CYBERSECURITY: COMMUNITY
2016
KEEP AN EYE OUT
What are your kids doing on the internet?
RICA:
What’s the point?
MOVING SOUTH AFRICA TO A HIGHER LEVEL OF INTERNET SAFETY Department Of Telecommunications & Postal Services
MOVING SOUTH AFRICA TO A HIGHER LEVEL OF INTERNET SAFETY
Department Of Telecommunications & Postal Services CyberSecurity Campaign
MOVING SOUTH AFRICA TO A HIGHER LEVEL OF INTERNET SAFETY
CONTENTS 02 SA’S STRONGEST LINE OF DEFENCE against cybercrime 04 DON’T BE A VICTIM at the ATM 06 GONE IN SECONDS: The perils of card skimming and cloning 07 CONFESSIONS of an online shopper 08 WHAT IS AN eWALLET and how do you use it? 10 LOOK NO FURTHER than Look 4 Me 11 WHY DO WE RICA? 12 IF SOCIAL MEDIA IS MAD AT YOU, you’re doing it wrong
16 E-IDENTITY Keep it a secret 17 USE SOCIAL MEDIA TO FIGHT crime in your neighbourhood 18 KEEP YOUR BUSINESS SAFE from prying eyes 20 SURF safe 22 PROTECT YOUR BUSINESS online 24 SAVE YOUR MEMORIES from disaster 25 AVOID BEING A VICTIM of hacking
Editor Malaika Mahlatsi Art Director Ashley van der Merwe ashley@creativeboost.co.za 073 935 0056 Advertising Sales Tokologo Phetla commodore@thecommodoremedia.com 073 684 8874 Contact Information Physical address: 39 Rivonia Road Building 4, Commerce Square Sandhurst, 2196 (011) 268 0179 / (073) 684 8874 www.thecommodoremedia.com
14 CUPID WOULDN’T ask you for money 15 STRANGER DANGER police your child online
Printed by Paarl Media
2016
1
CYBERSECURITY AWARENESS
14 WAYS TO LIVE A SAFER LIFE ONLINE Are you being careful while surfing the net? Have you locked down your devices so no one can access it but you? Here are some crucial tips to make you less vulnerable.
C
yber criminals are not just targeting your personal desktop computer anymore. They can cunningly gain access to your phone, tablet or laptop. If they can do that they can get access to your pocket or your personal material. 1. K eep your system, browsers, applications and security software patched and updated. An out of date browser is always vulnerable to viruses and hackers. Antivirus software is plentiful online but be sure to choose a good one. The good ones are worth paying for. 2. L ock your cellphone, tablet and PC when they’re not in use. Most devices have an option to set a password or even a fingerprint pass to unlock. Do yourself a favour and do this. You’ll save yourself a world of trouble. Just don’t forget your password. 3. Use unique, complex passwords for all of your most important 2
2016
accounts. The best passwords contain capital letters, numbers and symbols. 4. Keep your e-mail inbox organised. If you are able to spot spam or suspicious e-mails that’s half the battle won. A crowded inbox is the hiding place of many scoundrels. 5. Use official app stores to find new software for your mobile devices. There’s an app for everything, but be sure to download them from a reputable source. Do your research and find out as much about the company as possible. Some apps are designed to spy on your device and you don’t want that. Check the reviews on any app before you install it and look at your app’s permissions to see what you’re sharing. 6. There’s no such thing as “private” on a social network. Your friends can share whatever you post. Think twice before
bearing your heart on these accounts. It may come back to haunt you. 7. U se a VPN when connecting through an unsecured WiFi. It is the safest form of connectivity. 8. A re you sharing your location without even realising it? Your photos and your social media accounts may be announcing where you are to strangers. Check your settings. 9. S et up a separate, Java-free browser dedicated just for shopping and banking. This way there is less chance of hacking or tracking online. 10. A lways check your URLS before filling out a form. A padlock and https means the site is secured, and that you’re where you’re supposed to be. 11. D elete old WiFi access points that you’ve used and don’t allow your device to automatically connect to public WiFi.
CYBERSECURITY AWARENESS
12. C heck the credit card you use for online shopping regularly for unusual activity. As a matter of principle, even if you don’t shop online you should be doing this.
13. When using a business’s WiFi network, check that the network you log onto is really theirs, and not a shady character trying to con you.
14. P ut masking tape over your webcam when you’re not using it. A smart hacker can infiltrate your computer and use the camera to spy on you. 2015
3
CYBERSECURITY AWARENESS
DON’T BE A VICTIM AT THE ATM We’ve all heard the stories of people being robbed at gunpoint or tricked into handing over their PIN number at the ATM. Follow these easy steps to avoid being a statistic.
