News

Five things everyone should know about cybersecurity

Published:
We live in a world where hackers stalk teleworkers and advertisers spy on us. You can’t protect yourself from everything, but a little effort can get you to safer waters. Mikko Kiviharju, professor of practice in cybersecurity, offers five tips for securing your data.
Illustration image of cybersecurity
Automated cloud backups offer the benefit of virus checks and versioning. That means that even if the last ten backup versions are all infected, a clean eleventh version could still be available. Photo: Aki-Pekka Sinikoski / Aalto University

Text by Antti Kivimäki

1. Make backups - both in the cloud and locally

Some cybercriminals try to break into your computer and lock away your data, demanding a ransom to unlock it. Ransomware can be hidden in a file you download and then only become active later. Backing up your data, both locally and in the cloud, prevents it from being held ransom.

Automated cloud backups offer the benefit of virus checks and versioning. That means that even if the last ten backup versions are all infected, a clean eleventh version could still be available.

It’s also worth making local backups yourself. From time to time, backup your important files and folders to an external hard drive or memory card. If you select the files and manage the transfer yourself, you’re less likely to back up something harmful. This might feel old-fashioned and be a bit inconvenient, but it offers significant additional security.

2. Use a payment method that lets you file a complaint if something goes wrong

When you buy something online, it can be a hassle to find all the terms of the transaction. Will you get your money back if the product is faulty or if it doesn't arrive? What’s the notification procedure? Where will the money be returned?

For extra security, make sure to use a payment method that gives you the right to complain about a problem and get a refund. If you’re using a combined debit/credit card, remember that the option to get refunded due to a complaint is usually only available when paying with the credit card.

In general, it’s best to avoid dubious online shops. If you find a very cheap offer on a strange site, it’s often actually a scam.

3. Hackers stalk remote workers – keep your work and home devices separate

Hackers use weak points in work-from-home systems to break into your employer’s IT systems. Many people work remotely on their personal computer, which can have their personal software and social media open alongside their employer’s programs and systems. Hackers can use vulnerabilities in the personal accounts and software used for leisure to get personal information and passwords, which they can then use to try and break into your employer’s systems.

It’s better to do remote work on a computer provided by your employer. This practice keeps the work separate and safe on a work computer, and you can use your own device for personal matters. Never use the same passwords on work systems and personal devices or software.

4. Be careful about the browser’s search bar and fake websites 

One way to collect passwords and other sensitive information is by tricking people into using fake websites which look like the real thing. For example, you might think you’re on your bank’s webpage while you’re actually on a page that has an address ending in ‘.org’ instead of the bank’s real address, which might end in ‘.com’ or ‘.fi’.

One way you can end up in that situation is if you don’t go directly to the bank’s webpage by typing it into the address bar but instead search for it via a search engine. The first result might not be the bank’s real page but something else instead. Even if the search engine gives the correct address first, you might click on one of the other results.

Problems can also arise when a browser’s address bar has been surreptitiously converted into a search bar. Some search engine companies do this to collect data for advertisers. The result is that you aren’t taken to the address you entered but instead to a list of results from the search engine. To check if this is the case, enter a specific web address and see whether you end up on that page or get a list of search results instead.

If your address bar is a search bar, try changing it into an address bar. If you can’t, then you can try using a different browser or ask someone to help remove the advertising and tracking components from your browser.

5. Remember that your device is probably listening to you

Your smartphone and computer can record and respond to speech. That’s handy because it means you can control them with voice commands. But it also means they can be used to target advertisements to you based on what you talk about.

You can check this with an easy experiment. Just start talking about a specific topic around the device – make it something that you don't normally talk about and would never look up online, like rowan seeds or the taillights of a tractor-trailer. Then keep an eye on the ads you get and see if seeds and tractor-trailers start appearing in them.

If you are being listened to, it’s unfortunately hard to do anything about it. You can try to turn off the microphones on a computer, but that’s usually difficult or impossible on a phone, especially since you need the mic to talk during calls. A smartphone is a tightly integrated device, and it’s difficult to reliably and comprehensively switch off individual functions.

You’ve probably also allowed the phone to listen to you. Nowadays, devices and software ask permission for everything, and users generally accept these requests without reading them. You might not even be able to use a device or program without agreeing to a license agreement which allows data collection to improve your ‘customer experience’.

Mikko Kiviharju's research delves into the cybersecurity of critical infrastructure

Aalto University’s new Professor of Practice Mikko Kiviharju thinks information security should be integral to organisations and not just another software product

Read more
Mikko Kiviharju käytävällä, kuva Aalto-yliopisto Matti Ahlgren
  • Published:
  • Updated:

Read more news

See all
A group of people walking past large windows in a modern building with vertical wooden slats and indoor lights.
Research & Art Published:

Funding for a democratic transition to sustainability

Three projects from Aalto University are among the recipients. The Nessling Foundation's grants aim to advance the implementation of sustainability transitions in the context of democracy, the EU, and nature conservation areas.
Siavash Khajavi wearing glasses and a light blue shirt, standing indoors with a window in the background.
Research & Art Published:

A community where personal connections and career paths intertwine

Assistant professor of operations management Siavash Khajavi explains how studying Industrial Engineering and Management helps students develop hard skills through rigorous studies and soft skills through countless interactions and collaboration.
Charging a white electric car
Research & Art Published:

Revolution in EV battery recycling: New approach sees skyrocketing gains in lithium recovery

Energy researchers have developed a safe and environmentally friendly way to recycle the batteries used in electric vehicles
Artificial intelligence models have been used in the design of the Natal Mind app and especially the cartoon-like digital therapists.
Press releases Published:

Digital doula helps mothers-to-be face the fear of childbirth

Aalto University introduces 12 new world-changing innovations at Slush. On of them is digital doula Natal Mind, a mobile app designed to support the emotional and mental journey undergone by mothers-to-be.
See all