The holiday season is now behind us and as the new year is upon us it’s often a time for individuals to reflect on their behaviour and set positive goals in 2018. With all the online deals and bargains to be taken advantage of in the January sales, one important resolution you can make early this year is to reflect on the security impacts of your online activity and connected devices in the year ahead. Today, there are many avenues that cybercriminals can take advantage of – from the rise of connected devices in your home to fraudulent activities across retail and banking channels. So, what are some of the red flags you should look out for, and the steps you can take to avoid falling foul of security breaches in 2018?
Securing the Internet-of-Things
Connected toys such as mini robots and smart teddies are high on kids’ wish lists for 2018. Yet, fears about their security are justified. Unlike with smartphones and PCs that have been designed with security built-in, with toys, security is often an afterthought. The most alarming scenario is that a hacker could potentially communicate with a child through an unsecured Wi-Fi or Bluetooth-enabled toy. This could quickly escalate into something even more sinister.
As the home becomes increasingly connected, we will see more and more “things” become “devices”. Unfortunately, because things like doorbells, toys and kettles don’t hold any financially lucrative or sensitive data or information that a hacker would want to get hold of, the security standards on these devices can be lax to say the least. The problem with that is that they are still an entry point to other devices connected to your home network which do contain information that needs to be kept secure.
If you think about your home as a collection of things which connect via Wi-Fi, Bluetooth and cellular networks, then everything in your home is a potential vulnerability through which a hacker could gain access to your network. Even if your Wi-Fi connection is password-protected, if a hacker can access a toy that is connected to it, they could then infiltrate data on your devices such as smartphones, laptops and TVs. Once they have access to those devices, they could steal sensitive files, or hold your applications and data hostage, demanding a ransom from you.
Suddenly, the security standards of the connected toy are an issue of genuine severity for you and your family. For peace of mind, consumers should only buy consumer technology products from trusted retailers and manufacturers and ensure that they come with robust security built-in.
Staying safe when shopping online
The new year period leads to an upsurge of online activity, with consumers rushing to take advantage of the January sales. However, this also leads to a surge in online criminal activity. According to a recent survey by Barclays, 52 per cent of consumers said that the lure of a bargain can get in the way of checking website security credentials.
You can get ahead of retail fraudsters by taking the time to ensure the websites they’re accessing are genuine sellers. Generally, genuine websites will have additional signs that mark them as secure, such as a “https://” address. Another quick way to check if a website is secure or not is by looking out for the lock sign, which is a standard feature among web browsers that denote a website that has been marked as secure. Fraudsters often replicate reputable sites and retailers to trick consumers, so it’s always worth double checking the address. Before clicking ‘confirm’ at the checkout, you should always ensure that the payment system on offer is reputable. If in doubt, contact your bank.
Security at work
At work especially, there is seemingly a perception from employees that their work devices are fortified, impregnable machines that are completely immune to influence from the outside world. So, employees often operate under the assumption that if they click a link to a seemingly harmless and enticing online sales promotion when they have no idea who has sent it and what it will trigger on their work machine, there will be no consequences.
The reality, however, is that a malicious link from an unknown sender could infect your email application with a virus that would automatically send the file to every address in your contact list. You may have a sleepless night with people from all over the world phoning your mobile asking what the suspicious email you have sent them is and whether they should open the file or not. While this is a very tangible impact for you as a consumer, such an attack means your device is being used to infect other devices, and eventually bring the entire network to a standstill. This then allows cyber-attackers to gain access to sensitive, valuable and incriminating data and extort a ransom from your company.
The key takeaway for consumers is to take a more proactive view on cybersecurity this time of the year. Exercising additional vigilance in 2018 means that you won’t get caught out by cybercriminals. In today’s increasingly connected world it is more critical than ever to extend an increased awareness of cybersecurity issues in every aspect of our lives.
Read one of our previous blogs on the security for the Internet of Things.