Placeholder Content Image

Use these 10 passwords at your own peril

<p dir="ltr">With cyberattacks increasing by the month, it’s crucial to have a strong grasp or what is - or isn’t - a strong enough password to hopefully deter hackers.</p> <p dir="ltr">And with the cybercriminals capable of unveiling 921 passwords each second, people all over have become easy targets with their choices - whether that’s from including easy-to-guess terms like the word “password” itself or common sequences like “123456” and “qwerty” - as reported by <em>9News</em>.</p> <p dir="ltr">And as analysis by <em>CyberNews</em> has revealed, just 13 per cent of leaked passwords - from a review of almost 15 billion - were actually unique. </p> <p dir="ltr">According to them, two of the most popular names to appear in the selection were “Eva” and “Alex”, with a total of seven million respective uses. “Food” and “pie” were regulars, as well as the season “summer”.</p> <p dir="ltr">While these might be easy for users to remember, and appealing for that, My Business general manager Phil Parisis had a clear warning in store when he explained that “if it’s easy for you to remember, chances are it’s also easy for cybercriminals to guess.</p> <p dir="ltr">“That's not only putting you at risk but also exposing the businesses and corporations that you work for.</p> <p dir="ltr">"Another common inclusion is a year - often their birth year or another significant year in their life."</p> <p dir="ltr">Having the right information and advice at your disposal is crucial when it comes to protecting yourself, so with all of this in mind, the 10 passwords that you should avoid at all costs the next time you’re asked to come to up with one are the following: </p> <ul> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">123456</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">123456789</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">qwerty</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">password</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">12345</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">qwerty123</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">1q2w3e</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">12345678</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">111111</p> </li> <li dir="ltr" aria-level="1"> <p dir="ltr" role="presentation">1234567890</p> </li> </ul> <p dir="ltr">To further protect yourself, it can be of great benefit to mix your upper and lowercase letters in your passwords, as well as throwing in a range of symbols and numbers to further disguise your intended terms. </p> <p dir="ltr">For example, and as <em>9News</em> noted, the likes of “password123” is considered a weak password, while something like “MySecurePa$$word785!” is considered much stronger, and much more protected.</p> <p dir="ltr">And the Australian Cyber Security Centre have further suggested that internet users consider using passphrases - a number of random words put together in a string -, as they’re “harder to guess but easier to remember” than common passwords. But most of all, they recommend avoiding obvious, significant, and easy-to-guess words, like the names of children and beloved family pets. </p> <p dir="ltr"><em>Images: 9News </em></p>

Technology

Placeholder Content Image

12 cybersecurity tips to keep your computer safe and secure

<p>So it looks as if the CIA could potentially break into most smartphone or computer networks, at least according to the stolen documents released by WikiLeaks last week.</p> <p>Whether you have anything to hide or not, it's a good reminder that in a digital age, keeping your life private requires some work.</p> <p>Here's a list of nine things everyone should be doing already to keep their information relatively confidential, plus four more for the truly paranoid.</p> <p><strong>1. Don't get phished</strong></p> <p>The most common way the CIA's cyber tools, and hackers for that matter, get into your devices are via phishing emails or texts. These are created to look like they're from a friend or trusted sender (say your bank or a software company) and contain a link they try to trick you into clicking on.</p> <p>Doing so loads software onto your computer, tablet or smartphone that allows the spies, or hackers, in. Once there, they can install any number of programs that allow them to spy on you and steal data. The CIA documents describe programs that can search through emails, contacts, texts and photos and send them from your device without your knowing it.</p> <p>All of this is why you want to be very careful about what emails you open and what links you click. Hackers, and presumably the CIA, are good at creating realistic-looking emails that entice you to click on dangerous links. Double and triple check before you click on links sent via email or texts. When in doubt, don't click on the link but instead go to the actual website it claims to be from.</p> <p><strong>2. Turn on two-factor authentication</strong></p> <p>This is that annoying step that comes after typing in your password. It sends a code to your smart phone or a landline or sometimes email. You input the code - the second factor in the authentication process - and you're good to go.</p> <p>While it seems like a hassle, it's actually an extremely powerful way to keep anyone but you from getting into your accounts. They'd have to not only have stolen your ID and login but also your phone.</p> <p>You should turn two-factor authentication on for every app, program and device for which it's available. It's a small hoop for you to jump through but an enormous wall for hackers, and would-be spies, to overcome.</p> <p><strong>3. Use only secure web browsers</strong></p> <p>Look for websites that use the secure version of the web protocol. You can tell by looking at the URL, which should start with HTTPS rather than simply HTTP. It stands for Hypertext Transfer Protocol Secure and keeps malicious third parties from inserting code onto the site.</p> <p><strong>4. Use strong passwords</strong></p> <p>There are weak passwords and then there are crazy weak passwords. According to a survey by Keeper, which makes password management software, 17 per cent of users have 123456 as their password, followed by 123456789 and qwerty. At least put up a fight! Choose strong passwords or sign up for a password management program that will create them for you.</p> <p><strong>5. Install a modern operating system</strong></p> <p>Many of the vulnerabilities detailed in the WikiLeaks documents are older and target dated systems. It's entirely possible that the CIA has newer tools for newer programs, but we don't know. What we do know is that the longer an operating system or program is around, the more vulnerabilities in it that are found and exploited. So use the most recent version of whatever operating system you prefer (Microsoft, Apple or Linux generally) and when a new one comes out, don't wait forever to switch.</p> <p><strong>6. Install security updates and patches</strong></p> <p>When you get a new phone or computer or install a new system, set it up to automatically update with security patches. If there's no automatic update available, check periodically to see if anything new is available.</p> <p><strong>7. Use a security program</strong></p> <p>There are many out there, from free to ones you pay for. While it's unlikely they'd keep the CIA out of your system, they'll do a good job of keeping run-of-the-mill hackers away, and might make it a little harder for spies to get to you.</p> <p><strong>8. Use encrypted messaging software</strong></p> <p>There's no evidence the CIA was using the tools described in the WikiLeaks documents to spy on Americans, which would be illegal under U.S. law as the CIA can't operate within the United States. That said, if you really want to keep your life confidential, here are a few more things you can do.</p> <p>Popular programs include Signal, Telegram and WhatsApp. The WikiLeaks documents claimed that the CIA had a program that allowed it to see what users were typing on certain phones running the Android operating system, but they hadn't been able to break the encryption of the programs themselves.</p> <p><strong>9. Install a camera cover</strong></p> <p>This keeps anyone from being able to surreptitiously turn on your camera and use it to record you. At hacker conferences it's common to see little bits of paper taped over computer cameras, or little plastic sliding covers that allow them to close off the lens when they're not using it. It's a low-tech fix for a high-tech problem.</p> <p><strong>10. Use a landline</strong></p> <p>Making a call on a land line is more secure than making a call on a cell phone. It also doesn't leave a digital trail as texts or email do.</p> <p><strong>11. Unplug and turn off your devices</strong></p> <p>For the truly paranoid, the best way to make sure the devices that surround you aren't spying on you is to unplug them or turn them off.</p> <p><strong>12. Finally, think about what you're giving away for free</strong></p> <p>All of this raises a simple question - how much information do you voluntarily turn over to websites, apps and online services every day? Remember that no is always an option, though it sometimes means foregoing convenience for privacy.</p> <p>Do you think you’ll follow any of these cyber-security tips?</p> <p><em>Written by Elizabeth Weise. First appeared on <a href="http://www.stuff.co.nz/" target="_blank"><strong><span style="text-decoration: underline;">Stuff.co.nz</span></strong></a>. </em></p>

