task 7- internet security

According to Holly Ellyatt of CNBC, the top 5 cyber-security risks in 2015 in South Africa are:

• Ransomware- "a type of malware which restricts access to the computer system that it infects" (Ellyatt, 2015). This targets storage sites like Dropbox and google drive and prevents users from being able to log into these sites and access their saved information (pictures, documents and videos). the users of these storage facilities make themselves vulnerable by uploading their material as a 'safe' form of storage. Ransomware attackers will try and get ransom payments from victims in exchange for their data. Fortinet is a company in South Africa that has been a victim of Ransomware which came in via an email that seemed legitimate, The only way of knowing that it is a form of malware is by looking at the senders address, therefore this is how users enable hackers to obtain information. 

• The Internet of Things (IoT)- "the connection of physical devices such as home appliances and cars to the internet" (Ellyatt, 2015) This makes all the information stored on any device very vulnerable because if hackers are able to access one connected device, they are most likely able to access all the devices that are connected to it. Although the IoT makes everything a lot more efficient, we are sacrificing our security. "A Samsung “smart fridge,” designed to synch over Wi-Fi with the user’s Google Calendar, failed to validate SSL certificates, leaving users’ Gmail credentials open to theft" (WIRED, 2016)

• Cyber Espionage- this is the use of computer networks by hackers to access information usually related to government. This form of malware is strongly linked to terror groups who are plotting against governments. An example: "Detected as Win32/Prikormka, the malware has eluded the attention of antimalware researchers since at least 2008. It has been carrying out cyber-espionage activities primarily targeting anti-government separatists in the self-declared Donetsk and Luhansk People's Republics." (ComputerWeekly, 2016)

• Cyber theft- Linked to the stealing of financial information from credit and debit cards, now made easier by a lot of foreigners using mobile payments as an 'easier' payment method.  this is not usually involve businesses but more individuals who have their card stolen, however there are ways of minimizing the chance of a lot of money being stolen. e.d. putting a limited amount of drawings available per day ( R 3000), freezing the card by calling the bank as soon as it has been stolen, security keys, etc.  an example, Regarding Mandarian Oriental "The hotel group confirmed credit card data was stolen from an “isolated number” of payment card systems at hotels in Europe and the US, after the company’s network was hacked." (Computer.weekly, 2016)

• Insecure passwords- This is possibly the easiest form of malware for hackers. There are many people who are on social media sites like Facebook and Twitter who have got very simple passwords like their birth date or nickname. this information is easy for hackers to access. The best way to have a secure password is to include Capital letters, punctuation and numbers  into your password to make it more difficult for hackers to guess. Also it is important not to tell anyone your password to these sites. 

In 2012, LinkedIn suffered a massive data breach in which more than 6 Million users accounts login details, including encrypted passwords, were posted online by a Russian hacker.

How can individuals, businesses and companies avoid being hacked? The best and most obvious ways to prevent hackers from accessing any information is to:

1. Ensure that all the devices use antivirus software that is constantly updated. 
2. Always back up the data on both physical devices and cloud services e.g. Dropbox so that if the information is always in two different places.
3. Use secure and unique passwords that include capital letters, numbers and punctuation. Download KeePass to ensure a safe password.
4. keep your internet communication between individuals private so that nobody else can access your conversations.
5. Do not publish personal information like banking details and phone numbers on social media.