08.06.15

3 common misconceptions about cybersecurity

Cyberattacks make headlines all the time – and so do the sinister-sounding groups that carry them out. With names like Lizard Squad, ShadowCrew and Deadeye Jackal, these criminal collectives project an air of secrecy and authority that makes us assume they’re all evil geniuses. In fact, however, that’s not the case.

“It’s not that hackers are all that powerful – it’s that computer users make the same mistakes over and over.”

It’s not that hackers are all that powerful or smart – it’s that computer users make the same mistakes over and over. From the person at home on his or her laptop to the big company with lots of privileged consumer data, there’s an alarming lack of awareness about basic cybersecurity principles. One cause of this oversight is that people choose to believe certain misconceptions about cybersecurity. We decided we’d take this post to pick apart three of the biggest computer security misconceptions circulating today.

Misconception 1) A password is protection enough: Let’s say you use a different password for every online account you have. You make sure that each password is as un-guessable as possible, crowding them with characters, numbers and random punctuation marks. By doing this you’ve hack-proofed yourself, right? Not even remotely.

Don’t get us wrong, passwords play a pivotal role in securing your identity. And the more complex they are, the more secure they’ll be. But even the greatest password is still just a group of characters separating an intruder from your data. And in the hacking realm, guessing passwords is one of the easiest tasks they can carry out. That’s because the whole process is automated thanks to advanced cracking software, which, as ArsTechnica has pointed out, can significantly expedite the job of the hacker and make cracking passwords an almost guaranteed success. One such application, for instance, is capable of guessing 8 million password combinations per secondTry hiding a password from that.

In addition to passwords, you need a resource that will actively work on your behalf to hunt down threats and defeat them in their tracks. That’s why having anti-virus software in addition to strong passwords is an absolute must.

Passwords aren't enough to keep you protected.Passwords aren’t enough to keep you protected.

Misconception 2) Only massive enterprises get targeted: It’s very true that large corporate hacks are the only ones we read about. But this hardly means they’re the only ones that happen. For all the huge cyberattacks on major businesses making headlines, there are many more that target small businesses and individual users. After all, who’s an easier target – the business with a massive IT team, or you? Still, you can make yourself far more difficult to attack by ensuring your computer access is highly secure.

Misconception 3) You can be 100 percent attack-proof: If any piece of software tells you it’ll make you invincible to cyberattacks, it’s lying. That’s an impossibility. But while there’s no 100 percent solution, you can certainly get close to that by taking the most proactive and comprehensive approach to personal computing security possible. One element of this that’s often overlooked is the need to secure your mobile devices. After all, your computer likely isn’t coming out on the train to work or in the Starbucks line, whereas mobile devices go with you everywhere. Greater exposure to the world means heightened risk. But by guarding the devices, you can significantly reduce that risk.

Another vital step to take is to carry out online backups of your data. With ransomware attacks relatively common, you never want to find yourself in a situation where a criminal has control over your data. If you have a backup to revert to, you won’t empower a hacker.