CYBER SECURITY

Cyber means relating to or on the internet.; relating to information technology, computers or the internet.

Security means being free from danger or defence against anything that can bring harm.

Therefore cyber security is the defence any internet or technology user can apply to keep himself/herself safe or away from hacks, unexpected social engineering, internet security breaches, reputation killers and any form of regrets that may issue out from using or being present on the internet.

The internet is a world bigger than what you may have imagined. For example, there is a place on the internet where members of that community go to drop information of people they meet; whether the information is useful at the moment or not. It could be to the person's luck if another member of that community has something against the one whose information is had and is requested, then the person who has such information will make money by selling important information about you (being the one whose details is had) to the one who needs it. Then such information can be used against you. You see!

See the news on Hindu Businessline today, 18th May, 2020 "Cybercriminals use stolen American identities to claim unemployment benefits in US: Report."

The United States Security service is investigating fraudulent attempts by a Nigerian crime ring to claim unemployment benefits using stolen American identities according to reports.

A Nigerian crime ring has been using previously stolen personal data of American citizens to claim unemployment benefits. The matter is being investigated by the US agency, according to Krebs on Security.

According to the report, the hackers were able to exploit the weak cybersecurity measures of unemployment systems in various States.

The Nigeria-based cybercrime ring has stolen a “substantial” database of personal information including the data of government personnel, and school employees, according to the Krebs On Security report.

The cybercriminals are primarily targeting the Washington State.

According to a New York Times report, as States are flooded with unemployment claims the Washington State had realized that it had a problem in the past few days. Its unemployment office had been receiving calls from people who said that they had received the paperwork for unemployment benefits claims though they had not applied for it. (You can read up more on https://www.thehindubusinessline.com/news/world/cybercriminals-use-stolen-american-identities-to-claim-unemployment-benefits-in-us-report/article31612433.ece).

Something happened last three weeks, a member of a WhatsApp group I administer sent me a message to add one of her numbers to the WhatsApp group; which I did thinking she wants to start WhatsApping with that new number. So I added the number only to discover that someone used her phone to send me that message. As soon as the number was added, we started receiving all manner of messages (you know all those 'make Money messages with links').

Immediately, I removed the number and called our member to inquire how possible they used her number to perpetrate such act.

So any thing can happen. Think well and think broad before you take any action online.

Two things I will unleash here are:

 1. Things to consider to keep yourself safe as a user of cyber services. 

2. How to keep your website safe from hackers and safe for users.

I see everybody to be a hacker or a potential hacker. So, hack is not a big word to me anymore. It makes me put up characters that protects me.

THINGS TO CONSIDER TO KEEP YOURSELF SAFE AS A USER OF CYBER SERVICES.

1. Mind fake websites. If you mistakenly type goggle.com instead of google.com or facebokk.com instead of facebook.com, you may likely be surfing a hacker's website modeled to look like the real one. Hackers purposefully create websites with names that are common misspellings of websites they want to clone. This they do to catch a fish. So ensure you carefully and without mistakes, type the web address of the website you want to visit.

2. Do not use simple words, names, middle names, surnames or phone numbers as your password. They are easy to crack.

3. Do not use same password to open different accounts or on different websites in case the other is a phisher looking for means to get your password.

4. Do not use your year of birth as your ATM's pin or your phone's pin/password. It could be easily guessed.

5. Always make sure you know what persons do with your phone they collect it. Don't feel too relaxed or familiar. You can be set up. Remember that since you don't always need to login to Facebook, twitter, WhatsApp, etc all the time, you just put on your data, launch the apps and you are good to go, same way they take your phone, launch your apps and they are good to hack.

* Hack simply means access. So there is necessarily no coding to hacking. You see the reason why I see everyone as a hacker or potential hacker.

6. Be careful of phishing websites. There are many WhatsApp messages flying around, compelling people to register and gain bonus, bit coin, crypto currency or learn how to make money.  It could be dangerous to register in those websites. Please be careful. Those kind of websites can be avenues for hackers or social engineers to gather information about you and when next they contact you, they will sound so familiar that you will think it is someone that knows you very well or someone who cares and they trick you to end up giving them substantial information about you, anybody or anything they need.

7. Not all ecommerce websites are real. So buy only from trusted ecommerce websites that have registered physical office(s). The fake ones are ways hackers collect your details: including details of your ATM card, debit card, credit card, etc.

8. Before you give away any sensitive information through the internet, make sure the website is marked HTTPS and not HTTP.

9. Mind the apps you install into your phone or PC. Some apps present themselves to be useful but are used by hackers to rip your information. All they need is access to your device.

10. Mind fake alerts. Call your bank to verify any transaction that you are not sure of.

11. Hackers can try to reset your account's password and call (claiming to be calling from the bank, company or institution and asking) you to give them the reset code sent to you. If you do so, you are doomed!

12. Hackers don't get tired easily of trying to defraud you. They may try to perform a transaction with your account which will send you an OTP  code. Then, they will call you claiming to be calling from your bank (for example). And that they need the code to update your account. If you deliver the code, you're doomed!

13. Make sure you have a strong antivirus and firewall.

HOW TO KEEP YOUR WEBSITE SAFE FROM HACKERS AND SAFE FOR USERS.

1. Buy enough storage space and bandwidth that will serve the users of your website.

2. Buy SSL service. SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information. SSL will protect your users' details being imputed into the site from being intercepted.

3. Make sure you're protected against DOS (Denial of Service) and DDOS attack (Distributed Denial of Service attack).

4. Go through your codes again and again. Think over them and make sure there are no loop holes along the way. 

5. Always monitor your server and pages to identify any abnormalities before it becomes obvious.