Over the last few years, data breaches have grown in both frequency and severity. According to Gemalto, data breaches compromised 4.5 billion records in only the first half of 2018. The most recent of these high-profile scandals is the Marriott data breach, where hackers stole private details from around 500 million customers. These details include names, addresses, credit card and phone numbers, as well as passport numbers and travel details.
While it’s not the largest data breach by any means, 500 million is no small number for such a sensitive breach. The data stolen can be used by criminals to commit identity theft, where they could convince targeted individuals to give up vital, personal information, like passwords or access to banking sites. The more convincing a phishing email is, the more likely someone is to reply to it.
Data breaches on the rise
There has been such an increase because, to date, companies have faced no real penalties for poor storage and protection of data – apart from reputation loss. Yet, in the near future, organisations will be fined enormous sums for allowing data to leak. People are also in a semi-state of ignorance, or deliberate ignorance, of safe computing practices. Cyber theft is becoming the fastest growing crime in the world but there is a severe shortage of cybersecurity talent – with unfilled cybersecurity jobs to reach 1.5 million by 2019.
HOW TO STAY SAFE ONLINE
- Review your online accounts and credit report – reviewing bank accounts, social media accounts, and mobile phone accounts regularly helps to flag signs of fraud or rogue charges. Banks are good at spotting fraud but, ultimately, it’s up to the individual to spot fraud on their account.
- Keep software updated – running the most recent software versions on any mobile operating system, security software, apps and web browsers is among the best defences against malware and other threats.
- Use different passwords – hackers often steal a login and password from one site and attempt to use it on other sites. Passwords should be long, alphanumeric, strong and unique. It is good practice to install a reputable password manager to create complex strong passwords stored in an encrypted file on a personal computer. This means only one master password is needed and the password manager will automatically log in to different sites with secure passwords.
- Register with haveibeenpwned.com – a website, which collects emails associated with publicly known website hacks. Submitting an email here makes it easy to see if personal details have been released in a website hack. Registering an email to receive future notifications if the it appears in a future hack. Watch out also for phishing emails from the site just hacked.
- Enable two-step authentication– many sites such as Apple, Microsoft and Google now ask to associate a mobile phone with an account. Two-factor authentication does not allow login without access mobile phone confirmation. Ultimately, this makes it much harder for criminals to change account details.
- Close old accounts – multiple unused accounts simply create more points of vulnerability. Sometimes that might mean having to go through steps to recover a forgotten password but it is worth it. The less online footprint, the better.
- Be cautious – unsolicited communications that ask for data or refer to pages asking for personal data should be carefully checked. Avoiding clicking on links or downloading attachments from suspicious emails is also a good precaution.
Indeed, despite increases in established attacks like phishing and ransomware and constant cyber-attacks, organisations can keep safe by remaining vigilant in their IT education of all employees reminding them to be alert and not to click on suspicious looking emails or links. We recommend ESET and CITSYS as one of the best IT solutions company in Ghana. Checkout their website from Data Security and protection solutions.
Article: Kevin Curran, Senior Member, IEEE
Image Credit: Google Images