Few days ago, I shared some insights with colleagues on an aspect of cybersecurity – “How can users manage or prevent loopholes (in other words, vulnerabilities) on their electronic devices or across a network of systems?” My previous learnings, testing and virtual lab works came in handy for this routine.
WHAT ARE VULNERABILITIES IN CYBERSECURITY?
According to the National Institute of Standards and Technology (NIST), a vulnerability is any Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.
In a simplified term, a vulnerability is a potential weakness in an environment that opens an individual (or an organization) up to cyber attacks. On the long run, such weakness can be taken advantage of by cyber attackers.
CAUSES OF VULNERABILITIES IN DEVICES
The causes can be overlooked actions that are required when setting up your devices (phones, laptops, systems, wireless routers etc.). In other words, ignoring the use of passwords on your phone or even worse, using common names of pet animals for instance to password-protect your laptop, your home wireless routers can place your devices and networks in a vulnerable state.
These are highlights of some common causes of vulnerabilities that your devices can be susceptible to:
- Not setting up passwords to access your routers (wireless or otherwise), laptops, phones or Internet of Things (IoT) devices.
- Avoiding updates that are available for your devices. Information about these updates are usually sent from your device’s manufacturer to your devices in form of pop-up messages, emails or the likes. Choosing to ignore or indefinitely postponing the installation of these updates leaves your devices exposed to possible risks from cyber attackers.
- Using weak passwords (or credentials). There are databases of passwords accessible to cyber criminals. These databases entail various names ranging from pet names, dictionary words and much more. Using common names or names similar to any on such lists exposes your devices to possible brute-force (password-guessing) attacks, where by the attacker can gain access into the targeted devices without the owner’s knowledge.
HOW TO PROTECT YOURSELF
No one wants to imagine, talk less of experiencing that moment where by you cannot access an app as usual on your mobile phone, or an instance such as not being able to login to your laptop/system, or you realize you are not the only one connected to your own wireless router, yet you are certain no one else has the password. Looking at the common causes discussed earlier, there are steps you can take to prevent such nasty experiences. They include:
- Protect your devices. It could be through passwords, multi-factor authentication, utilizing biometric features. This will prevent a third-party from gaining easy access into your devices
- Use strong passwords. These include a combination of alphabets (upper and lower cases), numbers and special characters (*-!@+) in one word
- Install system/device updates when they are available from the device manufacturer. As much as these actions can be inconvenient in any way possible, it is always advisable to apply these updates for your systems and data’s safety
- Create and store a regular backup of your data in a remote location that is not always connected to the devices you use everyday
- Consider using a security suite on your devices. It could be a freeware or a trial software for you to start with before deciding to invest a specified amount, moving forward
- Lookout for, and avoid clicking (Phishing Messages) links when you are not sure of the source. These come in form of emails, text messages, social media chats or posts. If you mistakenly do click such and you realize it afterwards, swiftly notify your Tech Team/contact for advice or assistance
- Seek technical advice if you feel the need to. It may seem uncomfortable but the downside of not taking any step and not asking for help when needed can cause greater concern on the long run
As much as it may seem like an extra work or even unnecessary sometimes, majority of our activities are now connected to the digital space. So if you cannot imagine loosing access /control to some or all of your data, devices or your personal technology space, then take a proactive step to protect such and avoid experiencing the unimaginable. The sooner you act, the safer it will be for your devices. Protect your data.