A 2022 Guide to Personal Digital Security & Online Safety
Pretty much everybody takes household security seriously. Anybody who lives in a town or city has basic routines like locking doors and windows. If you live on a moshav or kibbutz somewhere quiet you might be more relaxed, but even rural communities have changed for the worse.
Urban dwellers often invest more in home security. New technology is making security cameras, reactive lights, and smart alarms normal household accessories. If burglaries or home invasions are a genuine threat, safes and even panic rooms are an affordable option for homeowners.
People in high crime areas may also opt for comprehensive insurance policies, private security firms, or even gun ownership for home defense. Fortunately, most Israeli neighborhoods are still very safe compared to many places in the US or South Africa.
The irony is that millions of alert and security-conscious people are completely naive when it comes to digital security. They routinely fail to protect themselves, their families, and their businesses online.
What Is Digital Security?
Digital security is best defined as an awareness of online threats, knowledge of effective defenses and countermeasures, and the commitment to implement them on a daily basis. You need to protect your home PC, laptops, tablets, iPads, smartphones, work IT systems, and any other online device.
Digital security measures start with basic password management and also include sophisticated antivirus and firewall programs. There’s plenty of good free security technology, as well as affordable software and services. A small investment of time and effort can save you from all kinds of disasters.
Common digital security tools include:
- Password Managers
- Identity Monitoring Services
- Common Sense and Vigilance!
Before you consider how to protect yourself and your family, you need a clear understanding of the current online threats. Once you understand your vulnerabilities, you can upgrade your digital security and beat the bad guys. We’ll start by taking a look at hacking and how hackers can harm us.
What Is Hacking?
Hacking is any technique that gains someone unauthorized access to a computer, smartphone, or other digital devices. Once hackers have access to a computer, they might behave like sneak thieves, burglars, extortionists, vandals, or snoopers - or all of these.
All systems have vulnerabilities and hackers are adept at finding and exploiting them. Once they’re inside your device, they can pretty much access all your personal data, stored media, and usually linked network devices. The good news is that most hacking is fairly amateurish and depends on victims’ ignorance of basic digital security, or their laziness or negligence when it comes to applying basic security measures.
Most hacking is opportunistic and isn’t the work of spy agencies or criminal geniuses. Hackers come in all shapes and sizes and have different motives for breaking into other people’s computers and smartphones. Motives for hacking range from ethical (at least in hackers' own minds) to boredom and curiosity about systems, to straightforward criminality, terrorism, or hybrid warfare.
Types of Hackers
Hackers come in all shapes and sizes and have a range of backgrounds and abilities, from naive teenagers to state-employed cyber experts. There are generally reckoned to be three main types of hacker:
- White Hat Hackers
- Gray Hat Hackers
- Black Hat Hackers
These are convenient labels, but there’s plenty of overlap. Ultimately, all hackers are devious people who like slipping into places where they aren’t supposed to be. Even hackers who are fascinated by the technical challenge of breaking into secure systems are inevitably exposed to a lot of temptations.
White Hat Hackers
White hat hackers are found on the legitimate end of the hacking spectrum and see themselves as ethical hackers. They make a good living seeking out vulnerabilities in other people’s systems. Big companies employ white hat hackers to identify weaknesses before hackers with malicious intentions find them.
A financial institution that is responsible for hundreds of millions, or even billions of dollars in assets, will pay top dollar to protect their security. White hat hackers can find work as full-time employees, but many are independent people and prefer to freelance. They prefer the freedom of short-term contracts and thrive on new challenges.
White hat hackers are keen to emphasize their ethical standards and law-abiding outlook, but often prefer to gloss over how they learned their sophisticated hacking skills in the first instance…
Gray Hat Hackers
Gray hat hackers are often kids who are exploring technology and are excited to be cyber trespassing. They’re the tech geek equivalent of the kids who go out exploring and trespassing on private property at night. Their original intentions aren’t necessarily malicious, but they’ll quickly encounter temptations and are vulnerable to trouble.
Other gray hat hackers are hobbyists who simply enjoy the challenge of a bit of online breaking and entering. They often get a big feeling of power when they access a company’s secure databases or discover confidential or classified information. Gray hat hackers can cause major damage, either unwittingly, or because they give in to temptation or to an anarchistic impulse.
Black Hat Hackers
Black hat hackers, as the name suggests, are the bad guys. Their primary goal is either to do something illegal or to cause deliberate harm. Black hat hackers can be freelancers or members or associates of organized crime gangs. They specialize in identity theft, credit card fraud, phishing scams, cyber extortion, cyber-attacks, and pretty much anything that will turn a buck.
Industrial espionage and hacking by state agencies also count as black hat hacking. Companies are often desperate to monitor their competitors and learn their secrets. Unscrupulous businesses will pay serious money to hack rivals’ R&D, customer databases, and business plans. Government intelligence agencies do exactly the same. The Chinese have perpetrated huge-scale thefts of confidential data and intellectual property.
