Advice and Tips
You’re not safe from attacks on your home office – and have to take this stuff seriously!
Tekna’s vice-president Elisabet Haugsbø feels strongly that all Norwegians should know how to protect themselves from becoming a victim of cybercrime in their own home.
You might’ve read and heard over and over about big companies getting hacked, Russia getting influence in the USA (or trying to, at any rate) and people getting scammed – while maybe thinking at the same time that you yourself are safe from what’s been happening ‘out there’. But there’ve been developments in the cybercriminal world lately that you just have to take seriously.
– Even if Norway isn’t on the list of the most popular countries to attack, this absolutely doesn’t mean that we’re safe. Just in recent months, a lot of people have experienced large-scale cyberattacks, insists Haugsbø.
– Attacks becoming more and more aggressive
Although cybercriminals can come from anywhere, historically speaking, a lot of activity’s been seen coming from countries like China, Russia, the USA and India..
– Of course, for people who become victims of cybercriminals, it doesn’t make any difference where the attack comes from. But we’re seeing a clear trend where these attacks are becoming more sophisticated, more targeted, better executed and, not least, more aggressive. Against private individuals as well, says Haugsbø, and continues:.
– Cybercriminals mainly go after money. Either as a form of pressure where they demand payment to decrypt data or return control to your system, explains the vice-president..
They can also sell information, passwords, bank information or data on the dark net..
– Do you think people are aware of the dangers, and what they can do to defend themselves against them?
– Unfortunately, I think that many still believe that «it won’t happen to me», or «I’m not a celebrity, so I don’t have anything of value», etc. And if you don’t know about the risks involved, you won’t have any motivation to put any defense measures in place, either. .
– The first step towards improving the situation is to admit that you have a problem and that there’s a risk. After that, you should familiarize yourself with what has value, for instance data, information and/or passwords, she says.
A lot of people in Norway don’t know what to do
A new study from The Norwegian Center for Information Security indicates that a lot of employees haven’t gotten any training at their workplace, and many are also struggling to activate a two-factor authentication (also called a two-step verification) on their digital devices. .
– The study also reports that many people aren’t capable of evaluating if an e-mail is dangerous or appears suspicious, and they can’t identify false websites, either, says Haugsbø. .
There are several things you can do – even starting in your lunch break – to protect you and your co-workers against cyberattacks:
- Get a good overview of the situation. Find all of your digital devices. Are you actually using all of them? Do all of them have to be connected to the Internet? For example, is it really necessary to have your stovetop online? Remember the phrase: «Less is more».
- Set up multiple networks, which is easily done on most home routers. You should set up a guest WiFi network so guests can log on without having to be on the same network as for example your work PC. This is a little bit like practicing social distancing during the pandemic. Having this network will prevent guests from unknowingly spreading a virus to your mobile devices and PCs on your own home network. In addition, all your devices should be on separate networks. By spreading them out, any vulnerability that arises could allow access to your single network, which is far better for everything you own with respect to digital data.
- Make a list of all your accounts and passwords: You need to know this information! In today’s digital society, it’s absolutely necessary to use a password manager, which is a digital (and much more secure) method of storing all the passwords for your different accounts. This is because you must never reuse passwords! Choose a password manager that suits your needs, and always use a two-factor authentication whenever possible.
- Practice data recovery. It’s like the annual fire alarm that goes off at your workplace for safety reasons; you should also ‘practice’ IT security. What happens if your PC becomes encrypted? Do you have backup in the cloud, or are you storing everything locally? What happens if one of your accounts gets hacked? Who will you contact? And how will you verify that it’s your account?
– Of course, while there are several other actions under each of these points, just remember the following: Keep all of your software up-to-date. And can you avoid having admin-rights on your regular user devices? .
Haugsbø says that you should use encryption as often as you can when communicating (for example, by using either Signal and encrypting e-mail or using ProtonMail). Delete all accounts that you’re not using. Activate login alerts on your accounts. And always use two-factor authentication. .
– In addition, delete your search history regularly. Always read the «terms and conditions» before accepting anything and, of course, remember to use VPN. While this list is by no means complete, it’s a good start towards practicing digital self-defense. You have to take this stuff seriously!