BylinesCloud SecurityCyber Crime & ForensicCyber SafetyThreat Detection & Defense

Simple Steps to Stay Safe in the Cyberspace

By Christopher Budd, Director of Sophos X-Ops

Stay Safe in the CyberspaceAs we hit the middle of Cybersecurity Awareness Month, it’s important for Malaysians to stay vigilant about online security. Cybercrime is on the rise in Malaysia affecting businesses, individuals, and even critical infrastructure, which is underscores the need for stronger online security measures for businesses and individuals. It’s crucial to be proactive in safeguarding your own safety online so here are some important tips to help you stay secure:

Cybersecurity Pro Tips:

  • Face Scans and Fingerprints are Safer Than Passcodes: Use features like Face ID or fingerprint scans for your devices as much as possible. These are safer than passcodes and devices have good built-in protections for this sensitive information.
  • Use Multi-Factor Authentication: Use multi-factor authentication (MFA) whenever possible. This gives an important extra layer of security that makes it harder for cybercriminals to access your accounts. If you can’t use something more secure like secure authenticator applications or physical hardware security keys, use your phone number — it’s safer than using nothing. If you use MFA for only one thing, use it for your email: that’s what attackers want the most.
  • Think Before You Share Publicly: Think twice before sharing any information publicly–cybercriminals can use it to access your accounts or to convince someone that they’re you.
    • Think about those cute surveys on Facebook with questions about your first car, city you were born in: these are the same kinds of info cybercriminals can use to pretend they’re you and log into and take over your accounts.
  • You Don’t Always Need (to keep) the App: Don’t feel pressured to download an app every time: you can often use the service’s website just as well. Apps collect much more data than websites, including your location, your contact list and other info you might not want to share. If you do download an app, think about deleting it when you’re done using it: you can always reinstall it next time you need it.
  • Beware of Apps You Get Outside of the Big-Name App Stores: Apps from app stores and websites that aren’t the official big names ones like Google Play, Apple’s App Store, Samsung’s Galaxy Store can be very risky. The official stores have security and privacy standards that can identify malicious activity. Always stick to official sources for downloading apps or, if they’re not on the official app stores, download the app from the developer’s official website or use the app’s web version.
  • Be On Your Guard for Unexpected Emails and Text Messages: Phishing continues to be one of the most effective tactics cybercriminals use to compromise consumers. If you get an unexpected email or text message, ignore it or at least don’t interact with it (don’t open attachments, don’t click on links). If you think it might be legitimate, reach out directly to who you think sent it and check with them.
  • Question Urgency in Emails and Calls: Cybercriminals use urgency to get you to let your guard down and make bad decisions. If someone contacts you saying they’re from a trusted organisation like the IRS, police or your bank and need you to take action quickly or something bad will happen, stop and question it. Go to the trusted source like the number on the back of your credit card to independently validate the request.
  • Practice Good Password Security: Every account should have its own unique complex password. A strong password is at least 12 characters long with a mix of numbers, upper- and lower-case letters, and punctuation characters. Passwords should not be based on any personal information, and the best ones use a phrase rather than single words. If these passwords are too tough to juggle, try a password manager to stay organised.
  • Keep Everything Updated and Run Security Tools. Make sure all your apps and devices are always fully updated. Be sure to have some sort of security software on all of your phones and computers (even if you have a Mac).
  • Get Rid of End-of-Life Devices and Software: Everything from operating systems to services to Wi-Fi routers “go stale” and must be replaced eventually. For example, it might surprise you, but your internet router is typically only supported with patches and updates for a few years after you get it. Attackers love out-of-date devices. When something is “out of support” it’s stale: get rid of it and replace it with something fresh.
  • Back Up Your Data: While ransomware groups are mostly after businesses that can pay higher ransoms, they still go after people at home. It’s still important to have your data backed up so that you don’t have to consider paying a ransom.

Put Your Mind at Ease Regarding These Cybersecurity Concerns

Part of staying secure requires being able to filter out the noise and prioritise the security actions that matter. Here are things not to worry about. Focus your energy on real risks, not exaggerated threats.

  • Public Wi-Fi is Safer Than You Think: Contrary to outdated advice, public Wi-Fi is generally safe due to encryption used by most websites and apps. Use it freely at airports or coffee shops, but avoid sensitive activities.
  • Beware of Fearmongering Around New Tech Features: Not every new technology is as risky as it’s made out to be. For example, Apple’s NameDrop feature is generally safe and requires specific conditions to function. However, if you’re concerned, you can easily turn it off in settings.
  • Stop Stressing Over Public Chargers: The risk of “juice jacking” (data theft from public chargers) is extremely low. Don’t worry about using public phone chargers — just focus on real, more prevalent threats.

Christopher Budd

Director of Sophos X-Ops - Christopher Budd has worked in cybersecurity for 20 years and is currently leading the Sophos X-Ops team - a cross-operational unit linking SophosLabs, Sophos SecOps and Sophos AI to help organizations better defend against constantly changing and increasingly complex cyberattacks. Before joining Sophos in 2022, Christopher has worked for several well-known cybersecurity and IT organizations including Microsoft, F5, Trend Micro, Palo Alto Networks, and Avast to build and lead communications programs around threat research, thought leadership and incident response. Christopher is a widely published author, experienced presenter and media spokesperson having done many interviews for print, radio, and television for media outlets all over the world.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *