Adam Shaw spoke to security specialist John Shier of Sophos about the on-line threats to us all
With retailers advertising more and more eye-popping offers in the run-up to Christmas, it is important to remember that there is a darker side to seasonal sales. While millions of online shoppers scour the web looking for the best deals on goods and services, there will be those lurking in the wings looking to gain a different kind of advantage.
Cyber criminals are not stupid. They are also ruthless and indiscriminate and will seek to plunder unsuspected victims whenever they are given the opportunity. The computer might now dominate our way of life in the UK and Ireland but, for all the doors it has opened, it has arguably made us more vulnerable.
“Previously you would have to interact with someone if you were going to steal their money,” security specialist John Shier from Sophos explained.
“Now there’s this sense of separation between the criminal and the victim. They can now achieve what they set out to do from thousands of miles away and from the comfort of a desk.
“While the ease of access to goods and services has never been so high, it’s the same for these cyber criminals.”
Mr Shier doesn’t want to unnecessarily frighten anyone; he merely wants people to be aware of the situation. He’s also keen to focus on prevention, of highlighting the tricks and tips which can make digital users less susceptible to hacking.
It is virtually impossible to ignore the increasing role of technology in the day-today. Computers, smartphones, tablets and so on – whether you like it or not, that’s the way it is.
“You just need to think of cyber security in the same way that you do personal and physical security,” Mr Shier said. “You have locks on your doors and there are measures you can take to protect yourself in the physical world.
“All you have to do is take similar steps to keep people away from your personal details and private data online.”
His advice has been heard many times before. Yet many people are still unaware of it and, even if they are, they often choose not to implement it. He suggested using security products but these are frequently dismissed as an unnecessary extra cost or being more trouble than they’re worth. But, as Mr Shier explained, while they won’t be one hundred per cent effective, they will “protect users against the broad range of scams that are out there”.
He also spoke of using “long and complex” passwords and ensuring that you have different ones for each service you utilise online. Finally he noted how it’s better to approach your inbox with some suspicion. While he admitted that it is verging on paranoia, the quality and number of scams circulating the web means one can never be totally safe.
“It’s age-old advice but if you get an email from someone you don’t know or there are links and attachments on it, you really shouldn’t click on them,” he said.
“Even if something looks completely legitimate, you’re always better to exercise a degree of caution – you’re much better typing in the website yourself on your browser than going through any email links.
“Basically, treat every email you receive from somebody or a company that you don’t know as potentially harmful.”
Mr Shier refers to these simple steps as “security hygiene” and he is encouraged to see that greater online vigilance is now being taught in schools. Even among older people, he added, there is some knowledge of cyber protection, even if on the surface it seems totally baffling.
“I understand that for a lot of people, digital devices are still very new,” he explained.
“They’ve gone through most of their lives without any need to understand how these things work but, the message is being broadcast and most of them have a grasp of basic online security.”
The security expert confessed that cyber criminals will continue to employ the practices which are currently successful.
He added that there is a constant “cat and mouse” trade-off between hackers and counter-hackers because even though protection is improving, so are the breaching techniques. However, he is optimistic that as things move forward, both in terms of time and technology, those providing protection will gain the upper hand.
“As society progresses, more and more people are becoming aware about what they need to do,” he said. “In a similar way to vaccinations, the more people who are protected, the more they can help those who, for whatever reason, are struggling.
“And in terms of machine learning and artificial intelligence, which is a big thing at the moment, this will provide humans with a greater understanding of security and help them protect their data more effectively.”
For now, Mr Shier wants people to adopt the basic measures which should keep their personal details out of the clutches of criminals. He also wants them to be aware of seasonal trends, including Black Friday, Cyber Monday and the offers around Christmas.
“You’re going to see a spike; and there’s always a ramp up of problems around this time of year,” he said. “There are loads more legitimate adverts popping up online but that means that the cyber criminals will be able to create the same effect.
“They will hide in among the volume and noise so it’s important to be extra vigilant. Again, always type it in the browser as opposed to clicking the link.”
Mr Shier, like all cyber security experts, doesn’t try to sugar coat the scope for criminality online. He is of the opinion that a “motivated, competent adversary” could essentially take whatever they wanted. Hearing this, you’d be forgiven for thinking that there was nothing you could do to stop them. But there are deterrents.
Much in the same way that you can protect your home and belongings by following a few small but effective procedures, you can do all you can to keep your online data safe. In essence, it’s a little bit of practical knowledge, a little bit of guidance and a little bit of common sense.