Wednesday, November 19, 2014

Security on the Internet, both on your closest environment and outside

Sometimes we focus on people who are outside our closer circles and forget about the ones who are nearer to us. Cybercriminals know that and take advantage of it to draw the victim’s attention to a misleading direction.

If you need to keep conversations private using an anonymous communication channel like Tor, cybercriminals will make you think that such system is impregnable, so you trust on it and deploy some of your services taking advantage of the alleged anonymity of such network. When suspicion surfaces, they will monitor all traffic going through most of its nodes. In fact, the kingdom of Tor is not as anonymous as you could thought, according to a paper recently released: 81% of daily traffic is not anonymous.

On the other hand, if you spend time in social media everyday, get ready for phishing campaigns disguised as viral videos. For instance, a video of a woman attacked by a shark. But if that is not enough, they could compromise some of your accounts and take control of your digital identity. Actually they success with 25% of users.

Some companies are aware of the situation, so they even hire cybercriminals to work "on their side". Indeed a hacker who has a history of misdeeds finds that he is better valued by companies in the UK. Former military and intelligence agents attract attention from critical industries such the banking one though.

At user’s level, it has been greatly warned what the dangers of connecting to public WiFi are. If social engineering already achieve success with not many difficulties, you put it even easier to cybercriminals when you send all data without auxiliary controls. You may want to force HTTPS connections, use VPNs and avoid any unnecessary connections as good guide practice in a high risk environment like public Wi-Fi networks.

On the apps side, the security landscape is gradually improving. Until 2012 WhatsApp was one of the most insecure applications in the market. Thereafter it implemented communications encryption. Moreover yesterday it reported its alliance with Whisper Systems to securize its service. The first step will be to encrypt end-to-end conversations.

All this quick notes revolve around the same principle: security depends on many factors. Some of them are external, and others are internal. The balanced combination of them minimize risk.


Post a Comment