Connect with us

Expert Speak

Tips and Best Practices to Follow This Safer Internet Day

Published

on

Written by Renée Tarun – Deputy CISO and Vice President Information Security at Fortinet

The internet is everywhere in the modern world, used in personal, professional, and educational settings. Children learn how to operate a touch screen before they can talk, and older children enjoy various games and educational materials at their fingertips. But with the ubiquity of the internet comes the ubiquity of security concerns and cyber threats. These threats led to the development of Safer Internet Day, a campaign designed to encourage everybody – from kids to parents to educators – to play their part in creating a better internet. 

Here I highlight the importance of this initiative and provide tips for staying safe online. 

What is Safer Internet Day?
Held annually in early February, Safer Internet Day is a global event coordinated by the Insafe/INHOPE Network in Brussels with the European Commission’s support. In the United States, the event’s official host is ConnectSafely, a Silicon Valley nonprofit dedicated to educating users of connected technology about safety, privacy, and security. The goal of Safer Internet Day is to create a safer and better internet by raising awareness of how to use technology responsibly and respectfully. 

Why is Safer Internet Day Important?
As of 2019, over 85% of people living in developed countries used the internet making them potential victims of cybercrimes, including identify theft, financial theft, intellectual property violations, malware, and malicious social engineering. According to the Federal Trade Commission (FTC), 2019 also saw a peak of 3.2 million identity theft reports, most of which occurred due to internet use and nearly a quarter of which resulted in financial loss. In other words, cybercrime can cause all sorts of damage, meaning it’s essential for everyone who uses the internet to protect themselves, their data, and any devices they might have access to, whether at home, school, or work. Safer Internet Day promotes awareness of these potential threats and distributes resources and information that helps people engage in safer online practices.

Safer Internet Tips
Safer Internet Day provides an opportunity to reflect on your internet usage and safety practices. Here we provide a list of tips to help you get started: 

Educate and Encourage Positive Change

  • Instruct your family and friends on keeping their personally identifiable information (PII) private online by encouraging them not to share their real names with strangers or give out information about where they live. 
  • Establish clear online rules for children and teens to follow; this could include creating lists of approved websites and applications or requiring parental approval for certain activities. 
  • Ensure everyone in the family understands the importance of strong passwords, how to create them, and why they should not share those passwords with anyone else. Other password best practices include making a different password for each account, avoiding common phrases, and including numbers and special characters.
  • Talk to your family about media literacy and how to spot unauthentic sources and potential scams.
  • Discuss what phishing attempts are and how to identify them. Make it clear that no one should click on a suspect link or open unexpected attachments.
  • Encourage children and teens to come to a trusted adult if they are unsure about something they find on the internet or have concerns about a particular website or interaction.

Get Ahead of Potential Threats

  • Review apps that you and your family use and discuss any safety concerns about usage.
  • Install proper anti-virus software and other security features such as parental controls on your devices to prevent threats.
  • Leverage VPN technology in order to establish online anonymity and enhance security when browsing on public networks. 
  • Monitor that online purchases are made from secure sites. Recent threat research from FortiGuard Labs shows that ecommerce platforms are often targeted by cybercriminals.

Final Thoughts on Best Practices to Follow This Safer Internet Day
Creating an online presence can open the door for various cyberthreats, from social engineering attacks to data breaches. By taking the appropriate steps and following certain best practices, everyone can create an internet that is more secure for everybody, from children to adults. 

Artificial Intelligence

How AI is Reinventing Cybersecurity for the Automotive Industry

Published

on

Written by Alain Penel, VP of Middle East, CIS & Turkey at Fortinet (more…)

Continue Reading

Cyber Security

Positive Technologies Study Reveals Successful Cyberattacks Nett 5X Profits

Published

on

Positive Technologies has released a study on the dark web market, analysing prices for illegal cybersecurity services and products, as well as the costs incurred by cybercriminals to carry out attacks. The most expensive type of malware is ransomware, with a median cost of $7,500. Zero-day exploits are particularly valuable, often being sold for millions of dollars. However, the net profit from a successful cyberattack can be five times the cost of organizing it.

Experts estimate that performing a popular phishing attack involving ransomware costs novice cybercriminals at least $20,000. First, hackers rent dedicated servers, subscribe to VPN services, and acquire other tools to build a secure and anonymous IT infrastructure to manage the attack. Attackers also need to acquire the source code of malicious software or subscribe to ready-to-use malware, as well as tools for infiltrating the victim’s system and evading detection by security measures. Moreover, cybercriminals can consult with seasoned experts, purchase access to targeted infrastructures and company data, and escalate privileges within a compromised system. Products and tools are readily available for purchase on the dark web, catering to beginners. The darknet also offers leaked malware along with detailed instructions, making it easier for novice cybercriminals to carry out attacks.

Malware is one of the primary tools in a hacker’s arsenal, with 53% of malware-related ads focused on sales. In 19% of all posts, infostealers designed to steal data are offered. Crypters and code obfuscation tools, used to help attackers hide malware from security tools, are featured in 17% of cases. Additionally, loaders are mentioned in 16% of ads. The median cost of these types of malware stands at $400, $70, and $500, respectively. The most expensive malware is ransomware: its median cost is $7,500, with some offers reaching up to $320,000. Ransomware is primarily distributed through affiliate programs, known as Ransomware-as-a-Service (RaaS), where participants in an attack typically receive 70–90% of the ransom. To become a partner, a criminal must make a contribution of 0.05 Bitcoin (approximately $5,000) and have a solid reputation on the dark web.

Another popular attack tool is exploits: 69% of exploit-related ads focus on sales, with zero-day vulnerability posts accounting for 32% of them. In 31% of cases, the cost of exploits exceeds $20,000 and can reach several million dollars. Access to corporate networks is relatively inexpensive, with 72% of such ads focused on sales, and 62% of them priced at under a thousand dollars. Among cybercriminal services, hacks are the most popular option, accounting for 49% of reports. For example, the price for compromising a personal email account starts at $100, while the cost for a corporate account begins at $200.

Dmitry Streltsov, Threat Analyst at Positive Technologies, says, “On dark web marketplaces, prices are typically determined in one of two ways: either sellers set a fixed price, or auctions are held. Auctions are often used for exclusive items, such as zero-day exploits. The platforms facilitating these deals also generate revenue, often through their own escrow services, which hold the buyer’s funds temporarily until the product or service is confirmed as delivered. On many platforms, these escrow services are managed by either administrators or trusted users with strong reputations. In return, they earn at least 4% of the transaction amount, with the forums setting the rates.”

Considering the cost of tools and services on the dark web, along with the median ransom amount, cybercriminals can achieve a net profit of $100,000–$130,000 from a successful attack—five times the cost of their preparation. For a company, such an incident can result not only in ransom costs but also in massive financial losses due to disrupted business processes. For example, in 2024, due to a ransomware attack, servers of CDK Global were down for two weeks. The company paid cybercriminals $25 million, while the financial losses of dealers due to system downtime exceeded $600 million.

Continue Reading

Expert Speak

What the Bybit Hack Reveals About the Future of Crypto Security

Published

on

Written by Oded Vanunu, Chief Technologist & Head of Product Vulnerability Research at Check Point (more…)

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.