T
he South African Banking Risk Information Centre (Sabric) has encouraged banking customers to be vigilant and safe when using ATMs. Card skimming is when a card reader is used to copy encoded information from the magnetic strip of your card. The data is then used for encoding counterfeit, lost or stolen cards to transact fraudulently. In card swopping the victim is distracted while using a card. While the victim is distracted, the criminal swops the victim’s card with another.
plastic and the card will come out of the machine with it,” explained Pillay. This was usually accompanied by shoulder surfing to steal PINs.
“We would like to encourage ATM users to ensure that the hand that types in the PIN number is always covered so that nobody can see what you are typing,” said Pillay.
“A huge number of South Africans rely on the ATMs to withdraw money,” said Kalyani Pillay, Chief Executive Officer of SABRIC. “However, the increased usage of ATMs has also resulted in criminals devising various scams such as card skimming, swopping and the trapping of cards inside ATMs.”
By doing this customers ensured that the criminals did not have the PIN to conduct further transactions. Pillay also warned stokvels members withdrawing their annual savings to be on guard. Members must ask that their payouts be made electronically to their personal accounts, as opposed to withdrawing the club’s savings and distributing it manually, she said.
Another method used is that of trapping cards in ATMs. In this case, criminals insert hard plastic into the card slot which results in the victim’s card being trapped in the ATM machine.
“In order to get the PIN, criminals look over the shoulder of a victim typing in a PIN on a keypad and memorise it.”
If a cash payout was the only option, Pillay advised stokvels to refrain from making withdrawals on “high-risk days”, such as the Monday after payday.
“The victim usually thinks that the card has been swallowed by the machine. When the victim leaves the ATM, the criminal will dislodge the
Through its own research SABRIC has found that most bank customers do not shield their PINs when at the ATM.
She also suggested that the person making the withdrawal be accompanied by another club member.
4
2016
CYBERSECURITY AWARENESS
This month stokvel member Jabulani Mdlalose, 56, was robbed of R140 000 as he left a bank in Pietermaritzburg. He was attacked after withdrawing the club’s savings and stepping into the street. Here are some ATM safety tips: • If you think the ATM is faulty, cancel the transaction
immediately. Report the fault to your bank and transact at another ATM. • Be cautious of strangers offering to help as they could be trying to distract you in order to get your card or PIN. • Choose familiar and well-lit ATMs where you are visible and safe. Report any concerns regarding
the ATM to the bank. Toll-free numbers are displayed on all ATMs. • If your card is swallowed, do not leave the ATM before you have cancelled your card by calling your bank’s call centre. • Save your bank’s call centre number on your phone so that you have it handy in case you need it. 2015
5
CYBERSECURITY AWARENESS
CYBERSECURITY AT THE ATM
The world uses mobile devices now more than ever before to perform every day tasks like banking, business and socialising. So it stands to reason that criminals and trolls are just as active online. The need to protect yourself and your belongings while browsing the world wide web is now more critical than ever.
T
here are more cellphones than people in South Africa. We use mobile devices for sensitive activities, including banking, online shopping and social networking. Some of these activities require users to provide personal information such as their names, account numbers, addresses, e-mail addresses and passwords. Moreover, apps routinely ask for access to information stored on the device, including location information. In addition, the use of unsecured, public Wi-Fi hotspots has increased dramatically over the past few years. These networks are accessible on airplanes, in coffee shops, shopping malls and at sporting events. While continued access provides us with more flexibility and convenience to stay connected no matter where we are, it can also make us more susceptible to exposure. The more we travel and access the internet on the go, the more risks we face on our mobile devices. No one is exempt from the threat of cyber crime, at home or on the go, but you can follow these 6
2016
simple tips to stay safe online when connecting to the internet from a mobile device: • Think Before You Connect Before you connect to any public Wi-Fi hotspot like on an airplane or in an airport, hotel, train/bus station or café be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. Using your mobile network connection is generally more secure than using a public Wi-Fi network. • Guard Your Mobile Device - In order to prevent theft, unauthorised access and loss of sensitive information, never leave your mobile devices–including any USB or external storage devices– unattended in a public place. While on travel, if you plan on leaving any devices in your hotel room, be sure those items are appropriately secured. • Keep It Locked - The United States Computer Emergency Readiness Team (US-CERT) recommends locking your device when you are not using it. Even if you only
step away for a few minutes, that is enough time for someone to steal or destroy your information. Use strong PINs and passwords to prevent others from accessing your device. • Update Your Mobile Software Treat your mobile device like your home or work computer. Keep your operating system software and apps updated, which will improve your device’s ability to defend against malware. • Only Connect to the Internet if Needed - Disconnect your device from the Internet when you aren’t using it and make sure your device isn’t programmed to automatically connect to Wi-Fi. The likelihood that attackers will target you becomes much higher if your device is always connected. • Know Your Apps - Be sure to thoroughly review the details and specifications of an application before you download it. Be aware that the app may request that you share your personal information and permissions. Delete any apps that you are not using to increase your security.
CYBERSECURITY AWARENESS
CONFESSIONS OF AN ONLINE SHOPPER
Shopaholics are not only seen walking in the malls with mountains of bags in their trolley. They now sit in front of their computers and hop between shopping sites.
