We’re spending more time online and cybercriminals are finding the weak links in our daily digital habits
The first computer virus, created as part of a research project by Bob Thomas in 1971, was considered a harmless creation to see whether or not a programme could replicate itself as it journeyed through a network. It did just that and had the added feature of leaving traces of itself behind, a signature that displayed a message, “I’m the Creeper: Catch me if you can”.
Ray Tomlinson, the computer programmer who invented email, accepted this invitation and created Reaper, a programme that would search for copies of Creeper and log it out of devices. This is one of the earliest forms of virus and antivirus technology.
Internet security threats have come a long way since then and with the not so well-intentioned at the helm, but rather cybercriminals looking to do more than just leave a ‘come and catch me’ calling card. Malware, ransomware, phishing scams and cryptomining malware are expected to result in annual losses of up to $1 trillion globally. Konrad Adenauer Stiftung’s Cybersecurity in the Middle East and North Africa report from July 2019 found that the region is particularly at risk when it comes to cybersecurity.
Life goes digital
With the world’s swift transition to living much of our daily lives online, cybercriminals are looking to take advantage. In a time of great uncertainty, these malicious actors are exploiting our fears with socially engineered scams like posing as health officials from the World Health Organisation in phishing emails to deceive people into handing over their personal details.
Office networks were under the watchful eye of IT departments, but now we’re on our personal networks at home doing everything from work and schooling to banking and shopping.
The likes of UAE-based fintech app LuluExchange saw an increase of 15 000 downloads in 10 days. South African food delivery service OneCart reported a 700 percent increase in website traffic, while online supermarket Ocado’s servers thought they were under attack because of a spike in demand from customers looking to stock up on pantry staples.
When it comes to work, collaborative tools like Microsoft Teams experienced a 775 percent increase in calls and meetings in Italy during March. E-learning platforms such as the Rwanda Education Board’s website saw a 730 percent surge in visits as schools closed and classes went digital.
These activities are taking place on our home networks, a place where we are generally more relaxed because we feel safe. And while we download the latest video conferencing apps, make that quick internet banking payment or log our children into their lessons for the day, we should feel at ease but with a few small changes to our online habits.
Microsoft is constantly improving on its capabilities to pick up on these malicious calling cards from cybercriminals. Each day, Microsoft’s Intelligent Security Graph analyses over 8 trillion threat signals to identify emerging threats.
Most cyberattacks start with email, which is why Microsoft uses a multi-layered defence system that includes machine learning, detonation, and signal-sharing to seek out and shut down email attacks. These mechanisms detect and block malicious emails, URLs, and attachments from an inbox before they are opened. They are then analysed for additional insights, used to train machine learning models, and then shared with Microsoft Defender Advanced Threat Protection.
These advances in Microsoft’s defence make it increasingly difficult to breach systems, but hackers often look for the easiest way to get in by searching for the weakest link. Practicing good cybersecurity hygiene can go a long way to making these weak points impenetrable.
Phishing scams are just one of the ways criminals deceive users into handing over personal information such as bank details, but there are things you can do to protect yourself. Red flags include general greetings or the incorrect use of a name, poor spelling and grammar, as well as language that evokes a sense of urgency. You can also check the origin of the email, where its internal links redirect to and attachments.
One of the easiest safety measures is keeping a device’s software updated. Downloading the latest antivirus patches and operating system updates like Windows Update on a regular basis helps keep a computer protected and improves its efficiency.
Time for a password reset
NordPass compiled a list of the most common passwords from 500 million passwords involved in various data breaches from 2019. Topping the list was ‘12345’ followed by ‘123456’. While these might be easy to remember, these kinds of passwords put privacy and personal data at risk.
One solution is to use a password generator and manager. Another option is to go passwordless with the likes of Windows Hello which uses biometric data such as a finger print or facial recognition, while the Microsoft Authenticator app uses your phone to login to your accounts. And just for an additional layer of security, enable the two-step verification across your devices and Microsoft account.
Checking a browser for a secure link can help keep personal information out of nefarious hands. In your browser, a secure website will either have a closed padlock or the link will start with ‘HTTPS’ (hypertext transfer protocol over secure socket layer). The ‘s’ at the end is very important as it is a sign that the website is encrypted to prevent the transfer of data. Websites that are missing a padlock or are missing this ‘s’ from the link, make data on the website easy to read, so it’s best to double check the link in your browser before logging in.
A Virtual Private Networks (VPN) offers users a layer of privacy for their online activity and data. Your home network is considered more secure than the free, public Wi-Fi, like the one at your local coffee shop. However, a VPN creates an encrypted connection keeping your browsing, passwords, credit card details and any other personal information private from prying eyes.
Never have we needed to rely on technology more than we do now. So, while we adjust to this new online way of life, it’s important to pair it with good cybersecurity hygiene to keep criminals and their calling cards at bay.