Cybersecurity—Staying Safe in a Digital World

What exactly is cybersecurity? How do I stay safe while using the internet? These are two questions that are likely to be on many people’s minds.  Although more people are familiar with the basics of staying safe on the internet, a lot has changed since the early 2000s.  There are more sophisticated ways for cyber criminals to steal your information other than emails which tell you how someone has left a sizable inheritance for you and how all that money can be yours so long as you share your banking information.  However, the biggest challenge to staying safe is that most people lack the basic understanding of what cybersecurity is about and the evolving technologies that have emboldened cybercriminals across Canada and throughout the world.

What exactly is cybersecurity?

Cybersecurity is the practice of protecting critical systems and sensitive information from digital attacks.  The most commonly targeted points of cyber attacks tend to be computers, servers, mobile devices, electronic systems, networks, and other places where digital data can be stored.  As we move closer to a 5G world, a world where almost everything is digitally connected, the threats posed by cyber attacks can be extremely dangerous.

The costs associated with successful attacks can be quite significant and they can include the costs associated with discovering and responding to breaches, the costs of downtime and lost revenue, and long-term reputational damage costs.  Additionally, when cyber attacks occur at the individual level, they often result in personally identifiable information getting stolen including identification numbers, credit card numbers, banking information, but sometimes even nude photos and videos of an individual that were meant only for a significant other.

How do I stay safe while using the internet?

To better protect yourself from cyber criminals, it is important to understand how the “game” has changed over the years.  These criminals no longer need to rely on emails, credit card skimmers, radio-frequency identification (RFID) scanners or Facebook surveys that tell you which famous person you resemble.  The more modern ways of ‘data extraction’ that cybercriminals prefer center around malware, ransomware, and phishing schemes.  Think of malware as a type of evil software responsible for birthing viruses and spyware.  Think of ransomware as a child of malware that locks files, data, or systems, where the cybercriminals behind the attack demand payment, otherwise they will destroy that data or make private data become public.  Think of phishing schemes as messages that are made to seem authentic to dupe individuals—they might come in the form of emails and texts.  And I should not have to explain how those Facebook surveys from back in the day were designed to canvas personal questions, the same questions that are asked when people try to reset their passwords.

In order to stay better protected, it is important to rethink how we interact in the digital world and not falling victim as a result of cybersecurity misbeliefs.

The most common cyber safety tips include:

  1. Update software and operating systems so that you have the latest security patches.
  2. Purchase anti-virus software that detects and removes threats and make sure that you keep it updated for the best level of protection.
  3. Use strong passwords that include different characters and do not recycle passwords.
  4. Do not open attachments from unknown senders whether they come over email or text, but also be wary that the accounts of known senders can become compromised. So always be hyper vigilant about every attachment.
  5. Do not click on links from unknown senders whether they come over email, social media, or text, but also be wary that accounts of known senders can become compromised. So always be hyper vigilant about every link.
  6. Avoid using unsecure WiFi networks in public spaces because any activity that you do can be traced.

The most common cyber misbeliefs include:

  1. Cybercriminals are outsiders. In reality, most cybersecurity breaches are often the result of insiders who operate for themselves or with outside actors including organized groups backed by nation-states.
  2. Cyber risks are well-known. In reality, they are dynamic and constantly evolving, and that it is not uncommon for unintentional human error to contribute to them.
  3. Cyber attacks can only occur in a few places. In reality, everything that is digital is potentially a target for cyber attacks.
  4. Cyber attacks only target certain industries. In reality cybercriminals routinely target governments, hospitals, and anywhere else they think that they can potentially turn a quick profit.

A major misconception about cybercriminals is that they are external forces that operate outside our borders.  It is quite common for cyber attacks to originate from within, and “within” refers to insiders like current or former coworkers, business partners, contractors, and others who are familiar with the victim.  When the cyber attack stems from “within” it can be invisible to traditional security solutions, like firewalls and intrusion detection systems, that focus on external threats over internal threats.  These attacks from within could be especially damaging if they happen to be within our government and democratic systems.   And those systems and the people who manage them have strong incentive not to let their failures be known, because they are at constant risk of being voted out.

Truth and reconciliation in the cyber age

Yet despite all the threats posed in a digital world, society today is safer than ever before and its all thanks to technology.  Technology is also the reason why we can track threats in real-time, but we can also go back to right historical wrongs as was seen with the uncovering of unmarked gravesites of children who were forced into the residential school system.  In the case of the unmarked gravesites, a radar device was used that emitted high-frequency electromagnetic waves to detect turned soil, but not everything requires fancy equipment.

I am old enough to remember when people who made claims that Indigenous children in residential schools were abused and killed that those people would be labeled as “conspiracy theorists.” And now we are all convinced that there was much more inhumane treatment of Indigenous children than technology will be able to uncover.  The biggest obstacle that prevents us from making progress with the “truth and reconciliation” of our pasts, whether it be coming to terms with the treatment of Indigenous Canadians or coming to terms that individuals in positions of consequence have misused their powers for personal gain, it requires us to step away from the notion of believing that we need to protect the reputations of individuals who were believed to have been “honorable.”

Unfortunately for us, the only way to get to that “perfect society” is by facing reality—facing that the past has had, and the present may still have, undesirable truths, and it feels like we are not there just yet.  So, if we are focusing on how to make sure that the integrity of our institutions is upheld or how regain trust and confidence, well, one thing that involves is comprehensive reviews of network systems to root out any and all corruption, bring to light any failures that might be hidden, and enact sweeping legislative changes that make it clear that cyber crime will not be tolerated.