Cybersecurity and Privacy

By jacob truong

01

Another substantial area of IT that I would like to discuss is cybersecurity and privacy. In the Age of Information, technology is the cornerstone of civilisation itself, and data an integral part that is almost omnipresent in all aspects of human’s society. However, as the Internet links everything and everyone together, never before has sensitive personal and professional information been in such a vulnerable position, with many prevalent risks of data leak and privacy invasion. Due to this alarming situation, a branch of Information Technology – Cybersecurity – emerged, endeavouring to protect computer systems and networks, as well as people’s data and privacy.

02

In order to better understand the necessity of Cybersecurity and Privacy protection, we have to explore the numerous problems of the cyberspace. First, we will take a look at the most relatable breach of privacy for the average user, and it is about the information that is collected by websites and services.

For example, on Facebook, you are required to input sensitive details about yourself, such as your real name, phone number, email, and home address. Next, the company will automatically collect more nuance types of data like your location, social habits, preferred news topic, favourite type of entertainment or activities. Then, they will create a personalised advertisement profile for you, allowing particular products and services to target you specifically. ^[1]

Facebook makes money through ads revenue [2]

While this does not sound like a big deal, over time, Facebook will have collected a sizable amount of your data and preferences, and these are lucrative targets for cybercriminals. In case of a security breach, not only would your personal details be exposed, but so will your behavioural records, enabling the hackers to use the information for nefarious purposes, ranging from selling them, blackmailing you with them, to stealing your identity altogether. If these data fall into the wrong hands, your own personal safety might be endangered. To make matters worse, almost all major web services employ a similar system and strategy, and these collected data are traded among these companies. ^[3] While statistically speaking, such extreme circumstances are rather infinitesimal, I think most people would still prefer a zero chance of any of this happening, over any chance at all.

03

Apart from hidden privacy risks from using online services, users are also very likely to be attacked more directly. On the more common and less-technical side of cyberattacks is social engineering, the act of psychologically manipulating people into performing actions or divulging confidential information.

A prime example of this is Phishing, the act of creating a fraudulent email or website that is almost identical to a legitimate source, such as a bank statement or a Facebook log-in website, in an attempt to solicit sensitive info like usernames, passwords and credit card details.

An example of a Phishing attempt

A common tech support scam

Another well-known tactic is organised phone call scams, also known as tech support scams. Have you ever surfed the web, and pop-ups appear stating that your device is now infected with a virus? Usually, a phone number is included with this notification, claiming to be technicians from trusted companies like Microsoft. If you call this number, a scammer will pick up the phone, impersonating professionals claiming that only they can help you with the problem. Then, they would either require a payment, or leave a backdoor virus on your device, for further exploit.

Moreover, aggressive, technical attacks aiming at you could also be a possibility. For instance, if you are a high-profile figure holding confidential company secrets, you are very likely to be targeted by cybercriminals. They might attempt to brute-force their way into your account (basically trying to guess your credentials) using a password dictionary, gain control of your systems through malwares, or to use multi-vector, polymorphic 5th generation (Gen V) cyberattacks combining multiple dangerous techniques.

The evolution of cyberattacks [4]

04

With such a number of cyber-vulnerabilities, let us explore some of the Cybersecurity techniques and implementations that would help us retaliate and secure our information. On the matter of social media privacy issues, unfortunately there are no absolute solutions. You can try to discontinue the usage of social media, but since it has become such an integral part of modern life, it is almost impossible to have a functional personal and professional life without a digital presence. Therefore, I could only suggest using these platforms for building up your professional profile, posting less about your daily life while using more secure applications like Signal for the need of social communication. Regarding personal tracking and tagging risks, the best method to tackle this is to use a VPN service such as ExpressVPN or NordVPN. These services will mask and encrypt your web traffic, allowing you to safely use the internet, at the traded cost of internet connection speed.

Great VPN services to protect your data

To combat social engineering risks, however, it is entirely depending on us and our cautiousness. Using common sense, we should be able to discern cloned websites from original ones by looking at the URL and avoid deceiving pop-ups and notifications. An antivirus like Bitdefender or Avast is indispensable in protecting your device and data from malwares and viruses. On the grand scale of corporations, it is generally best to have a dedicated security firm or department keeping a watchful eye on the sensitive secrets, always ready to employ countermeasures against cyberattack. As security is only as strong as the weakest link, employees should also go through mandatory information security training, minimising human-factor risks in protecting data.

Comparison between two of the best antiviruses on the market

05

Gone are the days of being safe in your own home, as a cyberattack can happen at any moment in time. The need to safeguard your personal information and secure your rights and freedoms is higher than ever, and because of this, the field of cybersecurity is on its way to becoming one of the most important IT fields in the upcoming years, ensuring a safe and bright future for the Information Age.

06

References

[1] “Data Policy,” Facebook. [Online]. Available: https://www.facebook.com/policy.php. [Accessed: 20-Dec-2020].
[2] B. O'Connell, “How Does Facebook Make Money? Six Primary Revenue Streams,” TheStreet, 23-Oct-2018. [Online]. Available: https://www.thestreet.com/technology/how-does-facebook-make-money-14754098. [Accessed: 20-Dec-2020].
[3] A. C. Madrigal, “Facebook Didn't Sell Your Data; It Gave It Away,” The Atlantic, 20-Dec-2018. [Online]. Available: https://www.theatlantic.com/technology/archive/2018/12/facebooks-failures-and-also-its-problems-leaking-data/578599/. [Accessed: 20-Dec-2020].
[4] “Gen-V Cyber Security,” Check Point Software. [Online]. Available: https://www.checkpoint.com/gen-v-cyber-security/. [Accessed: 20-Dec-2020].

Jacob Truong © 2018 All rights reserved