For some reason, no matter how many time’s we’re warned, we tend to think that we’re immune to cyberattacks. Too many people use the same password for every account, don’t use extra authentication methods, and so on - because they think it’ll never happen to them.
I admit, I’m guilty of this way of thinking too—I was shocked to find out that my Yahoo! account was one of the ones that was hacked into a year ago, because who would want any of my data?
Sometimes it takes the hacking of a major company for the rest of us to wake up and realize that we’re not digitally invincible. Unfortunately, we had another reminder of this fact recently when Twitter (News - Alert) was hacked. Several high-profile Twitter accounts were compromised on Wednesday morning. BBC North America, Amnesty International and the European Parliament were some of the accounts that were hacked. The reason they were chosen is obvious—they have large audiences, making them the perfect venue for the hackers to tweet out swastikas.
Twitter suspects the hackers were able to access these accounts through a third part app called Twitter Counter.
We identified an issue affecting a small number of users. Source (News - Alert) was a 3rd party app and it has been resolved. No action needed by users.— Twitter Support (@Support) March 15, 2017
A breach of this magnitude is a reminder for all of us to check our Twitter settings to see which third party apps have access to our accounts. Although you or I may not be quite as influential as the European Parliament, it would still be bad if hackers were able to easily access our information.
In fact, this might be a good time for all of us to take part in a bit of digital spring cleaning.
Shaun Murphy, CEO of sndr.com and a former government security consultant, has some helpful tips for those of us looking to protect our digital information from prying eyes:
1. Remove connected apps from all devices
“Review and remove apps connected to your Google (News - Alert)/Facebook/Twitter/etc. accounts. These so-called “connected apps” can read your email, Facebook posts, or even post as you on Twitter,” says Murphy.
2. Turn on location services for devices
By using “Find My iPhone (News - Alert)” or Android Device Manager, you can remotely wipe your device of all information if it’s stolen.
3. Forego fingerprint passwords
According to Murphy, you should “Migrate away from fingerprints to a strong passphrase to unlock your devices. Fingerprints are better than nothing, but recent changes in the world have weakened your rights to protect your devices when you travel. Know your digital rights and your risks when travelling.”
4. Google your IoT devices
By searching for your product online, you can find out if there are any major security glitches. Make sure to read research papers or articles published about the product, especially if it’s new.
Murphy also offered several other security precautions, which are common sense, but aren’t done as often as they should be. For example, he recommends taking advantage of the security built into your device by using longer passcodes, two factor authentication apps and secure folders. You should also routinely wipe out search history and passwords; remove any apps you’re not using; use a VPN; and use AP Isolation for your Internet enabled devices.
Like I said, some of these precautions should be common sense. The problem is that it’s easy to forget or become complacent when it comes to cybersecurity. And, unfortunately, that complacency leaves the door wide open for hackers. Whether that open door leads to BBC North America or the average Joe down the street doesn’t matter—hackers want your data and, in the case of Twitter, will use any means available to get their message across.
Looks like it’s time for some digital spring cleaning.