|Voice of the Jaabc Editors|
Coping With Cyber Crimes To Protect One's Right To Privacy
Against the backdrop of increasing incidence of cyber crimes, the necessity of protecting one's privacy in the digital environment has never been more imperative than now. When we are dealing with the computer which is susceptible to illegal penetration by hackers, we should all work on procuring protection from experts, security software producers, former hackers, and the government.
If, for example, we were to error and use the same password for all our websites, if we "overshare" on our Facebooks by revealing an inappropriate amount of detail about our personal life, we render ourselves a target for cyber criminals. There is also a highly organized crime units targeting businesses and government systems in an effort to steal intellectual property and information related to critical infrastructure of a country.
The United States' cyber crime activity is costing the nation anywhere from $24bn to $120bn a year and the computer scams are costing Britain about £27bn a year. These figures are having a debilitating effects on the nation's economy and robbing the citizens of the psychological inner peace of keeping control of their privacy rights in the digital world, let alone their loss of professional, social, and personal data and information.
The day of the invention of a new impregnable computer is shrouded in the future. Meanwhile, we should apply all the current techniques available to us to protect our privacy from the cyber criminals. The right to privacy is our right to keep a domain around our possessions that are part of us in terms of our body, home, property, secrets, thoughts, and identity.
The right to privacy gives us the privilege to choose which parts in our domain can be shared by others, and to control the extent, manner and timing of the use of those parts we agree to let others access. In any democratic, civil society the right to privacy is the individual's unalienable prerogative.
Among the most frequently cyber crimes committed by hackers include theft of personal data, copyright infringement, fraud, child pornography, cyber stalking, and bullying. For the sake of clarification, the broad range of cyber crimes can be better understood by dividing it into two overall categories:
Type I cyber crime is usually a single event from the perspective of the victim. An example would be where the victim unknowingly downloads a Trojan horse virus, which installs a keystroke logger on his or her machine. The keystroke logger allows the hacker to steal private data such as Internet banking and e-mail passwords.
Another common form of Type I cyber crime is "phishing". This is where the victim receives a supposedly legitimate e-mail (quite often claiming to be a bank or credit card company) with a link that leads to a hostile website. Once the link is clicked, the PC can then be infected with a virus.
Hackers often carry out Type I cyber crime by taking advantage of the flaws in a web browser to place a Trojan horse virus onto the unprotected victim's computer. Any cyber crime that relates to theft or manipulation of data or services via hacking or viruses, identity theft, and bank or e-commerce fraud could be classified as Type I cyber crime.
As for Type II cyber crime, it tends to be much more serious and covers things such as cyber stalking and harassment, child predation, extortion, blackmail, stock market manipulation, complex corporate espionage, and planning or carrying out terrorist activities. It is longitudinal. It is generally an on-going series of events, involving repeated interactions with the target.
For example in Type II cyber crime, the targeted victim is contacted in a chat room by someone who, over time, attempts to establish a relationship. Eventually, the criminal exploits the relationship by committing a crime. Or, members of a terrorist cell or criminal organization may use hidden messages to communicate in a public forum to plan activities or, for example, discuss money laundering locations.
More often than not, Type II cyber crime is facilitated by programs that do not fit under the classification crime ware. For example, conversations may take place using IM (instant messaging) clients or files may be transferred using FTP.
Although there is nothing in terms of hardware and software that is "unhackable", there are ways one can make it harder for the hacker to break into one's computer system. A rigorous review of the literature provided me with some common sense methods to protect one's privacy. Although most of the following methods may be familiar to you, at least they would remind or reinforce of what you already know about them:
A strong password is a good fortified castle around your computer. In addition to using a combination of letters and symbols, use a password manager and a randomly generated alpha-numeric password that is at least 20 characters long.
Do not use the same password for your multiple Web sites. Granted, it will be easier to remember by using one password for all your Web sites, but once it is compromised in one place, it puts you at risk on a widespread basis.
Do not use the same security questions. Just as people use the same passwords, they also tend to select the same security questions—and thieves can use those to brute force their way into other accounts in your name, even when there is a flag on the account to watch for possible fraudulent activity.
Change your passwords periodically. It is advisable to change one's password every month or every two months – and make it hard to guess. Granted, it is a chore, but it is better to be safe than sorrow.
Keep your system updated. Programs like Acrobat PDF reader, Microsoft and Java are heavily abused by hackers, and patches and new releases often contain upgrades that close avenues hackers use. Keeping these programs up to date pays dividends. Also, uninstall softwares you no longer use. Having fewer older programs means less opportunity for hackers.
Be email cautious and lookout for phishing. Often we all receive emails and do not really know who the source is. So never open an email – especially an attachment – from an unknown source. Sometimes emails are pretended to be from a believable source such as MS Windows upgrades, asking for some kind of personal data so hackers will use them to penetrate your system.
Infections can come from already-hacked friends, too. One example: A hacker sends an infected message to everyone in the victim’s online address book. If you open its attachment, you will unwittingly become an infection spreader, too.
Be suspicious if a friend who appears to have sent you an email with no subject line. Sometimes a subject line can only say “RE” or “FW” or is uncharacteristically vague or brief (example: “Hey” or “I LOVE YOU”) – especially if the email text contains an Internet link. Be on the safe side: Call that friend first to check on its credibility.
