which is that it makes it more frustrating and therefore more tempting to use variations on a theme (or write everything on post-its at your desk … a definite no-no). That is not to say that you should always keep the same password, but changing it regularly might not be as effective of a deterrent as you think. Two step verification is definitely better.
Crazy ways hackers steal data
For many of us, the best we can do is be careful when facing phishing emails or receiving links from dubious sources. Hacking has gotten so sophisticated that it is nearly impossible for anyone who is targeted to really be safe. There are many bizarre ways that a hacker can access passwords and information, including with heat signatures, or even the sound of your computer’s fan.
Learn more about the crazy ways hackers can steal data below. And remember, a dedicated hacker with enough time and motivation can probably uncover your information. The best thing you can do is use protocols, like more complex passwords, to give yourself a fighting chance.
- 5
- 5
