Under the slogan “Think Before U Click”, this October is European Cyber Security Month. We asked Helena Rifà and Jordi Serra, members of the Faculty of Computer Science, Multimedia and Telecommunications, to give us six tips on how to look after the online security of your home and prevent cyberattacks.
Protect your devices. Experts recommend that you protect all the devices you use to connect to the internet: from your personal computer to any appliance that connects to the internet, as well as your mobile phone or tablet. “Almost all of today’s malware is created to attack mobile phones,” Serra warned. Rifà added that it’s essential to make backup copies and update your software regularly and to lock your devices with a password or PIN.
Install an antivirus. Antivirus software is essential, although Rifà and Serra acknowledge that it cannot stop all the threats on the internet. “They will not protect you 100%”, said Serra, but they do detect viruses that are already known. “Most attacks will be recognized and stopped,” he said.
Be careful with passwords. “Passwords must be long and not be just words in the dictionary, and they must not contain personal information either,” said Rifà, admitting that it’s impossible to remember the dozens of passwords we use in our work and personal lives. “There’s no perfect solution,” she said, but recommended having a password manager, using two-factor authentication (which sends a code to your mobile phone or other device) or using mnemonic techniques. She suggested that they could be, for example, a phrase or the chorus from a song. Serra suggested having a “common pattern” and changing part of it on each website in which you register. He warned that passwords giving access to ‘sensitive’ websites, such as your bank, need to be changed “every six months”.
Be careful with home automation. At home you can have computers, mobile phones or tablets, but you also have other devices that connect to the Internet and are vulnerable to attack. Serra warned that home automation is ‘convenient’ but not free of risk. The router and TV must have their own password, but so must other household items that are connected to the internet. “Light bulbs that can be turned on or whose colour can be changed remotely have already been the source of attacks because they’re not secure enough,” he added.
Consider reputation. When you make an online purchase or install software, you should consider the reputation and opinions of other users. “You need to look at the reviews and see if people have had a satisfactory experience,” said Rifà. She also pointed out that you should check if the website is encrypted (a locked padlock appears next to the URL). Likewise, check if payment is made through a banking platform, as “this gives you some reassurance, because it’s more dangerous to give your card number directly to a store”.
Be cautious. They both said that people always need to be cautious when on the internet. “You must be aware of the risks and protect yourself; use common sense,” said Rifà, who gave as an example of suspicious websites those that “try to catch your attention […] they may well have viruses”. “You must be wary of any email or message you receive,” said Serra, who recommended that, before opening any attachment, for example, “you check who really sent it to you.” Because, as the professor says, sometimes “you trust interactions online that you would not trust outside this context.”
Use these tips and everything you learned in the mandatory cyber security training to protect your tech. Anyone can suffer an attack, and that’s why we have to make sure we protect the security of the information we process and comply with personal data protection legislation every day.
PURPOSE: To allow you to make comments on blogs and to register your data for future comments.
LAWFUL BASIS: The data subject's consent.
RECIPIENTS: No data to be transferred to third parties.
DURATION: Until the blog in which you have made a comment is removed.
RIGHTS: You can at any time exercise your rights to access, rectification, deletion, opposition and other legally-established rights by emailing fuoc_pd@uoc.edu.
