CYBERSECURITY TIPS
FOR THE MILDLY PARANOID
So it looks as if the CIA could break into most smartphone or computer networks, at least according to the stolen documents released by WikiLeaks on Tuesday.
Whether you have anything to hide or not, it’s a good reminder that in a digital age, keeping your life private requires some work.
Here’s a list of things everyone should be doing already to keep their information relatively confidential, plus some for the truly paranoid.
DON’T GET PHISHED
The most common way hackers get into your devices is via phishing emails or texts. These are created to look like they’re from a friend or trusted sender and contain a link they try to trick you into clicking on. Doing so loads software onto your computer, tablet or smartphone that allows the spies or hackers in. Once there, they can install any number of programs that allow them to spy on you and steal data.
Be very careful about what emails you open and what links you click. When in doubt, don’t click on the link but instead go to the actual website it claims to be from.
TURN ON TWO- FACTOR AUTHENTICATION
This is that annoying step that comes after typing in your password. It sends a code to your smartphone or email. You input the code — the second factor in the authentication process — and you’re good to go.
While it seems like a hassle, it’s actually an extremely powerful way to keep anyone but you from getting into your accounts. They’d have to have stolen not only your ID and login but also your phone. You should turn two- factor authentication on for every app, program and device for which it’s available.
USE SECURE WEB BROWSERS
Look for websites that use the secure version of the web protocol. You can tell by looking at the URL, which should start with HTTPS rather than HTTP. It stands for Hypertext Transfer Protocol Secure and keeps malicious third parties from inserting code onto the site.
USE STRONG PASSWORDS
There are weak passwords, and then there are crazy weak passwords. Keeper, which makes password management software, says 17% of users have 123456 as their password. Put up a fight! Or sign up for a password management program that creates strong ones for you.
INSTALL A MODERN OPERATING SYSTEM
Many of the vulnerabilities detailed in the WikiLeaks documents are older and target dated systems. It’s entirely possible that the CIA has newer tools for newer programs, but we don’t know. What we do know is that the longer an operating system or program is around, the more vulnerabilities in it that are found and exploited.
INSTALL SECURITY UPDATES AND PATCHES
When you get a new phone or computer or install a new system, set it up to automatically update with security patches. If there’s no automatic update available, check periodically for anything new.
USE A SECURITY PROGRAM
There are many out there, from free ones to those you pay for. While it’s unlikely they’d keep the CIA out of your system, they’ll do a good job of keeping run- of- the- mill hackers away.
WHAT ABOUT ALEXA?
Many have noted that Amazon’s popular voice- activated digital assistant, Alexa, and the Echo speaker/ microphone it lives in are not mentioned in the WikiLeak documents. That could mean that WikiLeaks simply hasn’t gotten to the portion of the documents that talks about Alexa. It could also be that the data dump, which seems to date mostly from 2014 and 2015, is from a time when Alexa was not really on the radar as a potential security risk.
That said, Amazon told USA TODAY that Echo’s design precludes snooping. The Echo keeps less than 60 seconds of recorded sound in its storage buffer. As new sound is recorded, the old is erased.
USE ENCRYPTED MESSAGING SOFTWARE
Popular programs include Signal, Telegram and WhatsApp. The WikiLeaks documents claimed that the CIA had a program that allowed it to see what users were typing on certain phones running the Android operating system, but they hadn’t been able to break the encryption of the programs themselves.
USE A LAND LINE
There are strong legal protections, and a land line doesn’t leave a digital trail.