I
t always starts off with something small, a sale item from Zando or a phone cover from Takealot.com but what it leads to could leave you broke and homeless. Interviewing an online shopaholic called Thembi, she repeatedly said that her credit card was the devil and that the sooner she closed her account, the better she slept at night. Thembi, 24, a marketing executive, lives a comfortable life. She desperately needed a pair of shoes for an event she was attending hence her account with a reputable online clothing store. When she received the shoes, just 24 hours later at a bargain price, she realised it might have been her best purchase yet. So began her downward spiral into the world of online shopping. At one point Thembi admits to buying a leopard print top, jumpsuit and matching shoes. It was only when her purchase was delivered did she realise that there was a
pattern, not just the leopard print, but a theme in which she was shopping. When she received her credit card bill with purchases ofclose to R20 000 in one month, she almost had a heart attack. That is when she realised that she needed help. Upon speaking to a psychologist it was revealed that her shopping was compensating for a bad relationship that she had recently walked out off. Her need to spoil herself came from her need to feel good and in control again. Online shopping was made to make life easier for people who just don’t have enough hours in the day to go shopping but it is also cleverly meant to part you and your hard earned cash. A good way of explaining why people spend so much online has to do with not physically parting with your money. When you hand over money you feel the loss and question the purchase. When you are not physically handing over money you don’t feel that loss so spending is made much easier.
You also need to be aware of unsafe sites that request your credit card details. Your bank has strategic plans in place to make sure you are not a victim to online theft. Make sure that you are aware of what you need to do and contact your bank immediately if you are unsure. Never use an unsafe internet line to make online purchases and always make sure you are buying from a reputable company.
SHOPPING SAFETY TIPS: • Your bank card must never leave your sight. • Most restaurants and shops have portable card swipe machines. • E nsure that your card is not swapped for another card after paying. • U se cash instead of your card if you have any suspicions. • M onitor your bank statements for any unusual transactions.
2016
7
CYBERSECURITY AWARENESS
PROTECTION FROM CYBER CRIMINALS
ON SOCIAL MEDIA Now more than ever, consumers spend increasing amounts of time on the internet. With every social media account you sign up for, every picture you post and status you update, you are sharing information about yourself with these social media companies and the world.
H
ow can you make sure you and your information stay safe online? Navigating security features and the pitfalls of the online world can be a bit daunting but it needn’t be. Facebook has become an integral part of many people’s daily lives. It allows us to stay in touch with friends and relatives irrespective of where we live. Unfortunately, using Facebook can also expose us to various risks. Never add unnecessary personal details to your profile. Identity theft is one of the biggest problems of the digital age. Never provide any personals details you do not absolutely “have to” on any online forum. If you “have to” add your birthdate, at least do not share the year in which you were born.
8
2016
Use a strong password A good password should contain UPPER and lower case alphabetic characters, numbers, and some special characters. Try using the first letter of every word in a sentence combined with a few “twists” like using the last word in full. For example: My name is Bob and I like to eat = MniBaIl2e@t. Configure privacy settings Do not leave the privacy settings for Facebook set to the default options, rather configure it to disclose as little about you as possible. Never allow people to “tag” you in photos without your approval. Accept only real friends and family as facebook contacts If a business associate wants to connect with you, rather invite
them to link to your Linked-In account. Don’t USE derogatory remarks Many prospective employers nowadays look at your Facebook history to help judge your character. Make sure your history reflects how you would like the world to see you. Don’t tell the world where you are Everything you post on Facebook should be considered public knowledge. Do you really want the thieves who are online to know when you are not at home? Beware of Apps Many Facebook apps share your information with third parties. Only allow access to your information to sources you are sure you can trust.
CYBERSECURITY AWARENESS
9
2016
CYBERSECURITY AWARENESS
DETECT AND REMOVE A COMPUTER VIRUS Viruses lurk everywhere in cyberspace waiting to attach itself to vulnerable machines and cause havoc with your life.
A
ntivirus software is nonnegotiable if you’re using a Windows operating system. Computer viruses are always looking for a way into your devices. It’s what they are made to do. Needless to say there are several different anti-virus programmes available – some free and others for sale. Free versions are sometimes limited in capability compared to the commercial products. Most antivirus programs will alert you whenever it detects a virus or malware. Write down the names of each malware application your software discovers. It will then try to remove or isolate the intruder for you. This is much easier than removing malware on your own. When a virus or malware is removed, shut down your computer, reboot and run the antivirus software again. If no viruses are detected then you are in the clear. 10
2016
File infector is probably one of the most notorious viruses in cyberspace. It can easily infect any file on your machine. Of all computer viruses this is the one that can cause the most damage. This virus can replicate the malicious code and attack other applications. Files with an .EXE and .COM extension are prone to this virus but any file is at risk. If you want to keep your important documents safe and confidential you must know how to detect a virus and remove it swiftly. You must first know what to look out for and you must have the software that can cope with the virus. If your computer is behaving strangely like resetting itself or shutting down unexpectedly, chances are it has a virus. If you suddenly notice shortcuts or programmes you hadn’t intentionally installed, almost
certainly your computer is infected. Detecting a virus manually before it infects your computer is virtually impossible so invest in good antivirus software. Remember to update it regularly. For extra protection you may want to consider a firewall service. It will intercept threats that come via the Internet or another source that has access to your PC.
