Welcome to ‘The Anti-Virus Report’.com – where we help you decide on the best anti-virus solution for your systems – whether a home computer, or a commercial email system – we will help you decide by giving you the best and most up-to-date information.
There are few technological innovations within the consumer space as revolutionary as the smartphone. These gadgets have allowed people to access the power of the internet regardless of where they are, which is both an incredible gift and a terrible curse. While having just about any piece of information you'd ever want right in your pocket is fantastic, smartphones are also just another avenue for hackers to exploit you.
However, this doesn't mean you should chuck your device in the trash and live off the grid. Rather, you should be mindful of how you use your smartphone and how you can prevent a cyber attack. To that end, let's take a quick peek at the top three tips for better smartphone security:
1. Use a password, not a PIN
Before delving into any complicated digital attacks, let's first discuss how a hacker might gain access to your information by gaining physical access to your phone. According to a study conducted by the Consumer Reports National Research Center, around 5.2 million Americans either lost their smartphone or had it stolen in 2014. Therefore, it's imperative that you properly secure your device.
"PINs are a lot less secure than an actual password."
A lot of phones start you off with a four-digit PIN, but these are a lot less secure than an actual password with words and numbers. iPhone users can change this by going to Settings, then selecting Passcode and turning off the Simple Passcode option. Android owners should go to Settings and select Lock Screen to get options for locking the device.
2. Be cautious around public Wi-Fi networks
To encourage customers to stick around and buy more, a lot of companies have started implementing free Wi-Fi in their establishments. While this is great for those that don't have a reliable connection at home, you should be cautious about using these services. Due to the fact that these public Wi-Fi options aren't encrypted, hackers often employ something called a man-in-the-middle attack, which is where the criminal basically watches all the internet traffic that passes through the unsecured network.
This is worrisome because a lot of people transmit sensitive information over their mobile devices. In fact, the Pew Research Center found that 57 percent of Americans use their smartphone for online banking. Although there's nothing wrong with checking out your finances on the go, you should make sure you aren't doing so on a public Wi-Fi network.
3. Never trust third-party app stores
A lot of people have started to turn to third-party app stores, as the vendors sell products that the standard stores simply don't. However, there's a reason more established institutions turn these apps away. Hackers often use lax security policies at these marketplaces to attach malware to downloads without the consumer even noticing. To ensure the safety of your device, it's best to simply avoid these third-party app stores altogether.
Related Anti Virus Articles
The internet has now become so versatile that companies have begun to get creative with how they use it. Enter the Internet of Things, a trend that involves giving everyday items the ability to connect to the internet. Everything from refrigerators to thermostats are now part of the IoT. While this trend certainly has its benefits, it's still struggling with security.
Certain hackers have even begun to figure out how to use these devices in order to create botnets, or collections of connected gadgets that can be used to attack a target. So, what does the average consumer need to know about IoT security, and how can they avoid becoming part of a botnet?
Lizard Squad attack was huge
"The most likely attack vector here is default passwords."
To understand this problem, you must first be introduced to what a motivated cyber criminal can do. The most recent of these would be the LizardStresser botnet attack that was levied against institutions in Brazil and the U.S. This particular incident was a distributed denial of service attack, which is basically where a hacker uses all of the machines under his control to send massive amounts of data to his victim's servers. These computers simply aren't able to handle the onslaught and often crash as a result.
However, this aggressive move was unique. Aside from the fact that it utilized IoT devices rather than conventional computers, it was also found to be a 400 gigabits per second attack, according to ComputerWeekly's Warwick Ashford. To put that into context, Oliver Cragg of the International Business Times reported on a 470Gbps attack that has been considered by many to be the largest on record to date.
While the LizardStresser incident is certainly terrifying in scale, the reason this is relevant to you is how the hackers ended up gaining control over these IoT devices. The most likely attack vector here is the default passwords that these gadgets often come with. When a manufacturer makes a connected machine, they also have to test it to ensure it works. This means that they need administrative privileges, so they'll often program in default passwords.
The issue with this is that people very often don't change these passwords when they bring the device home. This means that a hacker can often find these login credentials online, or even use a computer to guess common phrases until they have access. Due to the IoT's relatively new notoriety, coupled with the fact that people often don't understand the need for securing devices that aren't traditional computers, cyber criminals can compromise a large swath of devices without much effort.
More IoT devices = more targets
Computer science in general is all about taking the path of least resistance, and hacking is no exception. So, it makes sense that cyber criminals would target an attack vector that is not only unsecured but also extremely numerous. This last point is going to majorly affect the IoT's security in the years to come, as industry experts agree that this trend is only going to get larger.
Exactly how many gadgets will be under the IoT banner in the future is a topic of hot debate, but it's reasonable to assume this number is certainly going to increase quite a bit. Gartner has predicted there to be more than 20 billion IoT devices up and running by 2020. That's a huge amount of machines to play with. If only a fraction of those are left unguarded or protected by default passwords then a hacker could recruit as large of a botnet as he desired.
Users need to know the risks
The IoT is an incredible advancement, and just because there are some issues here doesn't mean you should avoid the trend altogether. There's clearly a major danger here that the industry itself needs to address, but at the end of the day, people need to take responsibility for the security of their own devices.
The best way that you can protect yourself is to change the default password on any gadget that you purchase. Hackers are relying on you either forgetting about doing this or simply not caring, and they will exploit this for personal gain.
What We Have to Say:
Related Anti Virus Articles