The threat of “Standard” Tech
There seems to be a never-ending series of cyber-attacks on critical infrastructure in today’s headlines. The simple fact is that attacks happen all the time. In a significant recent example, what started as a nuisance level went unresolved and became a major data loss. It highlights the continued lack of preparedness by organizations to create response plans and a stark indicator that endpoint devices and users are often the first point of attack and compromise.
The example of European energy cyber threats
Despite all the regulatory structure in Europe, the topic of recent discussions was the Luxembourg-based energy supplier Encevo, and its European-based subsidiary of electricity operator Enovos. In a post-facto review of the situation, the company shared that its customer contact portals were hacked in the middle of the summer. A malware infection led to increased access to customer information, something none of us should be comfortable with in the hands of nefarious actors. A ransom demand was made. Payments in this case were not made because Enovos was working to restore the systems through a disaster recovery plan and neutralize additional infections. The threat actor ALPHV, also known as BlackCat, appears to be the same threat that attacked Colonial Pipeline in the US with ransomware back in 2021.
These ransomware threats are built with one purpose: to exploit global targets throughout the energy industry. And not only are there existing unidentified infections out in the wild, but new ransomware is appearing on the scene faster than many IT teams can handle.
Treat yourself as a threat
Top security organizations protect against endpoint risks by managing security across devices, identity and at the application level. Whether it’s a workstation, laptop, mobile device or application, security protocols enforce access through secure controls such as multi-factor authentication, verified device protection and application protection.
Beyond these protections, there is much we can do to protect ourselves when using our own devices. Security and privacy can be difficult to manage, but there are some best practices you should follow.
1. Do your due diligence when researching which settings keep your device safe
2. Review applications and settings regularly (at least every six months)
3. Control which apps have access to data from other services, including social media, online accounts or email accounts
Default values can be dangerous
Let’s go down a reasonable, relatable scenario. You get a new phone and don’t have time to read all the terms, legal terms, data terms and everything else that comes with it when you set it up. So you click “Yes” and “Accept” for everything that comes up on the screen. Sounds reasonable, each of these things should help quality and experiences. We’ve all done it. Almost no one reads all the terms and conditions, but it’s a terrible assumption here, and it’s one of the biggest problems when it comes to smartphones, websites and apps.
Apps – You have to be careful where you get them from. Many popular, even well-rated applications have been found to access too much information and in some cases steal personal data. Banking information, private emails and other sensitive information reside on your phone, so it makes sense to go through the sources to be as reliable as possible. Even then, big well-known companies like TikTok have faced scrutiny over the levels of data access their app has and where that identifiable data ends up. Just because an application asks for rights to the camera, location, network information, or whatever, doesn’t mean you should automatically grant it.
Permissions – Depending on your phone platform, you can control which applications have access to sensitive components on your phone. In addition to a selective Trusted App Source status, you can evaluate apps based on what they’re intended to do in the first place. You’re going to want to select access to sensitive components, including:
· Synchronize contacts
· Multi-Factor Authentication
Review these items honestly because sometimes you can install an app that has access to more than it needs to function the way you intend to use it. That fitness app that seemed like a good idea could be invasive of your private data. Does it really need to know your location all the time? Probably not. And you might not use that app all the time anyway, or ever. It never hurts to review the permissions you give an app to make sure you’re not oversharing.
Now you should know what this is, even if you don’t know it by name. Multifactor Authentication (MFA) is the phone-based authentication that many modern security systems have in place to protect access to platforms, websites and more. With all the constant threats we face, simple usernames and passwords simply aren’t enough to protect even the most simple applications anymore.
Adopt MFA and if given the choice, it’s best to choose non-SMS/text methods to validate if possible. MFA applications for your phone have device-driven authentication capabilities, biometrics, and emergency recovery methods. While simple text messages can be compromised, but is better than nothing if it is unavoidable.
The bottom line is that our personal devices have become an extension of ourselves, and like any technology, they can be optimized to improve our lives. We live in a volatile world when it comes to the evolving threats facing cybersecurity. And being aware enough to take these necessary precautions before installing an app on your phone or tablet can make all the difference in staying safe from unseen threats—even if you think your apps seem safe.