Technology

Placeholder Content Image

The biggest cybersecurity threats of 2016

<p>Security service vendor Proofpoint have revealed their predictions for the biggest cybersecurity threats this year.</p> <p>According to Proofpoint, cybercriminals will move with the times, no longer using the widely-known format of malicious document attachments. Instead they’ll target the human factor, or in other words, mankind’s natural curiosity to click on the internet.</p> <p>“Our six 2016 predictions all have one theme in common — cybercriminals are targeting the people behind devices and are looking to capitalise on their willingness to click,” vice president of Threat Operations at Proofpoint Kevin Epstein told news.com.au.</p> <p>With a growing number of social media accounts distributing harmful software in 2015, Proofpoint expects the incidents of malware to increase in 2016 as hackers continue to try and steal personal customer data or an organisation’s financial data.</p> <p>Hackers are also expected to increase attacks on high-value financial infrastructure, like ATMs, point of sale terminals and payment portals.</p> <p>Proofpoint director of Threat Intelligence Patrick Wheeler said the biggest threats this year won’t be new or revolutionary but old methods taking on a different shape.</p> <p> “Truly new threats are quite rare and often expensive to threat actors. Known attacks deployed in new ways are actually a much greater threat because they are more likely to be both effective and cost-effective,” Wheeler said.</p> <p>“The big ‘new’ threats of 2016 will most likely be well-known techniques from email – and web-based attacks – applied to less well-defended areas such as social media and mobile apps.”</p> <p>So what’s the best way to protect yourself online?</p> <p>Wheeler advises, “For individuals, the best practices are pretty well-known: run good, up-to-date protection on your devices, don’t open emails and click attachments from people you don’t know, apply relevant OS and application patches when they become available and don’t provide your personal or financial information over social media.”</p> <p>While Wheeler warns all online users to be vigilant with the security of their data, he emphasised the incident of cyber-criminal activity is not actually increasing. Unfortunately, however, it is here to stay.</p> <p>“We could argue that the feeling that cybercrime is getting worse is actually rooted in an increasingly widespread grasp that cybercrime isn’t going away, which is a really important – and scary – thing to realise.</p> <p>“There will be cybercrime as long as there is a way to profit from stealing information online, and every individual and organisation are a potential target: understanding that, we can move on to using intelligence, education and solutions to focus on threats, risks, and response.”</p> <p><strong>Related links:</strong></p> <p><span style="text-decoration: underline;"><em><strong><a href="/entertainment/technology/2016/01/how-to-spot-fake-apple-products/">How to spot fake Apple products</a></strong></em></span></p> <p><span style="text-decoration: underline;"><em><strong><a href="/entertainment/technology/2015/12/top-tips-and-tricks-for-using-skype/">Top tips and tricks for using Skype</a></strong></em></span></p> <p> </p> <p><span style="text-decoration: underline;"><em><a href="http://www.oversixty.co.nz/entertainment/technology/2016/01/myths-about-facebook/"><strong>3 myths about Facebook busted</strong></a></em></span></p> <p> </p>

Technology