As internet-based services transform the lives of many, there is something that both individuals and businesses need to keep in mind: cyber crime is on the rise. We don’t need to go too far back in time to quantify the monetary damage that cyber criminals can cause.
There are ways to address this threat, but their effectiveness depends on the mindset of the public and how they think about cyber crime and its potential threat level. Given the severity of this problem brought on by increased connectivity, a new approach is needed, which means it is time to bust some of the myths surrounding the topic.
1. ‘Cyber Crime Isn’t Something I Should Care About’
If you are among those thinking that it won’t happen to you, then consider this: cyber criminals are opportunistic just like any real-life criminals. If they see an opportunity, they will take it: are you leaving your credit card and PIN unattended in public places? It’s logical that if you want to keep your balance intact, then you don’t do this; it makes sense to follow the same train of thought in the digital world, too, and adhere to some basic security rules.
People protect their homes from burglars by locking their doors and using security systems as second layer of security; the same approach needs to be taken with online accounts, too. The most basic steps in this matter are using unique passwords for every account, running up-to-date software, and using an antivirus program if applicable.
2. ‘Cyber Crime Isn’t a Real Crime’
Behind any cyber attack targeting either individuals or businesses of any size are professional thieves and gangs who have the same motivations as the criminals you might see on the streets: monetary gain, revenge, vandalism, or whatever else. The biggest difference between traditional crime and cyber crime is the scale and speed at which it is possible to conduct an attack. As internet-based services become more widely adopted by the public, businesses and governments, anyone connected to the internet is a potential target.
If it’s monetary damage, then some victims might be reimbursed for their financial losses. That may be the reason why there is a misconception that cyber crime is a “victimless crime”, but not everyone gets reimbursed. How about those people who aren’t insured or can be compensated by their banks? If you happen to be one of them, do you still think it’s a victimless crime?
The right approach is to report cyber crime immediately after you have become aware of it, otherwise you might need to pay a ransom to get your life back.
3. ‘There Is Nothing I Can Do to Protect Myself’
Security experts want to communicate one clear message: it is possible to protect yourself, just follow at least the basic security rules. However, this is where things get complicated and the message becomes confusing, because different online services apply different security policies.
Take the basic question of “What is a secure password?” as an example, users will have different answers depending on the platform they are registering for. Facebook’s policy requires a password with at least six characters consisting of letters, numbers, and punctuation marks, while Twitter and Amazon require eight-character passwords. However, security experts (ourselves included) recommend using a password that’s at least 12 characters long.
This inconsistent message from online platforms and security experts no doubt leads to consumer confusion, triggering the response: ‘If they don’t know what’s best, how should I know?’ This results in considering security to be optional, which is exactly what cyber criminals are waiting for. It’s like installing an anti-burglar system in the house but leaving the default security passcode.
So How Can You Protect Yourself?
Considering how much people are becoming linked to one another and to various services thanks to the internet, it’s important to realize that the very first level of defense against criminals is to take responsibility and apply the basic security rules to your digital life. Use unique and cryptographically secure passwords for every account (a password manager can help here) and enable two-factor authentication wherever possible.
Of course, protection can be taken to a whole other level by using a VPN service, as this would encrypt traffic and hide your real identity on the web.
Best Password Managers of 2018