Digital Security

“What’s cybersecurity?” My friend asked me when I showed her my “Cybersecurity for Dummies” textbook. I shrugged my shoulders, mentioning that I was new to this as well. I simply needed a way to kill some time, so I chose a random book from the library. While reading the book, I became interested in cybersecurity. I used the internet a lot, as do my fellow teenagers. As a result, I did my own research about cybersecurity and wanted to educate myself more on this skill. Thanks to this book, I delved into an ever-so-vital world that remains unknown to our youth.

What is cybersecurity?

Your personal information can’t protect itself. Companies are obligated to shield personal information from strangers online. That is the purpose of cybersecurity. According to the article “What is Cybersecurity?”, “Cybersecurity is the practice of protecting critical systems and sensitive information from digital attacks”(IBM). To protect yourself on the internet, you need to know the basics.

A rubric used to evaluate security systems is the CIA Triad. CIA stands for Confidentiality, Integrity, and Access. Certain data needs to be held confidentially. If it spreads to the wrong people, then it can, for example, tarnish an organization’s reputation. The “integrity” aspect ensures that the information kept in the system is up-to-date and accurate. Let’s take a look at Wikipedia. It seems like a credible source, except for the fact that practically any person on the internet has the ability to edit the information in the system. Lastly, access refers to the access to information. Authorized users, or people who are allowed to have the information, should be able to access it. However, unauthorized users shall not be granted permission to access information. Denying access to information is like forgetting your password to your bank account. If you don’t have it, the system will not allow you to view your personal information. These three components make up the CIA Triad.

So, how does this apply to me?

On average, the Pew Research Center has found that “97% of teens say they use the internet daily”(Atske). But, how many know the basic rules of protecting themselves online? I ran a survey on teens in my local community. Each teen was asked one simple question: “What is cybersecurity?” Out of 50 teens, over 35 gave confused looks or shrugged. Less than 75% knew the purpose of cybersecurity. This survey shows the disparity between internet users and those who know the basic ways of internet protection. As our world becomes more technologically dominant, the generations to come need to be cyber-savvy.

What kind of attacks exist?

There are many types of cyber attacks. Some are more well-known than others.

DoS

DoS, or Denial of Service, occurs when a hacker uses one computer to attack another computer. While doing this, the hacker sends an infinite amount of messages and whatnot to the “victim” (or the target computer). What happens is the victim's computer cannot withstand the traffic and crashes. An example of this is when a website is down due to overwhelming activity. In the case of a cyber attack, the hacker is blocking your access to information.

Ransomware

Ransomware is a type of malware that involves prohibiting a user’s access to information. Malware is basically software that is created to mess with systems. In order to bypass this, the hacker makes a deal with you. If you “pay” the ransom, then you can get your information back.

Impersonation

Impersonation as a cyber attack is exactly like real-life impersonation. In this case, a hacker decides to put on a digital mask. A hacker can pretend to be a website of some organization, such as Chase or Apple. In addition, a hacker can pretend to have a secure Wi-Fi connection and obtain information from the people who connect to it. Lastly, a hacker can pretend to be a person. You might receive an email from a friend or colleague. When you look at the contact, you don’t sense anything suspicious. The full name, profile picture, and address match. However, the message in the email might be suspicious. Usually, hackers will use impersonation to gain access to PII or some other vital information that they can profit from. Before you answer an email or open a link, be sure to check for validity.

Phishing

Phishing attempts occur when a hacker tries to frame a credible company/organization by sending messages or emails to their clients. In these messages, hackers ask for personal information such as credit card numbers, passwords, and more. Companies don’t have the right to ask their clients to give personal information. However, hackers mask themselves as these companies to trick clients. In conclusion, if you receive an email from your boss or your bank asking for personal information, don’t fall for it. Otherwise, you give up your personal info to dangerous hackers online.

What are the consequences?

Cyber attacks result in many different consequences. Some examples include identity theft, PII sales, and piracy.

Identity Theft

If a hacker gains information such as a username, email password, etc., that hacker can pretend to be you. The hacker will use this information to impersonate you and do certain actions that can leave long-lasting effects such as maxing out your credit card or spamming one of your mutuals on Instagram, which is the last thing you want to happen.

Selling PII on the Internet

Black hat hackers, or hackers with malicious intent, often commit cybercrime for the money. When gaining access to a user’s PII(Personal Identifiable Information), hackers are able to sell that PII for money on the dark web. Unbeknownst to you, your credit card information could be tossed around to random people on the dark web. As a result, it is crucial to be mindful of where you’re entering your PII.

Piracy

We’ve all heard of piracy before. It’s the one word that sticks out on the screen at the movie theater. Piracy refers to spreading content that isn’t yours without the of the owner. This mainly affects big companies such as Universal or Disney. A common example is filming a new movie that has just been released and posting the recording on YouTube for free viewing. For movie companies, this is a nightmare.

How can I protect myself?

Cyber threats continue to occur at fast rates. But, there are multiple ways to protect yourself on the internet. One way is to install a VPN. VPN stands for Virtual Private Network. The purpose of installing a VPN is to protect the user’s internet activity. VPNs hide which websites you visit, the information you provide to the websites, and so on. That way, hackers will not have access to your personal information online.

Another way is to complicate your passwords. I know, an easy password such as your middle name with your birthdate sounds enticing, especially when you need to come up with a password on the spot. However, hackers already know this. If you choose the easy way, you are putting yourself in a vulnerable position. It is simpler for hackers to guess your password. If you use the same password for multiple accounts, hackers are able to connect these passwords and gain access to all your accounts. To prevent this, cybersecurity professionals recommend making passwords long with random characters and numbers. This way, you can ensure that hackers will have a rougher time guessing your password than before.

Lastly, a simple way to protect yourself is by paying attention to the website you are visiting. Depending on the organization or intended use of the website, each one has a different domain name. Websites that end in domains edu, gov, or org are generally safe and reliable. Edu standards for education, and is only used for educational institutions. For example, Yale University’s home website is “Yale.edu.” Gov stands for government. U.S. Congress’s website is “congress.gov.” Org stands for organization and is used for websites of various types of organizations such as nonprofits and charity groups. The domain com stands for commercial.

Now, the website doesn’t necessarily need to be of commercial use to adopt the domain name. Com is a less restrictive domain which is why it’s widely common. Miscellaneous websites generally take on the .com domain. These websites are less reliable because, as stated before, they’re usually for commercial use, meaning they want the user to purchase something. Other times, these websites are created by unknown companies. Why would you trust an unknown group with your personal information? By identifying the domain names, you are going one step further to protect your personal information.

Takeaway

The internet has brought many advantages, but it is crucial to know the elemental rules of protecting yourself and your information online. Everyone on the internet shouldn’t be trusted, just like you avoid strangers in public. Cybersecurity aims to protect data systems and the information in these data systems. Without cybersecurity protocols, hackers would gain infinite access to personal information. In today’s world, teenagers comprise most of the percentage of internet users. To use the internet this much, you need to know the basics of protecting yourself online. It would be useful if educational institutions implemented cybersecurity lessons into school curricula. That way, it is ensured that every student has exposure to cybersecurity and online protection.

References:

• Atske, Sara. “Teens, Social Media and Technology 2022

• Pew Research Center: Internet, Science & Tech, 15 Dec.

• “What Is Cybersecurity?” IBM, www.ibm.com