CYBERSECURITY AWARENESS
ONLINE GROOMING: DON’T BE PREYED UPON The internet is an exciting place for young minds, but right in front of you are predators looking for their next victim.
C
ellphones are readily available. As a teenager your parents trust that you will use the device responsibly but in doing so you open yourself up to a world of possibilities, and trouble, every time you log onto the internet. We are all curious about chat sites and how they operate. At a teenage level all you might be looking for is someone to intrigue you. What you might find however is someone who is grooming you to engage in sexual activities. Grooming is a real threat and recent studies show that the first contact is generally made online via cellphones. The term grooming, or child grooming refers to befriending and establishing a relationship with a child and their family in order to gain their trust and later use them in sexual activities, prostitution and worst of all to traffic them as child sex slaves.
The groomer usually trolls the internet to find their victims; teens and children who have little supervision online are their ideal targets. They engage in conversation and become best friends very quickly. In some cases they will later try to befriend the child’s parents in order for the parents to trust their child with them. As the relationship grows, the groomer begins showing the child pornography in order to ease the child into the game. This is called normalising the behaviour. Once it is not repulsive to the child it becomes easier to engage the child in sexual behaviour. According to a study released by the Youth Research Unit (YRU) of the Bureau of Market Research (BMR) at the University of SA recently, about 31.4% of secondary school children surveyed in Gauteng have come across people who have tried to get them to talk online about sex against their will, 22.8% were asked online to
perform sexual acts and 59.6% photographed and sent pictures of themselves naked or seminaked. Those are shocking statistics surveyed over 1 500 secondary pupils in Gauteng. More shocking is that only 31.8% who experienced online sexual grooming actually reported the incident. It is a sick depraved world we live in and a single tap of a button can get you into so much of trouble. Be careful when you see an unfamiliar link, do not pay attention to people who are trying to engage with you on sexual conversations. And if you are a victim, do not feel alone, there are thousands of people who have gone through this experience. Report the incident. If victims do not speak up the chances are greater that more unsuspecting, younger children, will fall prey to these predators. 2015
11
CYBERSECURITY AWARENESS
IF SOCIAL MEDIA IS MAD AT YOU, YOU’RE DOING IT WRONG We have new and exciting ways to connect with people all over the world, but if we’re not reponsible the tide could turn very quickly.
SO BE VERY VERY CAREFFUL
T
that e-mail to link into Facebook, Twitter and Instagram. Each social networking site has their advantages and their market.
It is as simple as signing up for an e-mail address and then using
Twitter engages with people on current issues, instant information and news 24/7. On Facebook you can connect with old friends, colleagues and family across the globe. It is a more social environment and it is always great to find someone you have not spoken to in a long time. Or that long lost family relative who you have not seen since you were a child. Instagram
here is no age linked to social media. In fact, the older you are the more interesting it is to engage with people from all over the world on topics of interest. Yes, there are the twitter trolls who make you wish you had never signed up or the selfie craze that makes you want to pull your hair out but think about how small the world has become now that no one is out of reach. Even the Queen of England has a twitter account.
12
2016
is a picture diary site. People who love to take beautiful pictures or celebrities who make you wish you had their fancy clothes are the types you can expect to find on there. It is always intriguing to live the life of a socialite for a few minutes, see the world through their fashion fogged eyes. With social networking comes extreme caution. You have to be responsible about the things that you post on any networking site. The world has evolved to a
CYBERSECURITY AWARENESS
more tolerant place but being racist, sexist or homophobic is not behaviour you ever want to display on these sites. The world could end up hating you for saying one silly thing without even getting to know who you really are. • K eep your passwords safe, choose ones that are not easily guessed. The last thing you need is to be hacked by someone who posts nasty messages or pictures. • Do not engage with strangers. Making friends is not what it
used to be. You never really know a person on a social network. They could be using a false profile or scamming you so be aware at all times. If someone makes you uncomfortable just unfriend them, it’s as easy as that. • Never give anyone who does not know you any personal information. If you do, you can expect accounts to be opened in your name or your bank account to be cleared soon. • Social networking also has etiquette, don’t be a bully or a
know-it-all. Don’t tell people your location all the time and never say when you are going away on holiday because your home becomes a target. • I t is easy to enjoy the fruits of socialising online but if you are not careful with your personal information it could turn into a nightmare very quickly. • And lastly never post risky pictures of yourself. The internet never forgets and before you know it, that picture would have reached your close family members. 2015
13
CYBERSECURITY AWARENESS
CUPID WOULDN’T ASK YOU FOR MONEY Online dating has been with us since the internet, but the dangers and the number of scammers has increased to no end.
