Businesses and individuals in India must brace for escalating cyber-attacks as cyber-criminals expand their targets to home network devices and mobile devices.
Individual devices and user data are becoming prime targets for cyber-criminals.One in 20 attacks target smartphones and tablets, reveals a study by cybersecurity solutions provider Fortinet. 90 percent of organizations recorded attacks targeting system and device vulnerabilities that were at least 3 years old, even though updates and patches that corrected those vulnerabilities had long been available.
Even more alarming is that about 60 percent of organizations reported successful attacks that had targeted vulnerabilities that were 10 or more years old. A growing percentage of such attacks also target home network devices, such as routers and wireless access points, noted the study.
Cyber attackers target a wide range of known vulnerabilities in these devices − known collectively as the Internet of Things or IoT − in order to control them remotely, collect users’ data, or install malicious code that allows attackers to aggregate millions of similarly compromised devices into huge cyber weapons known as botnets that can be used to generate huge volumes of data traffic that can overwhelm and shut down targeted online organizations or cripple Internet traffic, the study said.
“We are now living in a digital world, and cybercrime is part of that new reality,” said Anthony Giandomenico, senior security strategist/researcher, Fortinet. “It is time to develop the same good habits as we navigate through our digital environment.”
Here are some cyber-safety tips to mitigate the risks of cyber-attacks:
1. Control Your Social Media. Be careful who you “friend” on your application. Cybercriminals often set up fake pages or accounts and request to be added as a friend. Look out for the following to identify fake requests from criminals hoping to steal data or trick you into clicking on links to infected sites
2. Scrutinize Your Online Transactions. Your bank will never initiate a request to verify your account or provide your login credentials. Such requests, either online or via email, can safely be ignored or deleted. Should one receive an email or a browser page with a link attached, always look at the URL before you click it. Hover over the link and look at the address that shows up. It should start with a real address, such as “www.(yourbank).com”. The address should also be reasonably short.
3. Inspect Your Email. The most common way to get users to load malicious software or malware onto their systems is through an email attachment. Known as phishing, these attacks often claim that the file attached to your email is a receipt or bill of a fictitious transaction, a fake document that needs immediate attention, or a message from a friend or family member. NEVER click on an attachment or web link in an email from someone you do not know, that you did not request, or that does not seem entirely legitimate.
4. Update Your Devices. Review devices in your home that are connected to the Internet. These should include phones, DVRs, TVs, security cameras and other online devices, and even home routers and wireless access points. Write down the names of the manufacturers and the model numbers, and list all the software running on these systems. Once you have a complete inventory list, search for known vulnerabilities or patches, and make sure that these devices and applications are running the latest patches and the most current versions of their operating systems, firmware, or software. If a device or application is no longer supported by the manufacturer, the safest thing to do is to replace it.