Internet browsing is not a technology risk!
By Risk Performance and Technology group
Original, as it appears on Finance et Investissement – https://www.finance-investissement.com/
Without being alarmist, 2014, 2015, 2016 and the first quarter of 2017 saw record levels of cybercrime, cyber fraud and theft of personal information. Ransomware that demands payment to unblock your phone or restore your data is commonplace and can even be the public face of a cyberattack involving identity theft or theft of sensitive information.
In Quebec, many businesses have been affected and a good number of them have paid the ransom. Security is first and foremost our responsibility. It’s a mistake to think that Google, Facebook or any Web or mobile app publisher is prepared to take on our personal risk.
The rule, according to the FBI, in fraud and ransom cases, is “Don’t pay!” Paying could set you up for endless blackmail threats. You have to hold firm, communicate internally, educate your employees, don’t blame others, and reach out to cybersecurity experts who will deal with the cybercriminals and try to recover your assets. In the case of major fraud, don’t hesitate to call the SQ and/or the RCMP, as per the procedure in your internal security policy.
But let’s talk a bit about you…
Let’s call a spade, a spade.
Our cyberspace is a victim of “social neo-narcissism.” This term, which I coined a few years ago at a conference on modern cyber-hegemony and transhumanism, describes the 21st century trend (or more accurately, the pathology) that places our children, a portion of the 30-to-40-year-old generation, and ourselves, at the mercy of the need to always be “connected.” In the most extreme cases we find people who get up in the middle of the night to respond to or check comments on their posts of a few hours ago. You must be thinking, no way. Sadly, it’s all too true. This attention-craving group is a critical mass of the world’s largest community, Facebook, whose population is greater than that of India or China.
But what does this have to do with the topic of this article?
The fact is that these people often forgo outdoor activities like taking a stroll in the countryside, in a park or downtown in favour of wandering aimlessly in cyberspace, toggling between viral, sensationalist or emotional videos on YouTube, their crowded social media wall, miracle weight loss sites, pages promising abs of steel in no time flat and top 10 photos of the sexiest women on the Web or the cutest kittens.
That’s nothing new, you say. And you’re absolutely right. Up to this point, there is nothing different from what you would find in tabloids or on TV 15 or 20 years ago.
Except for one small detail that changes everything. Our “digital persona.”
This digital DNA can define us, often much better than our own parents could. A study conducted in early 2015 by Cambridge and Stanford universities of over 80,000 volunteers attests to this fact.
And therein lies the danger.
This digital DNA expands with each page visited, video watched (even partially), search, purchase, transaction and post written (even unpublished), corrected, nuanced and published.
Yup. All this seemingly unimportant information is in fact invaluable when correlated.
We become permanently recognizable, pursued and spied on for our actions and information: this computing power, which is sometimes too generally and awkwardly referred to as “Big Data” (the theme of a future article “From Big Brother to Big Data”) gathered by Web giants has created an unstoppable monster that’s completely unfamiliar to us. It has the ability to know what we’re doing, when, how and even why we’re doing it.
So what’s the problem? There is no problem—when everything is going well. Security breaches and information theft reached record highs in 2014, 2015 and 2016, and 2017 is shaping up to be even worse. And if you don’t see how your information could cause you harm, let me give you an example: how would you like it if your most intimate secrets, marital (or worse, extramarital) relationships, family issues or personal habits were used to blackmail you? The fact is that these shameless cyber-pirates won’t think twice about asking you to pay for their silence. Here’s another example. How would you like it if your personal information were used for commercial purposes without your knowledge, approval or compensation?
If you’re skeptical, you should know that the email and online passwords of most people have been sold on the dark net. This is also true for your company and its employees. To date, all the searches I’ve conducted as part of cyber intelligence mandates have yielded results from corrupted user accounts and valid, unencrypted passwords.
These are the kinds of problems that you could run into by leaving traces of your personality in cyberspace.
Some people tell me that their browser’s incognito mode is very effective. Sure it is, if by very effective you mean that you receive fewer targeted ads based on past Web searches. But data is still collected and associated with your digital DNA and can provide the most intimate details about you and your user profile.
The owner of a VERY popular free-access adult website claimed that he could provide his visitors’ browsing details and statistics, from their preferences to the average time they spend viewing adult content. Sometimes, based on the information he collects, he can also find out which sites they visited before his.
Some of you stream popular TV shows for “free” from illegal sites. You find “free” applications (no licence fee) via torrents or illegal download sites from which you download “cracks” and “keygens.” You should know that these sites, applications and torrents are full of malware ready to infect your computer. You’re deliberately putting your computer and digital DNA at risk and opening yourself to liability.
Now that you know that your behaviour is responsible for 95% of your exposure to cyber-danger while browsing and you understand that being careful can help you avoid the worst, here are a few solutions to help you with the remaining 5%.
Use a browser like Opera or Firefox, or better yet, Brave, and install the following extensions and add-ons:
- HTTPS everywhere, which allows you to maximize your browsing by using a more secure protocol.
- AdBlock, which speeds up your browsing by blocking unwanted ads.
- The new Brave browser, which will optimize your searches and facilitate reading.
- Consider adding your antivirus’s plug-in to your browsers: most antivirus programs suggest inserting or installing an extension on your preferred browser; it’s one of the best ways of finding out whether the site you’re visiting is attempting to run risky scripts on or from your computer.
- Make sure to ALWAYS have the latest recommended version of your browser by regularly trying to force the built-in update process.
- You can also use a search engine extension or a third-party application to clean temporary files, delete your history and cookies accumulated during your intensive Internet browsing (examples of third-party applications: Glary Utilities, CClearner).
- The “big” search engines know you better than anyone else we’ve talked about; Duck Go is a search engine that will respect your privacy and will not (at least for now) do any outrageous profiling.
You now understand that much like when driving, staying vigilant and being careful are the best ways to ensure your safety. Of course you also have to check the brakes, change the oil and do other maintenance. But it’s all the same: these two acts are tied to your maturity and awareness of the risks: you have to do it, whether it’s by yourself or by an expert. Don’t wait to see your life exposed and ruined by dangers you did not anticipate.
One last thing: remember to change the password for your Yahoo account if you have one; whatever you do, don’t use the same password everywhere; check sites like HaveIbeenPwned to see whether any of your online accounts have been corrupted; and apply these small security principles. As Jean-Pierre Claris de Florian said, “In order to live happily, live hidden,” and as Marcelle Auclair said, “If you want to be happy, you can’t be passive. Adopt the human being’s active attitude.” Take action and protect yourself. Remember, be vigilant and proactive.