Today we cannot live without the internet, one of the most basic resources among the new generations. Do you remember looking up information in an encyclopedia or going to a travel agency to buy a plane ticket or book a hotel?
It seems like ages ago, but the truth is that the network of networks has changed the way we do many tasks and opened the doors to new possibilities that allow us, for example, to work from anywhere or make a bank transfer from our phone with just one click.
Unfortunately, this relentless evolution is also present in the multiple threats posed by cybercriminals. We have come a long way since viruses were distributed on floppy disks and Morris and when the first worm hit the Internet in 1988, to today and the emergence of Trojans, spyware and ransomware, the main protagonists of cybercrime today.
According to Security Report 2023 of Check Point Software Technologies Ltd., a leading global provider of cyber security experts, cyber attacks increased by 38% in 2022 compared to the previous year, with an average of 1.168 attacks per week per organization. A situation that looks set to continue to worsen in the coming years. In Greece, the number of weekly cyberattacks reaches 774, with an annual change of -5%, which although shows a positive, organizations must remain vigilant and take all necessary security measures to protect their information.
All of this makes it clear that we need to be prepared to face these threats, and that's why Check Point Software is using World Internet Day as an opportunity to remind us of the "bad habits" we continue to maintain that affect digital our security:
• Bypass passwords: this is one of the most common mistakes and yet one of the most impactful practices in maintaining proper cyber security. We all find it easier to recycle passwords and use the same one for business and personal emails, but we put important data at risk. It's also very common to share them – Netflix or Spotify passwords, for example – and we often write them down or send them in a text or email to family or close friends. This reality translates into millions of users seeing their accounts compromised every year because they don't take care of their passwords. To avoid this, it is recommended that you create secure passwords, with at least 12 characters and a combination of upper and lower case letters, numbers and special characters. Likewise, it's always recommended that you update them every few months and not reuse them across multiple different platforms or accounts.
• Update, update, update: all systems and devices have regular updates designed not only to improve or fix usability, but also to apply patches for potential vulnerabilities. The message to update often appears at inconvenient times or when we don't have a Wi-Fi connection and we usually end up postponing or even ignoring its installation, unknowingly leaving an open door for cyber attacks. By simply keeping our devices up to date, we can avoid many of the vulnerabilities that can arise.
• Falling victim to misinformation: while most cyberattacks today focus on data theft, recently there has been an increase in hacktivism practices and other state-related threats. This type of practice often involves the distribution of disinformation with fake news or biased and incomplete messages that prey on the emotional side of users to create discord. For this reason, it is recommended that we use various sources when informing ourselves, as well as check any news or chain messages before falling into practices such as mass dissemination. One of the main pillars of internet security is common sense.
• Use of free wireless networks: to avoid using your own data, it is increasingly common to surf between hot spots and free Wi-Fi networks in restaurants, airports, train or metro stations, hotels, and even public or private transport. However, security researchers have proven in many cases that these types of wireless networks have little or no security. It is recommended not to access an unknown network, but if this is required, limit your use to basic browsing, avoid entering passwords or using sensitive applications such as payment platforms or banking access.
• Browsing and trusting insecure websites: one way to spot this type of fraudulent website is to look for minor errors such as typos, poorly written text, or the presence of misleading or poor quality images. However, the most effective method is undoubtedly URL parsing, with security indicators such as SSL certificates (indicated by the presence of a padlock next to the web address). or alerts, such as the presence of irregular characters or subdomains.