Hardly a day goes by when we don’t hear about some big website outage or some hacker perform some strange hack on the US government. Stories about hacking, websites being down and other outages can almost blur into the background of our lives. But as the most recent outage of big name sites such as Twitter showed, all of our actions can contribute to these things and top of the list of these can be having lapse smartphone security.
The latest big attacks came in October when a DDoS attack (distributed denial of service) took down a host of big name websites including Twitter, Netflix, Spotify and Etsy. Investigations shows that the attacks were aimed not at the websites themselves but at a company called Dyn, based in New Hampshire, who provide means to access websites through its servers. These servers were crashed in the attack and caused the problem with the big name sites.
DDoS attacks have been around for a while now but this latest attack was notable not only for the big names who suffered in it but the issues that it raised. The attack used a number of internet-facing devices including CCTV camera, routers and DVRs to create a botnet – a group of computers working together without the owners realising. This allowed them to overwhelm the security of Dyn and close down the websites.
The Internet of Things
The attack highlighted potential vulnerabilities that we ourselves are creating as the Internet of Things spreads. These devices can be anything from smart heating meters to smartphones that connect to the internet to do things. It is the kind of technology used to set your thermostat to a higher temperature when it is cold as you leave work to ensure the house is toasty when you get there.
Many of these devices were used in the attack and it was discovered that this was made easier because most of them hadn’t had their security information changed from the default. A group of Chinese made devices were mentioned as being particularly at fault because changing default information was tricky but the matter highlighted a common issue – we don’t take security seriously on devices away from the desktop PC or laptop.
Most of us get a new smartphone and upload our contact, favorite apps and add the passwords for our social media and email accounts. But not always do we change the default settings within the phone – things like pins or passwords. This makes the phones vulnerable to attack because once default information is found for a certain type of phone, hackers can access any phone of that type that hasn’t updated their information.
Password security is another area we are often lapse about. Sure, we are careful about online banking information or maybe our login for Amazon or other shopping sites. But how many times do we play casual online casino games and share our log-in information with a friend to let them have a try? The friend is doubtless safe and isn’t going to maliciously use the information but often the means of sending this information isn’t secure – email is a classic example. And this can be grabbed by unscrupulous people and used.
Using safe websites and apps is another way to ensure data is protected. Online casinos are a good example of a group of websites that are using the top levels of security to ensure that their customers are protected. People playing Royal Vegas online casino slot machine, for example, can be certain that their details are secured using technology that is on the same lines as used in online banking. So, if individuals use personal data safety measures, they can be certain that criminals aren’t going to get their information from the website itself.
When it comes to smartphone security, a little paranoia is a good thing. Changing default settings won’t guarantee that your phone isn’t taking part in a major hack while you are asleep but can greatly reduce the chance. And by making sure all your login information is kept safe and never shared will also make your personal data a little safer while only using secure and high quality sites when using bank information reduces the risk of identity fraud and online theft.