F
inding love online seems strange to some but to many others who have met their life partners on a dating site, the concept is not so far fetched. Being lonely must be one of the saddest emotions a person can experience. Everyone wants to be a part of something bigger, better, feel love and give love. Dating and matchmaking websites promise to alleviate the burden of trying to find someone by yourself. They promise to find you the perfect someone to fill your lonely hours. When you first start chatting to strangers on these websites it doesn’t come naturally and conversations seemed forced. But then you get into the swing of things and your conversations become more interesting, so do a few matches online. According to research, online dating scammers know exactly who their target market is. If you are in your 40’s, divorced, widowed or disabled you are
14
2016
more likely to be targeted in an online dating scam. Initially you may be contacted by someone who seems very interested in you. They tell you that you have intrigued them and will compliment you until you are putty in their hands. They might even send you chocolates, airtime or flowers to win you over. The conversation can continue back and forth for months before they ask you for money. They will appeal to your bleeding heart to send them money to get out of a tough spot. This is when all communication should end. But instead most people transfer the money without a second thought. This is how scammers make millions of rands in a short space of time. Just last year a scammer was traced to Cape Town, he had defrauded women out of R5million since 2011.
Over the years the Hawks have investigated scores of cases where vulnerable women have been scammed out of their life savings after trusting strangers. With online activity being so easy and immediate almost anything can happen.
IF YOU ARE DATING ONLINE MAKE SURE YOU: 1. N ever give out your personal information, ID number, address, telephone number or place of work. 2. N ever be forced offline to a personal e-mail conversation, this is how scammers operate. 3. D on’t be fooled by someone who immediately confesses their undying love to you. 4. N ever give anyone money online, it is not ok to ask for money and neither is it ok to hand it over to strangers.
CYBERSECURITY AWARENESS
STRANGER DANGER POLICE YOUR CHILD ONLINE Society’s most vulnerable members in the physical world are also targets in cyberspace. Children as young as five years old have access to the internet, and are exposed to all its pitfalls.
A
s a parent you need to make sure your parenting skills extend to cyberspace. Get to know your child’s online habits: the sites they visit, the people they chat to and the material they are looking at.
THERE ARE SITES THAT: • Explain how to grow and process narcotics • Advocate hate or anarchy • Sell stolen goods • Elicit personal info for illegal purposes • Offer “get rich quick” schemes Almost any search of the internet can display content that is unsuitable for young minds, but how are you expected to watch over their shoulder all day? There are products for sale that can help you track your child’s online behaviour. You can find them at most computer stores. But there is no substitute for good parenting so get involved in your child’s life online as well.
HERE ARE SOME GUIDELINES TO PROTECTING YOUR CHILD IN CYBERSPACE: 1. Place your computer in a common area of the house Do not let your child be in his or her room on the internet. A parent in the room changes a child’s behaviour. 2. Educate yourself about computers and the internet Take a basic computer class or buy a book about the internet. 3. Spend time with your children online Ask your child how he or she uses the internet and get them to show you their favorite destinations. 4. Reinforce the golden rule: “Don’t talk to strangers” Tell your children what they are told online may, or may not, be true. Their “friends” online are still strangers in the real world. 5. Put accounts in your name and know your child’s passwords The internet account and primary screen name should be in your name, not your child’s names. 6. Do not let your child give out any personal information on the internet They must know that even naming a friend, shopping mall or community event could give away their identities. 7. Do not let your child download or upload pictures without your permission Predators will often send photographs or visuals to children as part of a grooming process to gain trust. 8. Use parental controls and filtering software tools Most ISP’s have parental controls - use them. 9. Review the browser history or logs of your computer Sometimes, you can trace where your child has been on the internet by checking different areas of your computer. Check such files as cookies, temp history, internet history or cache files, you can see what your children have been doing online. 2015
15
CYBERSECURITY AWARENESS
E-IDENTITY
KEEP IT A SECRET Prevent the unauthorized entry to acquire your personal information to commit an unlawful act.
U
sers should ensure that their Credentials (User Password) are kept secret at all times. This is to prevent unauthorized entry to acquire a user’s personal information to commit an unlawful act. • Take time to understand the risks and learn how to spot potential problems • Watch out for warning signs and contemplate how your actions could impact your safety, your kids or family • Enjoy access to internet with all that it is about to offer THE FOLLOWING PASSWORD’S SHOULD BE KEPT SAFE: Computer Password (Local machine, Active Directory); Social Network Account Password (Facebook, Skype, 16
2016
Instagram, Tweeter, Youtube etc); Online e-mail Services Accounts (Gmail, Yahoo, Telkom,
etc); e-commerce Account Passwords (Online Banking, iTunes, Amazon, etc)
CRIME IN YOUR NEIGHBOURHOOD Social media has brought people and communities together, and now it is being used to ward off crime in a big way.
