The following piece was contributed by Srinivasan CR, Senior Vice President, Global Product Management & Data Centre Services at Tata Communications.
The holiday season is in full swing but as you wind down for your holidays it’s important to consider the security impacts of your activity during this period. Today, there are a number of avenues that cybercriminals can take advantage of – from the rise of connected devices in your home to fraudulent activities across retail and banking channels. So, what are some of the red flags you should look out for, and the steps you can take to avoid falling foul of security breaches this time of the year?
Securing the Holiday-of-Things
Connected toys such as mini robots and smart teddies are high on kids’ wish lists this year. Unlike with smartphones and PCs that have been designed with security built-in, with toys, security is often an afterthought. The most alarming scenario is that a hacker could potentially communicate with a child through an unsecured Wi-Fi or Bluetooth-enabled toy. This could quickly escalate into something even more sinister.
As the home becomes increasingly connected, we will see more and more “things” become “devices”. Unfortunately, because things like doorbells, toys and kettles don’t hold any financially lucrative or sensitive data or information that a hacker would want to get hold of, the security standards on these devices can be lax to say the least. The problem with that is that they are still an entry point to other devices connected to your home network which do contain information that needs to be kept secure.
If you think about your home as a collection of things which connect via Wi-Fi, Bluetooth and cellular networks, then everything in your home is a potential vulnerability through which a hacker could gain access to your network. Even if your Wi-Fi connection is password-protected, if a hacker can access a toy that is connected to it, they could then infiltrate data on your devices such as smartphones, laptops and TVs. Once they have access to those devices, they could steal sensitive files, or hold your applications and data hostage, demanding a ransom from you.
Thus, the security standards of the connected toy is an issue of genuine severity for you and your family. For peace of mind, consumers should only buy consumer technology products from trusted retailers and manufacturers and ensure that they come with robust security built-in.
Staying safe when shopping online
The festive period leads to an upsurge of online activity, with consumers rushing to finish their holiday shopping and taking advantage of the January sales. However, this also leads to a surge in online criminal activity. According to a recent survey by Barclays (opens in new tab), 52 per cent of consumers said that the lure of a bargain can get in the way of checking website security credentials. With the average fraud victim losing out on an estimated £893 on average, consumers lose an estimated £1.3bn to fraud during the holiday period.
You can get ahead of retail fraudsters at Christmas by taking the time to ensure the websites they’re accessing are genuine sellers. Generally, genuine websites will have additional signs that mark them as secure, such as a “https://” address.
Another quick way to check if a website is secure or not is by looking out for the lock sign, which is a standard feature among web browsers that denote a website that has been marked as secure.
Fraudsters often replicate reputable sites and retailers to trick consumers, so it’s always worth double checking the address. Before clicking ‘confirm’ at the checkout, you should always ensure that the payment system on offer is reputable. If in doubt, contact your bank.
Security at work
Industry experts have observed that computer and phishing scams spike during the holidays. At work especially, there is seemingly a perception from employees that their work devices are fortified, impregnable machines that are completely immune to influence from the outside world. So, employees often operate under the assumption that if they click a link to a seemingly harmless and enticing holiday promotion when they have no idea who has sent it and what it will trigger on their work machine, there will be no consequences.
The reality, however, is that a malicious link from an unknown sender could infect your email application with a virus that would automatically send the file to every address in your contact list. You may have a sleepless night with people from all over the world phoning your mobile asking what the suspicious email you have sent them is and whether they should open the file or not. While this is a very tangible impact for you as a consumer, such an attack means your device is being used to infect other devices, and eventually bring the entire network to a standstill, allowing cyber-attackers to gain access to sensitive, valuable and incriminating data and extort a ransom from your company.
The key holiday takeaway for consumers is taking a more proactive view on cybersecurity this time of the year. Exercising additional vigilance this holiday season means that you won’t get caught out by cybercriminals. In today’s increasingly connected world it is more critical than ever to extend an increased awareness of cybersecurity issues in every aspect of our lives.