Yes, a criminal prefers to break the security systems of a large financial institution before accessing their accounts. But it turns out that the first is complicated and expensive, while the second is not so much. And, on top of that, you can replicate thousands, millions of times. "We must abandon the idea that our personal information and devices do not want anyone, because they are valuable," underlines José Rosell, managing partner of S2 Grupo. It is fundamental to understand this.
This is the first step: without them it is much more accessible. "Should be change passwords that come by default, take care that they are not the same in all the services and not share them ", point from Incibe. A possible technique to remember would take the initials of a phrase that you never forget, adding a date and a symbol.
It does not always give us the head to remember the passwords, especially if they are very complicated (which is how they should be). Using managers can help us in this tedious task, making passwords more complex and unpredictable.
- Antivirus, also in mobile
It is essential to have a software package antimalware on the computer and keep it updated. Attention: not all serve. From the Incibe they warn that, in some cases, users download free antivirus of unknown brands that they installed malware. It is advisable to be sure, as always, that what is being downloaded is legit.
The smartphones that are sold are pocket computers that we use daily. There are antivirus for Android and iOS which, among other things, warn you of which applications access photo files, contacts or emails without you being aware. A mobile is not as dependent on antivirus as computers, but protection is never too much. "Due to the design of its software architecture, mobiles implement protections that are more complicated to evade by the malware common. Its action capacity is lower than in a PC, but it is advisable to have antivirus, "explains Rosell, S2 Group.
Having updated the system solves security problems and adds defenses to the latest known attack techniques. Updates are especially important for devices such as smart televisions, a gateway to our personal data that, due to its novelty, we do not have too much control over.
- Distrust of the unknown
The phishing, or unwanted mail, is the access route of the vast majority of malware that we received (from 80%, according to Watch Guard). That is why it is convenient to be cautious with what comes to us. "It is advisable to distrust by default any email that requires clicking on a web link, especially those that ask to do so urgently. We must also suspect all unknown or unexpected senders and do not trust unknown attachments ", summarizes David Sancho, threat researcher at Trend Micro. Those emails will try to open a file or click on a link. Better not to do it.
- Do not trust Wi-Fi networks
There is hackers able to break the systems of a company entering the lobby of the same with your laptop and connecting to the Wi-Fi network. In the same way, some of the free networks can take advantage to install malware on the phones or other devices of the unwary who connect to it.
Some social networks, such as WhatsApp, already encrypt conversations. You can do the same with files, photos and other documents. That makes life very difficult for cybercriminals who want to appropriate sensitive data from others. To encrypt files you need to download an encryption program. There are open source, such as AxCrypt or DiskCryptor.
One of the malwares most common is the ransomware. It consists of getting the victim to download a file that runs a program that encrypts the data of the computer or device. The cybercriminal gets in touch with him and asks for a ransom in exchange for that data. A good preventive measure is to make backup copies. And not having them connected to the network.
We know how to operate the technologies, but we do not know the risks involved. Ignorance and overconfidence is, according to experts, the first thing we should fight. Everything that happens in physical space has a place in the cybernetic. Also the bad. Just as I would never give the keys of your house to an unknown person, no matter how much he asks for them, he does not do the same on the Net with passwords, data or account numbers.
When all of the above fails and you suffer a fraud, extortion or any other type of cyber attack, you should not leave it there. "In the Police we are there to help, to prevent crime and arrest its perpetrators. I encourage you to denounce ", says Rafael Pérez, Chief Curator of the Central Cybercrime Unit of the National Police.
Education and dialogue for minors
Cybercrime permeates all layers of society. The minors are not on the sidelines. Last year, 926 cases of threats and coercion were reported to minors through digital media, as well as 704 sexual crimes (excluding assaults or abuses), according to Interior data collected in the report Study on cybercrime in Spain 2017.
What can we do to make children and adolescents more protected? "I suggest, mainly, education," says Rafael Pérez, of the Central Cybercrime Unit of the National Police. "We must be aware of the dangers arising from the misuse of new technologies and transfer it to our children. For example, any file, comment or photograph that we upload to the Web can be used for purposes very different from the intention of the person who uploaded it. Our children should be aware of that loss of property, "he explains.
The Incibe has a portal, Secure Internet for kids (is4k.es), with information for parents. "The accompaniment should start when they are small, around 4 or 5 years, and finish on the 13 or 14. Everything that has not been done until then can no longer be done," says the director of Incibe, Alberto Hernández: "As of that age, the minors will start working on their own and can deceive us if we try to impose rules on them."
These are the recommendations of the Incibe to try that minors do not fall into the clutches of cybercriminals.
- Raise awareness and promote the care of privacy. Children must understand and feel involved in the implications and risks of not protecting privacy, and should know the consequences of not doing so.
- Do not encourage sexting or participate in its dissemination. Exchanging photos or messages of a sexual nature can turn against anyone.
- Develop self-esteem and social skills. Knowing how to say no and defending their arguments will allow them not to give in to social pressure. For this, it is positive to promote a healthy self-esteem, so as not to depend on the opinion of others.
- Know the privacy and security options. Parents should help them to correctly configure the devices and applications to avoid losing control of the information they keep.
- Facilitate an environment of trust. It is important to maintain family communication about these issues so that the child is able to ask for help and advice.
- Assess the necessary age and maturity. We must assess whether the child is responsible enough to use their own mobile phone autonomously without putting themselves at risk.