National Cybersecurity Awareness Month Lesson: It’s Every Man for Himself
President Obama has designated October as National Cybersecurity Awareness Month, with the aim of familiarizing internet users of all ages about the threats that lurk on the web. For us over here at LogDog, this is like the best month ever – we LOVE teaching cybersecurity self-defense!
One of the main messages this campaign aims to get across is that cybersecurity is a “shared responsibility,” which is funny, considering that when it comes to cyber, it’s literally every man for himself – time after time after time again, companies, websites and even the government prove that if you put your trust in them to protect you and your information, then you’re going to end up severely disappointed.
The Government…Oh, the Government
The U.S. government is responsible for “the worst hack in the history of the United States.” In June 2015, it was announced that the United States Office of Personnel Management (or OPM) had , resulting in the theft of personal information of a whopping twenty-two million people (yes, you read that right). And not just any people – government employees. The data stolen included names, dates and places of birth, addresses, social security numbers, even security-clearance related data. Suspected to be the work of Chinese spies, this information would allow the Chinese intelligence agencies to easily recruit U.S. government employees to work for them as assets. (Whether this is true or not, we have no idea. But the facts still stand: this major breach occurred and it could have been avoided.)
And this OPM breach wasn’t the only incident where personal data leaked out of the government. When it comes to privacy of individuals and cybersecurity, the government is a bumbling buffoon. It has leaked everything from the TSA master lock keys that open every traveler’s bag to many login credentials of government agencies.
At least we can find solace in the fact that the U.S. government isn’t the only one that can’t seem to be responsible enough to safeguard its own citizens, IT networks and tools from cyber threats. The Germans aren’t much better, and the British? Even worse.
And Corporations, You Ask?
So if governments can’t be trusted, can we at least trust corporations? Of course not! Even when companies run and operate databases that, if leaked, would ruin lives, it is not enough to make them properly protect their networks.
I’m talking, of course, about Ashley Madison. The website that’s dedicated to adulterers has by a group that wasn’t really into what Ashley Madison was selling. No less than thirty-seven million accounts were stolen. The leak ended up resulting in two suicides in Canada. At least Karma paid a visit in this case and Ashley Madison CEO Noel Biderman stepped down after a third leak of internal emails.
One could argue that Ashley Madison is a relatively small company in a very shady line of business, so it’s no wonder people who played around with it got burnt. But stuff like this is happening on much larger and much more respectable corporations as well (not that we’re passing judgment here or there). Just this month it was revealed that Microsoft leaked user account identifiers in clear text. Meaning, Microsoft stored the information of these accounts on their servers unencrypted. This is, of course, a big no-no. While it’s not anywhere near as bad as actually having personal information leaked out, it does act as yet another proof that security isn’t always perfect when it comes to corporations that are entrusted with our personal information. The many data leaks from companies prove that point.
Cybersecurity Tips to Live By
So, if no one can be trusted and if every man is for himself, what can we do to protect ourselves? Here are a few tips:
- Familiarize yourself with online threats – The way to ward off scams and attacks is by being familiar with them. Phishing emails, for example, don’t work if you identify them as such. The National Cybersecurity Awareness Month is a good time to start researching, but there are so many online resources, where would you start? A good place would be our blog, where we discuss online threats quite a lot.
- Increase the security level of each online account – When you sign up to an online service like Facebook, Twitter or Gmail, you use by default very limited security measures. These measures can be easily increased through the account settings. Two-step verification, for example, can boost the security of each of your online accounts. To learn how to boost your security, read our guides.
- Always update your operating system and software across all devices – Hackers exploit vulnerabilities to install malicious software on victims’ devices, that are later used to steal information or to hold for ransom. While there are vulnerabilities that are so new there is no cure for them, most vulnerabilities are known and the criminals are simply targeting those with unpatched systems. Updating the software on all devices considerably reduces the chances of getting infected by malware and prevents the later consequences.
- Be aware of what you’re putting online – Always assume that the site, app or service that you’re using may get hacked tomorrow and whatever you uploaded will be available for the world to see. That means, nude pictures (remember the celebrity nude photos hack in 2014?).
And last, but certainly not least, get LogDog! If it’s every man for himself, then put into use a tool that works for you. Unlike other services that can only see what’s happening on their servers, LogDog turns your mobile device into a hacking monitoring station that looks at all your accounts and sees if there’s suspicious activity across any of them.
The service can be used across all devices and OS’s, so you’re always being protected. Here’s the Android and iOS links for you to check out