Open in app

Sign in

Write

Sign in

10 Questions About Cybersecurity Answered

ROKKEX
The Dark Side

--

For some, October is the spookiest month of them, all that leads to Halloween. For others, October is the month of daily art projects and sketches as they join the inktober challenge. However, for us and many of you, it is, also, cybersecurity awareness month. That is why, today, we chose to answer 10 of the most commonly googled questions about cybersecurity.

Why Is Cybersecurity Important?

We all might understand the need to prevent your data, funds, privacy from being stolen or used without your consent. We all hear about new big hacks and data leaks every week. But unless you have been living under a rock or with the Amish, you should have noticed how many services and daily tasks were moved to cloud storage or became an online process.

The developing of our digital world means that there is a developing underground too. As our cybercrime prevention grows stronger, the hackers become smarter. Many of us understand why someone would be interested in taking your money or accounts, but just a few understand why someone would steal information about your likes, dislikes, habits, etc. However, the value of your data is growing. The number of people interested in buying it rises. We already know from the Cambridge Analytica case how the big data can help companies to manipulate people and events.

Of course, quite a few companies, such as ROKKEX, organize audits, bug bounty programs, and CTF (Capture The Flag) challenges. This way, companies stay one step ahead of people who could potentially try to attack their systems.

What Are Some of the Most Common Cyberattacks?

Malware — malicious software is installed into your system without your consent or knowledge.

Phishing — the type of attack when you receive emails that appear to be from trusted sources to gain personal information, login details, or influencing users to do something.

DDoS — a hacker make a machine or network unavailable by disrupting the services of a host.

Man In the Middle — attack occurs when a hacker inserts itself between the communications of a client and a server.

Malvertising — ads and pop-ups that install malware or redirects to the malicious site once clicked.

Drive-by download — a hacker plant a malicious script into an insecure website’s code, and you are attacked once you visit the site. The script might cause you to download malware without even noticing or redirect you to a malicious site.

Password attack — this is pretty self-explanatory. A hacker gets access to your password and thus gains access to your data, system, company. There are many ways to do it, and that is why you should use a Two-Factor Authenticator (2FA).

What Devices Can and Cannot Be Hacked?

To put it shortly, any device that is connected to the Internet or Bluetooth can be hacked. We already have stories of hacked cars, baby monitors, and even toilets. Technically, our entire cities and countries could be hacked if the government does not take the needed precautions. These attacks might give access to institutional (bank, school, financial, etc.) systems, but it also can give the intruder control of traffic systems, phone lines, etc. This has already happened in Florida, California, and some minor hacks in a few other cities and countries.

What Are Black Hat and White Hat Hackers?

Black hat hackers are the ones you hear the most about. The primary motivation for them is personal gain, which is usually in one way or another a financial gain. They are disruptive. They create malware, plan the attacks, and steal data.

White hat hackers are also known as ethical hackers. They offer their services to various companies or network owners to help them find any vulnerabilities before a black hat hacker does.

Though, as it could be expected, there are grey hat hackers, too. They will “test” the system without the owner’s permission and reports the issues afterward. They might both fix and exploit the vulnerabilities they have found. Some might do it for fun, and some for a fee that they will ask while reporting the bug to the owner.

Are There Any Cybersecurity Standards?

However, there are no standards set for users. We are usually free to choose how much and in what way we protect ourselves. Some companies do make us protect our accounts with more complicated passwords or 2FA, but most of the time, it is all up to us, and let’s admit it, we are lazy and count on companies to protect us. Google’s security engineer at Grzegorz Milkaless said than only 10% of active Google accounts used two-factor authentication back in 2018, and we use these accounts everywhere. Even though there are no standards set for us, we should take all the extra steps we can.

How to Know If I Am Being Hacked?

In some cases, the cyberattack is obvious. Your device is inoperable, does things seemingly on its own, or there is a troublesome message on the screen left by the person or group that hacked your device. However, many hacks are less noticeable, especially when it comes to hacking accounts and websites. It is important to notice small changes or notes.

Did you get a mysterious email that does not look quite right?

  • Check the email address
  • Do not click any links
  • Go directly to the provider’s website, if that is a service you use and ask them about this email

Did you get a suspicious pop-up about a virus on your device, or some ladies in your neighborhood?

  • DO NOT CLICK
  • Go outside and meet those ladies in real life

Did you get a notification or email about a password change that you did not request?

  • Report it to the service provider
  • Change the password of your email and (if you can) log out all devices that were logged in before the change
  • Change the password of that account

Did your home or office network become slow for no reason?

  • Check the hardware
  • Report the issue to the network provider or your office’s IT department

What Is a Botnet?

A botnet is a number of internet-connected devices that are running to perform a task. It is one of those things that were not created to do evil deeds, but are often used for it. The devices that make a botnet (computers, smartphones, tablets, IoT devices) have been taken over by a third party and can be used to distribute malware. They can infect your machine either directly (peer to peer) or through the server that communicates with the domain or network that you use.

What Is a Data Breach/Leak?

It is an unauthorized or unintentional revelation of internal data, such as information about the users, company, employees, organization’s financial or system information, etc. There are a few types of data leakage. The most common type (thankfully) is an accidental leak, such as employee disclosing information that was supposed to stay inside the company or a user accidentally leaking their credentials. Although the employee may sell the data intentionally, so companies that deal with sensitive information have to take all needed precautions to prevent such leaks. And of course, there are malicious data leaks during which hackers leak the information.

What Were the Biggest Data Leaks of All Time?

  • Yahoo

Affected number of records: 3 billion (2013) and 500 million (2014)

  • First American Financial Corp.

Affected number of records: 885 million (2019)

  • Facebook

Affected number of records: 540 million (2019)

  • Marriott International

Affected number of records: 500 million (2018)

  • Friend Finder Networks

Affected number of records: 412 million (2016)

What Can I Do to Protect Myself from Cyberattacks?

Many things can help you to protect your data and money. However, many people are looking for the easiest ways and get lazy when they come to realize that account security requires time. Here are a few basic steps you can follow to secure your data, money, and accounts.

  • Use strong, non-repetitive, personal passwords, and update them at least once or twice a year. If you find it challenging to manage and remember to use a password manager.
  • Update your devices and other software. Developers usually do at least some kind of security system adjustments with every major update.
  • Be attentive and cautious. Do not click links and ads that you do not trust, and do not reply to emails that you did not expect to receive. Find services and products directly and not through questionable emails or pop-ups.
  • Value your data. Do not provide your personal information where you do not see the reason for it.
  • Secure your most important accounts with hardware or software 2FA.

There were many questions about cybersecurity and how it all works, but these were all we could answer this time. If you would like to read more, here are some of our older cybersecurity-related articles:

At ROKKEX, we take security extremely seriously, and our crypto exchange is built on ‘Security First’ principle. We want to share our expertise with the broader public for the world to become happy, safe, and wise :)

If you have any ideas and suggestions, contact us at

Website . LinkedIn . Facebook . Twitter . Telegram . Reddit . Instagram

--

--

ROKKEX
The Dark Side

Written by ROKKEX

675 Followers
Writer for

Security First! ROKKEX is a cryptocurrency exchange built by cybersecurity and fintech professionals. Start trading now! https://www.rokkex.com/