There is a lot of talk in the news recently about the vulnerability of our phones and computers to hackers, viruses and malware. Many of us tend to brush off these concerns by telling ourselves either there’s no reason for us to be a target (after all, none of us are celebrities) or that we have nothing to hide (do you think it’s worth hiding your bank account credentials?). An FBI report estimates victim losses for 2017 to be $1.42 billion over approximately 284,000 incidents ($5,000 per incident, on average) and this number grows every year. Also, don’t assume your bank will cover any cyber-related losses. If it’s determined you were negligent in securing your system, you may be on the hook.
Rather than add more fuel to the fear-mongering fire, I’d just like to provide a few simple recommendations to improve your operational security (op-sec).
The bad news is that every phone and computer has vulnerabilities that can be exploited by a determined bad-actor. The good news is that most of these vulnerabilities haven’t yet been discovered by the “bad guys” in the latest operating systems and apps.
Here’s how this typically works. Let’s say a security researcher at MIT discovers a vulnerability in the Safari web browser included on the latest version of iOS (this is the operating system running on Apple iPhones and iPads). As an ethical hacker, this researcher notifies Apple and agrees not to disclose the details of the vulnerability to the public until Apple ships a fixed version of iOS. Once Apple makes this new version available for download, the researcher publishes the details of their findings.
As you might expect, hackers are studious readers of these vulnerability reports! They’re great recipes for writing viruses and malware because they often explain exactly how to exploit users not running the latest operating system. Hackers also know that almost everyone procrastinates when it comes to installing updates and they take full advantage of this.
However, it’s easy to stay up-to-date!
If you use an Apple iPhone, you should receive a notification from Apple when an update is available. If you can’t install the update immediately, let’s say you’re at work or on the road, remember to install it once you get home by tapping Settings > General > Software Update. Apple also provides a good tutorial.
The apps running on your phone also frequently need to be updated. Apple provides an automatic update feature which I highly recommend. This can be enabled by tapping Settings > [your name] > iTunes & App Store. You can also follow these detailed instructions from Apple.
If you use an Apple desktop (such as the iMac) or laptop (such as the MacBook), system updates are delivered via the App Store. Follow these steps:
That’s it! Taking these simple steps will help keep you one step ahead of the bad-actors.
In addition to this, there are a number of other things you can do to protect yourself online, including blocking malicious ads, using a password manager, securing your home network and more. When I have time, I’ll put together emails on these topics.
Copyright ©2018 Michael Watts. All Rights Reserved.