Bringing It Home – The Saint Rose Blog

Cybersecurity 101, Part 4: Do You Know Who’s Following You?

woman at computer screen

 

In this installment for our cybersecurity series, our faculty experts discuss the judicious use of social media, potential risks from the Internet of Things, and hints that you may have been hacked.

 

The experts:

Dr. Zumrut Akcam, assistant professor of computer science

Dr. Kimberly Cornell,  assistant professor of computer science

Dr. Mark Gilder,  assistant professor of computer science

Dr. Ian MacDonald, professor of computer science, dean of the School of Mathematics and Sciences

 

We’ve heard not to broadcast our whereabouts on social media.

Gilder: You might not even be aware that you’re providing this information. For any type of media file, image, video, or audio file, there will be additional data present, known as metadata. If you take a photo, the metadata could include the date, time, location, and even GPS coordinates, so it’s important to make sure you disable this feature in your device. Someone could download a picture from your Facebook account and see the photo you posted of yourself at an event, for instance. They would be able to see it was taken five minutes ago, and that you’re out of town.

Cornell: Don’t “check in” from places. On vacation? Wait until you get home to share your photos.

Kim Cornell, Ph.D.

Dr. Kim Cornell

Some people post photos of their children. Even on Instagram, which can be seen by anyone.

Cornell: Someone could read your posts and learn enough to trick your kids into thinking you sent that person there to pick them up from school. It’s too easy to enable cyberbullying or kidnapping. I don’t post photos of other people’s kids without the parents’ permission.

MacDonald: Two of the most investigated cyber crimes are harassment and stalking. Think about it: Stalkers are just as high tech as anyone else. Your metadata, patterns, locations – you’re putting all that out there. No social media profiles should be public.

Cornell: Young people, in particular, can be very vulnerable. They’ll post things, like “I’m feeling sad today.” That can make them susceptible to predators.

People probably share things they don’t mean to.

Gilder: It’s really astonishing to see some of the things posted on public websites that people may think are benign, or someone trying to be funny. Always remember that this information never goes away. Potential employers will see it. Your customers may see it. Before sharing information with someone, make sure you’re OK with making that information available for everyone to see.

MacDonald: One thing I’ve learned is that if I have to contact someone regarding a sensitive topic or private matter, I’ll send an email that sounds like I’m Tony Soprano: “Want to talk about the guy, about the thing? Come to my office.” There’s no detail, personal information, or sensitive information.

Private conversation? Nothing beats face to face.

Or, if you have to, talk to each other over the phone – don’t text if you desire privacy.

Ian MacDonald

Dr. Ian MacDonald

Speaking of insecure sources of information, what about smart devices and the Internet of Things?

Cornell: People can hack everything: your computer, your webcam, your computer, your fridge camera that’s supposed to tell you when to buy more eggs, thermostats, baby monitors. Be sure to use devices that use encryption, and make sure to check the devices’ security settings.

MacDonald: These days, just about every device contains some form of computer. Take your car, for example: There could be 100 different devices, sensors, a lot of them potentially connected to the internet. It’s scary to think you are driving a weapon that could be hacked. There have been cases of cars being shut down remotely, or allegations of bugs being inserted to cause engine failure.

Gilder: Also, we provide so much information to corporations without even realizing it: Think of Amazon Alexa, or Google Home. They have a keyword they listen for; therefore, the devices must be listening all the time. The corporations claim they’re not storing that information, but you have to be aware of the devices we install in our homes, and how they might be misused.

Cornell: If your webcam light is on for no reason, you may have been hacked. If you notice anything abnormal, like your mouse moving or an open program that you didn’t open, someone else could be in control of your computer.

 

Mark Gilder, Ph.D.

Dr. Mark Gilder

What about wearable fitness devices like Fitbits?

MacDonald: Every device is designed to collect data that you hope will be used for your benefit. The information is likely being stored in the cloud somewhere, where a hacker could obtain access to it.

Cornell: Whatever it is, if it’s sending data, it already has a lot of information about you and your habits. If someone knows you go for a run every evening at 6, you could be stalked.

Gilder: I have this watch that’s connected by Bluetooth to my phone. It tracks quite a bit of data about my daily activity: It can record heart rate, GPS location, whether the wearer is awake or sleeping, and so forth. Again, we have to raise our awareness about these devices we allow into our homes and on our person, and what kind of data they capture.

Paranoid much?

MacDonald: The important thing to remember is that nothing is 100 percent secure. You take as many precautions as you can. So, the question is not, “How can I make myself secure?” but rather, “How do I make myself insecure?” Then, don’t do those things.

Gilder: We have to initially focus on the critical assets that we should be protecting. Do I care if someone sees my vacation pictures? Not so much. My financial records? Yes, definitely! I’ll take some steps to protect those. It’s a different mindset.

Cornell: Assume the internet is hostile. Assume we are working in an insecure network.

MacDonald: Assuming that your information is safe and nothing can happen to you is the biggest mistake you could make. It’s not a question of “if” but of “when.”

 

Top takeaways:
  • Manage your privacy levels carefully.
  • Remember that smart devices multiply hacking risk.
  • Private conversation? Take it offline and make it personal.

 

Next time: Our experts share tips for being more secure.

In case you missed any of Parts 1 through 3, take a look at:

Part 1: Our Own Behavior – Our Own Worst Enemy?

Part 2: Protecting Yourself Without Becoming a Hermit

Part 3: Privacy? What Privacy?

What do you think?

Comments posted on this site are held in moderation until approved by a site administrator. Vulgar, profane, obscene, offensive terms or personal attacks will not be tolerated.