News

Five things everyone should know about cybersecurity

We live in a world where hackers stalk teleworkers and advertisers spy on us. You can’t protect yourself from everything, but a little effort can get you to safer waters. Mikko Kiviharju, professor of practice in cybersecurity, offers five tips for securing your data.
Illustration image of cybersecurity
Automated cloud backups offer the benefit of virus checks and versioning. That means that even if the last ten backup versions are all infected, a clean eleventh version could still be available. Photo: Aki-Pekka Sinikoski / Aalto University

Text by Antti Kivimäki

1. Make backups - both in the cloud and locally

Some cybercriminals try to break into your computer and lock away your data, demanding a ransom to unlock it. Ransomware can be hidden in a file you download and then only become active later. Backing up your data, both locally and in the cloud, prevents it from being held ransom.

Automated cloud backups offer the benefit of virus checks and versioning. That means that even if the last ten backup versions are all infected, a clean eleventh version could still be available.

It’s also worth making local backups yourself. From time to time, backup your important files and folders to an external hard drive or memory card. If you select the files and manage the transfer yourself, you’re less likely to back up something harmful. This might feel old-fashioned and be a bit inconvenient, but it offers significant additional security.

2. Use a payment method that lets you file a complaint if something goes wrong

When you buy something online, it can be a hassle to find all the terms of the transaction. Will you get your money back if the product is faulty or if it doesn't arrive? What’s the notification procedure? Where will the money be returned?

For extra security, make sure to use a payment method that gives you the right to complain about a problem and get a refund. If you’re using a combined debit/credit card, remember that the option to get refunded due to a complaint is usually only available when paying with the credit card.

In general, it’s best to avoid dubious online shops. If you find a very cheap offer on a strange site, it’s often actually a scam.

3. Hackers stalk remote workers – keep your work and home devices separate

Hackers use weak points in work-from-home systems to break into your employer’s IT systems. Many people work remotely on their personal computer, which can have their personal software and social media open alongside their employer’s programs and systems. Hackers can use vulnerabilities in the personal accounts and software used for leisure to get personal information and passwords, which they can then use to try and break into your employer’s systems.

It’s better to do remote work on a computer provided by your employer. This practice keeps the work separate and safe on a work computer, and you can use your own device for personal matters. Never use the same passwords on work systems and personal devices or software.

4. Be careful about the browser’s search bar and fake websites 

One way to collect passwords and other sensitive information is by tricking people into using fake websites which look like the real thing. For example, you might think you’re on your bank’s webpage while you’re actually on a page that has an address ending in ‘.org’ instead of the bank’s real address, which might end in ‘.com’ or ‘.fi’.

One way you can end up in that situation is if you don’t go directly to the bank’s webpage by typing it into the address bar but instead search for it via a search engine. The first result might not be the bank’s real page but something else instead. Even if the search engine gives the correct address first, you might click on one of the other results.

Problems can also arise when a browser’s address bar has been surreptitiously converted into a search bar. Some search engine companies do this to collect data for advertisers. The result is that you aren’t taken to the address you entered but instead to a list of results from the search engine. To check if this is the case, enter a specific web address and see whether you end up on that page or get a list of search results instead.

If your address bar is a search bar, try changing it into an address bar. If you can’t, then you can try using a different browser or ask someone to help remove the advertising and tracking components from your browser.

5. Remember that your device is probably listening to you

Your smartphone and computer can record and respond to speech. That’s handy because it means you can control them with voice commands. But it also means they can be used to target advertisements to you based on what you talk about.

You can check this with an easy experiment. Just start talking about a specific topic around the device – make it something that you don't normally talk about and would never look up online, like rowan seeds or the taillights of a tractor-trailer. Then keep an eye on the ads you get and see if seeds and tractor-trailers start appearing in them.

If you are being listened to, it’s unfortunately hard to do anything about it. You can try to turn off the microphones on a computer, but that’s usually difficult or impossible on a phone, especially since you need the mic to talk during calls. A smartphone is a tightly integrated device, and it’s difficult to reliably and comprehensively switch off individual functions.

You’ve probably also allowed the phone to listen to you. Nowadays, devices and software ask permission for everything, and users generally accept these requests without reading them. You might not even be able to use a device or program without agreeing to a license agreement which allows data collection to improve your ‘customer experience’.

Mikko Kiviharju's research delves into the cybersecurity of critical infrastructure

Aalto University’s new Professor of Practice Mikko Kiviharju thinks information security should be integral to organisations and not just another software product

Read more
Mikko Kiviharju käytävällä, kuva Aalto-yliopisto Matti Ahlgren
  • Published:
  • Updated:
Share
URL copied!

Read more news

ınterns
Research & Art, University Published:

Pengxin Wang: The internship was an adventure filled with incredible research, unforgettable experiences, and lifelong friendships.

Pengxin Wang’s AScI internship advanced AI research, fostered global friendships, and inspired his journey toward trustworthy AI solutions.
Radiokatu20_purkutyömaa_Pasila_Laura_Berger
Research & Art Published:

Major grant from the Kone Foundation for modern architecture research - Laura Berger's project equates building loss with biodiversity loss

Aalto University postdoctoral researcher Laura Berger and her team have been awarded a 541 400 euro grant from the Kone Foundation to study the effects of building loss on society and the environment.
Three happy students. Photo: Unto Rautio
Research & Art Published:

14 projects selected for seed funding to boost collaboration between Aalto, KU Leuven, and University of Helsinki

The funded projects lay the groundwork for future joint research endeavors, reinforcing the strategic partnership’s goal to fostering impactful and interdisciplinary collaboration.
Two people, one in a maroon sweater indoors, the other in a white shirt outdoors.
Appointments, Research & Art Published:

Two new assistant professors started at the Department of Electronics and Nanotechnology

Two new assistant professors were appointed in the Department of Electronics and Nanotechnology at Aalto University's School of Electrical Engineering. Read the interview with Kim Kwantae and Paul Verrinder.