C
ommunity members are using WhatsApp messenger to communicate with each other and their respective Community Policing Forums about criminal activity or sending general notices. The instant messaging subscription service allows subscribers to send text messages, video, pictures and audio. And what’s great about it is you can chat to a whole group of people at once. You can send a warning instantly to everyone on your group chat. Recently a crime watch WhatsApp group in Roodepoort posted a message about a schoolboy who had not come home from school. The child was expected home early in the afternoon and he had not arrived. Then a message was received that one of the Douglasdale Neighbourhood Watch cars had spotted the boy on the bridge in Jukskei Park. Minutes later
everyone assembled at the bridge where the boy was found.
minutes of the problem being reported.
“The power of social media is amazing. Never have I seen so many people springing to action in the community and I believe it is because of the ease of communication via WhatsApp,” Sean Gouws a member of Sector 1 Neighbourhood Watch told the Roodepoort Northsider.
The immediacy of communication is what makes the platform so effective. Suddenly everyone’s phone becomes a walkie talkie and the more communities communicate the better they are able to fight crime.
Because of the power of WhatsApp the boy was found within 20
Find out if there is a crime watch WhatsApp group in your area. All you need to get WhatsApp is have a smartphone and download the software from the app store. 2015
17
CYBERSECURITY AWARENESS
USE SOCIAL MEDIA TO FIGHT
CYBERSECURITY AWARENESS
KEEP YOUR BUSINESS SAFE FROM PRYING EYES Protection from hackers and other criminal minds in cyberspace has never been more critical, even if you are a small business owner.
O
ver the past five years the corporate world has been jittery about it’s online security. It’s not difficult to see why.
Hackers like Anonymous and LulzSec are becoming more aggressive and even companies like CitiGroup and Google have been infiltrated.
The amount of data and assets floating in cyberspace is mind boggling and in the wrong hands sensitive information could bring down countless companies and even countries.
These large corporations spend millions of dollars and rands protecting their assets, but what if you’re a small business owner just making ends meet and little budget for a fancy protective system?
18
2016
The good news is that your business is small. Hackers generally go for the big guns. But the bad news is that should you ever be attacked your business could be irreparably damaged. The industry estimates that around 73% of enterprises have come under some sort of cyber attack.
CYBERSECURITY AWARENESS
FORTUNATELY THERE ARE SOME SIMPLE AND CRITICAL STEPS TO FOLLOW TO SECURE YOUR BUSINESS: 1. Establish secure passwords This is the easiest way to start securing your network. Try to include a combination of characters, symbols, capital letters and numbers. DON’T USE: • any personal data (such as your birth date) • common words spelt backwards • sequences of characters or numbers, or those that are close together on the keyboard. Change your password every 90 days. 2. Put up a strong firewall Firewalls controls internet traffic flowing in and out of your network. If you have a network, a firewall is a must. 3. Install antivirus protection Another essential if you own a device that connects to the internet. 4. Update your programmes regularly Always maintain your programmes to prevent them from being vulnerable to viruses or hackers. It’s good practice, like servicing your car. 5. Secure your laptops Set a strong password or even encrypt your software so it can’t be read without a password. 6. Secure your mobile phones Phones are so advanced these days and hold so much information that they’re as valuable as computers. And how often do people lose their phones? 7. Backup regularly Schedule regular backups for your computer. Do a complete backup every week and shorter backups every few days.
2016
19
CYBERSECURITY AWARENESS
SURF SAFE If you are transparent about your internet activities it is more likely that your parents will allow you to use the it more often.
W
ith the number of sexual predators and negative incidents that happen online it is very important for parents to police their children’s internet use. Responsible use of the web can help with homework and even allow you to connect with penpals from across the globe but don’t be fooled, the internet can be a big bad place if you are young an impressionable. Use these tips to make sure you and your parents are protected and aware of what it happening online: DO NOT REPLY TO RUDE OR NASTY COMMENTS. • Immediately tell an adult if you feel uncomfortable or worried online. • If someone is being mean or nasty on MSN – block them. • Have your computer in a common area of the house NOT IN THE BEDROOM! • Do not have a ‘flirty’ or ‘nasty’ log on name. • Help your parents to learn about the internet. Teach your parents the language of the cyberspace. • Let your parents know where you go online, just as you would in
20
2016
real life. • Ask your parents to spend time online with you - learn and explore together • Make sure that there are filters and other monitoring/blocking software to minimise dangers. • Together with mum or dad, set house rules about what information you can put onto websites or share with others. • Never ever share PERSONAL INFORMATION such as your name, address, phone number or school! • Social Networking profiles such as MySpace, Facebook and Bebo MUST BE SET TO PRIVATE. • MSN contacts and social networking site friends should be people that you know in real life. This is one way to reduce possible risks. • An ‘online friend’ that you don’t know in real life is a STRANGER. • Passwords MUST NOT BE SHARED!!!!! Choose passwords that others can’t guess…..not your favourite food or pets name. • Change passwords 4 times per year (last day of every term) • Be aware that information on the internet is not always reliable.
