Monday, July 14, 2014

Let's talk about cyber security even at the hairdresser

A lot of people consider information security a tedious topic, others think it is too complex and some others do not even know what it exactly means. Surely it is not the most common subject in a conversation at the hairdresser, for example. But the truth is that in a world in which Internet-connected devices have become an extension of our body, it is essential to be aware of the risks we face.

It is completely common to hear a hairdresser and his client talking about how they are training for a marathon. They could even mention that they are using social network Endomondo for recording their routes, their time or their heart rates. But surely they would not be aware that all Endomondo profiles are public and indexed in Google, by default. Therefore, their routes and times may be giving a clever thief too many clues about where they live and how much time they spend away from home.

If the barber and his client were fans of the British television series "Doctor Who" instead of running lovers, they could have spoken about the leakage of its eighth season opening episode, which will premiere in late August. It seems that the material was stored on a server at the BBC Worldwide Miami office which was not properly protected.

In another hypothetical scenario the client could tell the barber that he had just bought a latest generation smartphone and was trying to sell his old phone through eBay. Would he have made sure that he  properly erased all data? According to security firm Avast, with an Android device, it is not enough to restore the factory settings. They did the test buying 20 second hand phones supposedly wiped and managed to obtain 40,000 photos, 750 emails, 250 contacts and the identity of 4 of their previous owners.

In the event that the client admitted that he was getting a haircut because he wanted to look spotless for a business trip to Dallas, someone should advise him to use public computers at hotels with caution. Recently it has been discovered that some criminals manage to install keyloggers in some hotel business centers to obtain passwords to bank or email accounts and capture large amount of sensitive information.

It is dangerous even if he use a password manager such as LastPass, RoboForm, My1Login, NeedMyPassword or PasswordBox. Moreover researchers at the University of California Berkeley found several vulnerabilities in all those platforms. Some of them could allow an attacker to know the user’s login credentials to an arbitrary web site.

Anyway it is not very likely to hear your barber commenting that U.S. has charged a Chinese executive of having hacked aircraft manufacturer Boeing and other defense contractors to steal military data and advanced technologic projects.

You probably are not aware, but cybersecurity is much more present in your live than you think. It could even lead to endless talks at the hairdresser just like those we related in this article. So if you want to keep yourself updated about everything going on in the world of cybersecurity, we invite you to follow us through our social channels (find the links at the right sidebar) or here on our blog.


Post a Comment