Black hat hackers can also include stalkers, or opportunists who focus on a private individual. They may want to steal private photos and videos from your laptop, iPad, or smartphone, access your medical records, read your emails, or find other ways to invade your privacy and cause distress.
Types of Hacks
Hacks range from highly sophisticated penetrations to simple and opportunistic security breaches. Zero-Day hacks exploit system vulnerabilities, usually to achieve specific goals. Often, they will be super sneaky and hackers will try to avoid all detection - even at a future date. Zero-Day hacks are usually launched by criminals or state security agents. A successful Zero-Day hack could earn hackers millions of dollars.
Other popular - but far less effective - hacking methods involve ‘kiddie scripts’. These are ready-to-use software that doesn’t require a great deal of technical knowledge to use. Regular software updates are usually enough to protect your devices against attacks using kiddie scripts.
How To Protect Your Smartphone From Hacking
Smartphones are ubiquitous and we basically depend on them. A smartphone is a pocket-sized entertainment system, personal assistant, private office, and toy all rolled into one. If you’re using your phone for online banking, online shopping, and your Kupat Holim account, there’s a huge amount of sensitive data that are potentially accessible via your phone. If your smartphone is hacked, it could really mess up your life.
The most basic digital security measures are just the online equivalent of locking your front door when you leave the house in the morning. Others are more sophisticated and less obvious.
Your smartphone comes with the manufacturer’s operating system (Android or iOS) and some of the restrictions may be irritating. If you take control of the phone - jailbreak - to install non-compatible apps, etc. you’ll be vulnerable.
Lock the Door
Just as you lock your front door or car door, lock your phone! Set it to auto-lock within 30 seconds and create the longest passcode that your phone allows. Change the code every month and don’t use obvious passwords like birthdays or your phone number. This is basic advice - which millions of people ignore.
Authenticate and Update
Two-factor authentication may be irritating when you need your phone in a hurry, but it beats having your bank account emptied, or your credit cards used to pay for someone else’s online shopping. Use two-factor authentication. It’s a powerful defense against crooks.
You also need to update essential software. This can also be annoying, but it definitely helps to keep you safe. If the updates are time-consuming or disruptive, schedule them for the night.
Set the ‘Nuclear Option’
Most smartphones offer an erase data tool or even a self-destruct tool that closes down the phone entirely. If someone gets hold of your phone and tries to guess the password, the phone will activate your nuclear option after a few failed password attempts. This is a drastic solution, but it beats having the contents of your phone available to a thief.
Stay Safe Online
We often fall into the trap of assuming that websites are safe. Most are fine to visit, but some are designed to harm visitors. Digital security issues include:
- Identity theft
When you visit any website, you need to begin by checking two things. Firstly, look for a padlock symbol next to the URL. For example, when you visit www.tcs.israel.com you’ll see a padlock symbol in your browser:
Use your Browser Security
Check the Privacy and Security settings on your browser. They can be adjusted to block pop-ups, control microphone, speaker, and camera access, prevent malicious downloads, and website tracking. If you have extra security concerns, install a secure browser like Tor, Mozilla, or Brave. If you have doubts about a particular website, a quick visit to Google Transparency Report, the Norton Safe Web Checker or URLVoid will tell you whether it is safe.
A Full Digital Security Package
If you want the highest level of online safety (without paying serious money for professional IT solutions) a VPN, Identity Management Service, and Password Manager will cover most bases. There are good free solutions available online as well as affordable paid services.
A virtual private network or VPN encrypts your web traffic. It effectively hides your web activity and the IP address from snoopers and lets you operate securely on public networks like cafes. You can also browse as though you were in another country, bypassing region restrictions on services like Netflix. Recommended VPNs include ExpressVPN, NordVPN, CyberGhost, and TunnelBear
An identity monitoring service can’t completely prevent identity theft, but a good IMS like Aura, ReliaShield, or IdentityForce is a vital damage limitation tool. If your identity is stolen and starts to show up online e.g. in credit reports, criminal record checks, or even on the dark web, you’ll be alerted immediately. You’ll also be advised about what steps to take to safeguard your assets and your reputation. You can also receive financial compensation for any loss or damage sustained through identity theft.
Most of us have issues with passwords. Unless you’ve got a genuine photographic memory, you’ll struggle. The average person needs to remember - or access- multiple passwords. These include social media and email accounts, online banking and kupat holim, online shopping, web forums, and everything else that we do online. Using the same passwords is a disastrous idea, and writing them down on a slip of paper is also a shortcut to a major security breach.
Password managers use secure software to store and create passwords for us. It’s the digital equivalent of a box to which you have the only key (a master password). As long as you can remember your master password, the password manager will handle all your secure logins. There are several free password managers like Bitwarden, myki, and logmeonce as well as paid versions for businesses.
TCS is committed to protecting your digital security and works hard to ensure that your account is protected. We also advise on how to secure your wifi and keep your smartphone safe. If you have any questions at all, please contact us at any time.