• Your parents should check your hotmail/msn/social networking lists. • If you are playing games online, YOUR parents should know how to play the game too in case of problems. Play online games together. • Learn about search engines and how they work. • The internet and the various applications are a lot of fun.. surf safely together with your parents! Please note that this list is by no means exhaustive and that there is no guarantee that adherence to these tips will provide 100% protection or safety for those using the various applications of the internet. For more information visit www.cybersecurityhub.gov. za or contact us on incident@ cybersecurityhub.co.za FOR MORE INFORMATION VISIT www.cybersecurityhub.gov.za or contact us on incident@cybersecurityhub.co.za
In order to combat computer viruses you need to know the tell tale signs, and what to do about it.
information or destroy all information on your computer.
Spyware: software that literally spies on your computer and your activities. A cyber spy can get hold of your banking details, credit card information or just about any other personal information from your PC.
Scareware: This looks like and acts like anti-virus software, it will coax you into believing that your computer is at risk and you need to click on the link to download a fake security solution. When you download the software it manifests as spyware.
Viruses: This is software that disables your computer. It can change information, add
Botnets: These are responsible for sending spam e-mails and other illegal e-mails.
Adware: The popup advertisements when you are surfing the internet are called adware.
HOW TO SECURE YOUR WIRELESS FACILITY An unsecured wifi is an invitation to a hacker to gain access to your network. Just as you close your windows and doors to strangers to prevent an intrusion, it is as important to prevent hackers and the like from infiltrating your computer through your wifi network. KEEPING YOUR ROUTER OR MODEM SAFE IS CRITICAL TO YOUR COMPUTER’S WELLBEING. These six tips can help you be safer: Always change passwords: Manufacturers place a setup code on your device so you can maneuver easily through the initial process. The default login is very easy to guess so make sure that as soon as you are setup you change all codes and pins. Set up firewalls on your router and computer: Routers generally have firewalls that are built into them, make sure they are active. Also enable the firewalls on all computers connected to the router. Keep your access point away from the window: It is always
a better idea to keep your access point towards the centre of the house rather than near a window. If the access point is near the window it is easy for outsiders to access your network. Turn off your wireless when not in use: If you are not going to be using your wifi for an extended period of time then turn it off. You are less likely to be hacked if your wifi is off when you are away on holiday. Never connect automatically to outside networks: Most computers and cellphones have the capability to connect automatically to open WiFi networks. This leaves your device open to hackers and security risks. Make sure you turn off this facility on your device. Minimise your transmitter power: Many routers have an option where you can turn down the range of your network, turn it lower so it does not extend to unwanted users. www.stopbullying.org www.netsmartz.org 2016
21
CYBERSECURITY AWARENESS
A QUICK BREAKDOWN OF CYBER THREATS:
CYBERSECURITY AWARENESS
PROTECT YOUR BUSINESS ONLINE Taking your company live could be the best thing you have do but without the proper cybersecurity you are putting yourself and your customer at risk
S
ensitive information is continuously transmitted over the internet every second of every day. The need to protect this data has never been more crucial, especially for small and medium enterprises. A business must protect its corporate network and clients from intruders. That is a given. Most customers worry about identity theft.
Wide Web delivery system, networks, privacy of data, SSL, reliable payment gateway and e-mail.
The three elements needed to secure an e-commerce business are: merchant, transport and customer security.
When you buy a house, you do a security assessment and perhaps hire a company to install beams and panic buttons based on the size and dimensions of your property.
The perception of the risk of cybercrime has increased from 38% in 2011 to 48% in 2014 in South Africa. Very few e-commerce businesses have implemented anything close to a cybersecurity strategy to counter attacks against their networks.
Buying online requires customers to give up certain personal information that is important to complete a transaction. The onus is on the business owner to guarantee the safety of that information or risk losing customers and ultimately the business.
In the same way if you are trading online, digital certificates, certificate authorities and your internet service providers form a complex relationship that guards against cyber criminals. Any weakness in the system will be exploited and expose your customers to a dark world of crime.
Setting up an e-commerce business involves creating a website, choosing a trustworthy internet service provider (ISP), access to the internet and then registering a domain name. It also relies on a wide range of technologies such as the World
Choosing the right internet service provider is the first step and is often your first line of defence. Other ways of securing your e-commerce business are firewalls, user authentication, data encryption, key management and digital certificates.
22
2016
Typically an e-commerce business would hold information on employees, vendors and customers. What happens when that information is exposed to an outside party, or worse, people with criminal intentions? In South Africa a breach could cost a small business on average R1.1-million to R2-million. In an ideal world you as an owner should consult an IT expert to assess how vulnerable your business is to cyber attacks. Financially, that may be outside of your budget so there are ways you can prevent any security breaches.
