Part One
Cybersecurity threats continue to pose a significant risk to businesses and individuals around the world. As we increasingly rely on digital technologies, the risk of cyber attacks and data breaches is only growing.
Here’s a summary of recent statistics on cybersecurity threats from different parts of the world:
In the United States, the average number of data breaches per company was 2,935 in 2020, with a total of 5.2 billion records exposed. The average cost of a data breach in the US was $8.64 million.
In the United Kingdom, 39% of businesses reported having cybersecurity breaches or attacks in the last 12 months. The average cost of a cybersecurity breach for a small business in the UK was £8,460, while for a large business, it was £13,400.
In Italy, the number of cyber attacks reported in 2020 increased by 38% compared to the previous year. The most common types of cyber attacks in Italy were phishing attacks (44%), malware attacks (34%), and ransomware attacks (12%). The average cost of a cyber attack for a business in Italy was around €50,000.
Here are some best practices to help you keep your data safe:
- Use strong and unique passwords for all your accounts and change them regularly.
Enable two-factor authentication wherever possible to add an extra layer of security. - Be cautious about clicking on links or downloading attachments from unknown sources, as they may contain malware.
- Keep your software, iOS and operating systems up to date with the latest security patches and updates.
- Use a reputable antivirus and anti-malware software and keep it up to date.
- Regularly backup your important data to an external hard drive or to secure cloud storage service.
- Avoid using public Wi-Fi for sensitive activities such as online banking or shopping, as these networks are often unsecured.
- Be wary of phishing scams and always verify the authenticity of requests for personal or financial information.
- Use a virtual private network (VPN) when accessing the internet from public networks or while traveling.
- Educate yourself on the latest cybersecurity threats and best practices to stay informed and better protect yourself.
Account Security Mistakes
- Using the same password for everything.
Reusing the same password on multiple accounts is one of the worst things you can do to your online security. It’s like using the same key to lock your home, car, and deposit box – even after someone stole the key and could have made a copy.
With millions of records exposed in data breaches every quarter, it’s easier than ever for hackers to get passwords. If you use a single password for every login, cybercriminals can use the password leaked in one data breach to access all your other online accounts.
So if you quit one bad internet habit this year, make it this one!
What to do instead:
Create a unique password for every account, and use a password manager to store (and remember) these passwords for you.
2. Setting “123456”, “qwerty”, or “password” as your password
If you use “123456” as your password, you’re one of the 1.5M people who used and lost this password in 2022. The only password worse than “123456” is the password, “password.” And hackers can crack both in under a second.
Obvious number or character combinations and dictionary words are not good password material. Secure passwords should be impossible to guess for humans and take ages to brute force for computers.
What to do instead:
Create a unique password that’s 12 or more characters in length, containing uppercase and lowercase letters as well as special symbols such as %.
3. Not using two-factor authentication
If passwords are the first line of defense for your online accounts, then two-factor authentication (2FA) is the second.
How does it work? After you enter your password, your account requires a one-time passcode or other confirmation (e.g., clicking on a notification) to prove that you, not someone else, is accessing the account.
What’s the point? If your password is exposed in a data breach, 2FA prevents hackers from accessing your accounts using the leaked password as they are prompted for the one-time code.
Two-factor authentication is available on most online services, including Google, Apple’s iCloud, Facebook, Instagram, Twitter, amongst many others. You must never share your OTP (one-time passcode) with anyone!
What to do instead:
Enable 2FA on your accounts whenever it’s available. Usually, you can do so by visiting security settings on any particular website or using a third-party app, such as Google Authenticator.
Accidental Exposure of Sensitive Data
Some bad internet habits are conscious choices, like choosing an easy password for all your logins. But some bad habits may not be so obvious and could result in your sharing more than you actually want to!
4. Clicking on strange links in emails.
Many cyberattacks are successful because people open ransom emails they receive from strangers. And most strangers that send such emails are scammers and hackers.
Scammers use phishing and social engineering techniques to urge you to click on their links and these links take you to fake websites created to steal your passwords, credit card details, and other sensitive information. They can even come in the form as someone you know, or a service that you regularly use!
What to do instead:
Don’t know or trust the source? Don’t click the link. When you do know the sender, double-check whether the link looks accurate and whether receiving it makes sense because email addresses often get spoofed. Emails can also be designed to look almost identical to their official counterparts and we often receive emails which look like they are from Paypal. If you are not sure, don’t click ANY links that are in the emails – instead opt for typing the official web address into a web browser and login through there. Report any phishing or scam emails to the company they are pretending to be.
5. Visiting HTTP sites instead of HTTPS
The “HTTP” prefix you see on the website address usually indicates that your connection is not secure. What does it mean? Snoopers could see the data you share with that website as the data you transmit with that website is not encrypted.
What to do instead:
To be on the safe side, only browse websites that use an SSL – an encrypted connection, indicated by HTTPS and a little padlock in the address bar.
6. Checking your bank account on public Wi-Fi
Just like with HTTP sites, public wireless networks usually lack adequate protection. They leave you open to man-in-the-middle attacks and other nefarious ways for hackers and snoopers to get hold of your information.
What to do instead:
When on public Wi-Fi, refrain from checking sensitive information, especially if it’s work or money related. Or better still — get a virtual private network (VPN) and keep your communications safe even on public Wi-Fi.
7. Uploading files to the Cloud for backup.
The cloud saves precious storage, and most devices automatically sync your files to the cloud. But is your data safe while sitting comfy in the cloud? Often, it’s not. If someone steals your cloud credentials, they can access everything you keep in the cloud.
Moreover, most cloud companies can access your files if they want. A nosy employee with enough access privileges may snoop around in your private files. Or they may have questionable privacy practices enabling third parties to access your data.
What to do instead:
Encrypt your files before uploading them to the cloud or have your own private cloud services with BondiShare.
8. Ignoring device security and software updates.
The majority of people find software updates annoying. No wonder – updates tend to pop up exactly when you don’t have time to deal with them, they can take a long time to do and sometimes you can introduce problems. So what you normally do is hit the “postpone” button, thinking you will get back to the updates later.
But a lot of people forget, or it’s never the right time.
Keeping programs up to date is crucial to staying protected from malicious threats. Hackers love to exploit vulnerabilities in software and apps, especially those with many users, like browsers. Companies usually fix the issues immediately by releasing a patch in the form of a software update. But if you don’t install the update, the vulnerability is still accessible on your device, and you’re left exposed.
What to do instead:
If you don’t feel like checking for updates, enable automatic updates on your applications and have your devices install the updates whilst you sleep!
Digital privacy shortcomings
9. Being complacent about your digital privacy.
Many people use the excuse “I have nothing to hide” to justify their lack of concern for online privacy. While this may seem reasonable, it’s important to consider the many ways in which your personal information can be exploited by cyber criminals, third-party organizations, and even governments. In today’s world, data is highly valued and sought after. For example, internet service providers may sell your browsing history to the highest bidder, while social media giants like Facebook and Google collect vast amounts of personal information to display targeted ads and track your online activity.
Furthermore, some governments use data collection to monitor their citizens. This, combined with the potential for hackers and scammers to use your data for nefarious purposes, highlights the need for heightened awareness of online privacy concerns.
While ignorance may feel like bliss in the short term, it can lead to serious consequences such as being hacked, scammed, or overcharged for goods and services. Therefore, it’s essential to take steps to protect your online privacy and stay informed about potential threats.
What to do instead:
Take responsibility for your privacy. Get to know the dangers and online scams, think twice before sharing private information online.