Curb your curiosity and stop clicking. Avoid clicking links that promise free prizes or gifts. Hackers will try all sorts of gimmicks to entice us to become victims of their games.
Avoid offers of "smileys", screen savers and coupon-printing software. Be incredibly careful if you plan to download free movies: peer-to-peer networks are full of malware.
Be suspicious of third-party security alerts. If you are browsing the Internet and a Website’s pop-up tells you have viruses, it could be a trap to get you to download infected files.
Do not buy an upgrade online. If you have already been hacked, you may get messages that say you need to upgrade your protection by buying something online using your credit card. Some people immediately respond – and that gets you in the lion's lair.
Hackers may hire call centers overseas for collaboration. They claim to be from Microsoft or Apple to inform you that they have detected a virus on your machine. They ask you to go to a Website, download and run this or that program so they can fix it for you. This gimmick gets the hacker inside targeted victim's machine all too frequently.
Be leery of software downloads. If you are getting software at a discount or for free online, remember that there is lots of pirated software out there, and there is the increased likelihood that they contain in them some sort of malware.
Buy the needed software conventionally. When you are ordering any kind of software for any device, buy it from a manufacturer’s Website – not through other links.
Beware of a Trojan horse USB flash drive. You may get the USB flash drive as a gift from someone or some store, but it could have some other software stowed away. Once in your computer, it may get access to all your files or infect your data. Any peripheral connected to a computer can infect it.
Stick to visiting secured sites. Web addresses that begin with “http” use the basic Hypertext Transfer Protocol. But with “https,” the “s” on the end stands for “secure”: It authenticates the Website and the Web server you are communicating with. The Electronic Frontier Foundation has a campaign called HTTPS Everywhere that tries to direct you to an https site whenever possible. At https://www.eff.org/https-everywhere you can download and install this free safeguard add-on for Chrome, Firefox, Firefox for Android and Opera.
Be app-alert. Be careful what you put on your phone. If you go to a Website you do not know, what you are buying for 99 cents could be designed by a hacker anywhere in the world to spoil your day. Always use reputable apps, and select them cautiously.
There are some bad alternative app stores for Android out there. The number of platforms (like Windows, Apple, Android) with app stores is increasing; you should stick with the official one for your platform.
For Android, do not get software just because it is free for your mobile. Use the Google Play store for apps. If you can on your device, never click the box in ‘settings’ that allows the installation of settings from unknown sources.
Get protected, stay protected. There are many good antivirus programs that protect you from 95 percent of the danger that is out there. But each program covers a different 95 percent – and that is the problem. A good free one is Microsoft Security Essentials. It provides protection from spyware, malware and viruses. Firewalls provide another level of defense. But because they are so common – often already installed on new computers – many hack attacks can evade them. Firewall protection also has to be kept up to date.
Use a separate computer for your bank accounts. This method was just conveyed to me by Ms. Zara Mokatsian (a computer expert) by suggesting that for all your emails, use a separate computer dedicated for your bank accounts. Do not enter the Internet on this computer. Additionally, always keep a limited amount of money in the balance of your account.
In the final analysis, none of these steps will protect you entirely. Unfortunately, we are all sitting ducks for a horde of hackers who are keenly focused on stealing our data as we are relaxed about storing them. However, by consciously observing the above suggestions and by surrounding your machine with some kind of malware protection, you would make it a bit tougher for hackers to break into your system and use one account to leverage others. In other words, you can put up some firewalls to prevent a single hack from exposing you to multiple headaches.
We have barely scratched the surface of fraudulent practices perpetrated by hackers on unwary PC or Mac users. We most certainly have another area of crime which is on the rise. We have a new scam artist on the block. Predatory blog writers target small organizations, criticize them on their certain shortcomings, be they true or untrue, and then ask them to pay $5,000 in hush money (i.e., bribery) in order to remove their name and the unbecoming comment(s) or discreditable information levied against them.
Thus, the blog owners and the companies that own the blogs make illegal money through extortion and bribery. In fact, there is hardly any difference between drug dealers or computer hackers and those individuals and companies involved in shady blogs. As you would agree, money paid to someone to prevent them from disclosing trumped up embarrassing or discreditable information, is morally wrong and legally egregious and downright prosecutable in any society, in any religion, in any country on the surface of the Earth --for hush money is a dishonest way of fleecing the unwary and the unprotected.
Dr. Senguder joins me in inviting our JAABC readers and contributors to write on this timely and critical issue of the victimization of innocent businesses by predatory blog writers. It is our responsibility to get the word out there about the extortionist blog writers in order to warn small businesses from being bullied into paying bribery to silence the dishonest blog writers and those who aid and abet them.
Having said that, do not forget that we are all human with frailty. The above suggestions are technical solutions to protect you from being hacked and scammed, but the ultimate protector is you the human being and not the machine, for the hacker all too frequently prey on your gullibility by taking advantage of your trust or greediness for freebees offered to you online through the Internet. Hence, it is human error which is the most likely reason behind getting victimized by the perpetrator.
Z. S. Demirdjian, Ph.D.
Senior Review Editor
California State University, Long Beach, CA