CYBERSECURITY AWARENESS
Keep your software up to date: Gaps in software are common areas where hackers can access your network.
Scan you website and applications for malware: Not only are computers vulnerable, but so are websites and web applications.
Install an anti-virus on all your computers and servers: The ideal anti-virus should be able to detect, remove and protect your machines against malware.
Back up critical data: If you’ve been a victim of cybercrime, restoring your data is your only saving grace, so having them backed up would give you peace of mind.
Equip your network to handle attacks: Distributed Denial of Services (DDoS) attacks target unsophisticated networks. Preventing these requires big budgets, but if you opt for cloud computing and a reputable cloud computing partner you could spare the expense while protecting your system at the same time. 2016
23
CYBERSECURITY AWARENESS
SAVE YOUR MEMORIES FROM DISASTER Not only is backing up your computer good online practice, it is just common sense. You wouldn’t jump out of a plane without a parachute or walk the tightrope without a net, so why in the world would you store all your life’s memories on an electronic device without backing it up somewhere safe?
B
acking up your computer has become the simplest and easiest way to protect your valuable information - so make sure you do it regularly. It means simply making a copy of all the files on your computer and keeping them in a safe place, either on an external hard drive, a server or in the cloud. This way, if your computer is damaged along with the files, you are able to recover them and continue with life as normal without the pain of having lost sentimental pictures or critical business documents. You may back up your computer monthly, weekly or daily. Common practice is to do one large back up followed by smaller back ups when needed, after files have been updated or been modified. First, find the right storage device. Preferably an external, free standing hard drive. It must have enough free space to hold all your data - actually it should be twice the size of the information you want to back up. 24
2016
You have to find the Windows 7 back-up program. Press the ‘Windows’ button on the left-hand side of the taskbar and type in ‘backup’ in the search box that appears. On the results you now see, click Backup and Restore. Alternatively, press the ‘Windows’ button and click Control Panel in the right-hand column. Then click Back up your computer on the ‘System and Security’ menu. You should now have arrived on a page headed ‘Back up or restore your files’. On this, click Set up backup. This will open a series of pages. The first page is ‘Select where you want to save your backup’. This is where you’ll tell the computer to send copies of all your files and programmes/applications. You’re given a number of choices, depending on which back-up
method you’ve set up. Here the choices are: to send copies to a DVD in the DVD drive; or, as Microsoft recommends, to send them to an external hard drive. Click on the option that suits you and then click Next. You’ll now see the ‘What do you want to back up?’ page. Here you can choose what Windows recommends – that is, a combination of a system copy and back-ups of all your data files – or you can opt for ‘Let me choose’ and pick only those items you want Windows to copy. Make your choice and then click Next. You’ve now reached the ‘How often do you want to back up?’ page, where you can set up a schedule for regular back-ups. This is highly recommended – it’s very easy to forget to do a back-up. Make your choices and then click OK.
CYBERSECURITY AWARENESS
AVOID BEING A VICTIM OF HACKING The most experienced online experts still somehow become victims of hackers, so don’t beat yourself up about it if it happens to you. There are, however, ways to lessen your chances of getting caught off guard.
I
t is impossible to keep track of the sites you visit in a day, so when you become a victim of hacking you might not know exactly when you were infiltrated. Even the most cautious techies fall prey to being hacked. THERE ARE WAYS TO DIMINISH THE CHANCES: 1. Always have a unique, strong password. You should include a sentence if you can, for example: I Like Strong Passwords So I Cant Get Hacked (take the first letters from a sentence that you are familiar with and create the password) ILSPSICGH, also use a symbol and a number to make it more complex. Using birthdays, family names and easily guessed
names are not a great idea. If you are being hacked the spy already has all your personal information so guessing passwords becomes easier for them. Update your passwords regularly as well. 2. L og out of all your accounts: Never close your computer with all you’re accounts open, your laptop does not automatically log you off, Leaving your accounts open is a hacker’s paradise. Try not to make it too easy for them to get into your personal details. 3. M ake sure you log on to the right website: Phishing scams use URLs that are so close to the popular ones. One mistype and you are entering a false page. The pages are also designed to replicate the
original. Always check the web address. 4. Never click on links that you are not familiar with: Spam e-mails are the biggest culprits, if you do not recognise the sender, delete the e-mail immediately. If it does not look legitimate do not click on the links or download attachments. 5. Don’t download from unknown sites: If you are prompted to download free information, movies or printables rather give it a miss. This is the quickest way for hackers to get into your computer. If you want to check if the site is trustable they should have a download policy. If they do not then, don’t take a chance. 2016
25
MOVING SOUTH AFRICA TO A HIGHER LEVEL OF INTERNET SAFETY
Department Of Telecommunications & Postal Services CyberSecurity Campaign
MOVING SOUTH AFRICA TO A HIGHER LEVEL OF INTERNET SAFETY