What If Cybersecurity Culture Is a Solution
Take a glance at the most discussed cybersecurity topics of the week.We guess that hackers were listening to AC/DC and imagining a car speeding down the highway, when one of them proposed: Why don’t we try to take control over a vehicle? The best way to upgrade your cybersecurity culture is to pay attention to the cybersecurity experts advice.
Beep! Your car is hacked
USA Today on February 7, 2019
I’m on the highway to hell, Highway to hell! Don’t stop me…
We guess that hackers were listening to AC/DC and imagining a car speeding down the highway, when one of them proposed: Why don’t we try to take control over a vehicle?
Actually, the lyrics of the song are rather truthful – in case of hackers’ interruption, it could be really hard to stop your car from doing weird things. Five years ago security researchers Charlie Miller and Chris Valasek hacked into a Jeep Cherokee and were able to control the steering wheel, disable the brakes and even shut down the engine. Last year Australian man breached the database of the car-sharing firm and went on more than 30 free drives before being arrested.
While technologies ease our life, making interaction with the world fast and convenient, our cars are transforming to the 2-ton connected, mobile computers on wheels. Thus, answering the question if your car is hackable, just remember: if you can unlock the vehicle through an app, then a malefactor just needs to access that app and a car can be compromised.
Placing restrictions on your digital assistant
Dark Reading on February 4, 2019
The best way to upgrade your cybersecurity culture is to pay attention to the cybersecurity experts advice.
Amy DeMartine, Forrester principal analyst, says last year reports revealing that hackers can create malicious Amazon Alexa “skills” which appear to be legitimate applications, has her thinking twice about any of these digital assistants. However, if you have already decided to get one, have a look at these security tips:
- Change the default password on your Wi-Fi router.
- Set the voice lock – you can configure the voice assistant to share your private information only when it hears your request.
- Decide whether you want to shop by voice. If you enable online shopping, make sure you receive all emails confirming your purchases.
- Understand that US privacy rights are on the way but are not law yet. For example, the California privacy law will be effective only in 2020.
- Be smart about where you locate your devices to avoid outsider’s pranks on your system.
- Beware – some smart TVs come with digital assistants.
Mobile phones are also insecure, cybersecurity experts warn
The Times of India on February 3, 2019
Talking about the cybercrime evolution, first malicious schemes seem quite primitive – single computers were infected by viruses on floppy discs. The current generation of cyber attacks are advanced so that preventive measures are more important than reactive.
While even kids’ toys are vulnerable to cyber threats, it is unsurprising that mobile phones, containing more information than our desktops, stand a strong chance of coming under cyberattack in 2019. Commonly, attacks on phones happen via malware sent in SMS text that can remotely take over a gadget and as a result hackers gain knowledge of banking passwords and other credentials. Tony Jarvis, a cybersecurity expert, emphasizes that even an encrypted WhatsApp messenger is vulnerable and has been targeted by online fraudsters.
Thus, to be sure your personal data is not in the hacker’s collection, keep an eye on your mobile phone security.
Cybersecurity culture comes first
Fast Company on February 2, 2019
Last year witnessed the largest data breaches ever. Half a billion Marriott customers had their personal information exposed, Atlanta and Baltimore battled a massive ransomware attack. Finally, the Higher Ed sector became one of the most vulnerable to cyberattack.
In terms of current cybersecurity risks, we need a deeper understanding of their nature. The problem is not in people, process, or technology. The cultural issue is at the root of all these consequences.
First, to improve the security culture we need to expand the talent pool and welcome people with different skills and viewpoints. A few days ago we actually mentioned that not everybody in cybersecurity is a hacker or a coder. Furthermore, security effectiveness depends on how security leaders and business decision makers communicate with each other. Although technical language sometimes seems to be not less complicated than Chinese, security pros should be able to explain management teams their work into the language of business risk.