If you bought tickets on Ticketmaster, if you participate in Christie’s auctions, if you have a Santander account, a contract with Telefónica, the Iberdrola service or a DGT registration. They are just the latest reasons to feel vulnerable. And they do not stop growing: as specialist Jakub Kroustek explains: “During 2024, the highest cyber risk ratio in history has been reached.” It speaks of individuals and also large organizations, but what to do in both cases?
Law enforcement agents always claim that, when investigating a crime, they prefer a cell phone to a house search. In a simple device there is more data about its user’s life than any forgotten storage room or the closets of a home. They even have the keys to enter banks and both professional and personal accounts. This material is what interests criminals, who make up an elusive, invisible and tireless army. But it is possible to defend oneself, although the permanent struggle is exhausting and requires tedious routines.
Kaspersky researcher Marc Rivero distinguishes between two areas of defense: “In the business environment, you have to raise the level of security maturity, partner with someone who helps you implement measures and have technology to cover each of the gaps. In the case of users, if in doubt, we must always contact the entity if we receive an email or call that asks us to do something, such as clicking on a link or providing passwords. “It’s a matter of common sense and caution.”
In this sense, Luis Hidalgo, of the National Cybersecurity Institute (Incibe), identifies a dangerous pattern at all levels: “the happy clicker” (happy clicker), who clicks compulsively on every link that comes to him. “These are also, and very much, in the upper layers of an organization,” she warns. All cybersecurity companies insist time and time again on one premise: zero trust.
In this way, one of the fundamental weapons is personal training in all areas, from the most individual to the director of any company. But attacks will persist, so you need to know how to act.
In the event that a company of which we are users suffers an attack, it is crucial to immediately change the access codes to its services. In addition, the Spanish Consumer Association advises the clients of these companies to “reject any type of contract that is offered by telephone or email.” “We ask customers to be attentive to their accounts in case charges or movements of their money occur improperly,” they claim.
In the area of purchases, it is advisable to have a prepaid card that is recharged only for online transactions and only for the amount required at any given time.
Incibe has a practical guide for users that is summarized in the following actions: have a strong and different password for each use, change it if it has been compromised (there are free tools to know how haveibeenpwned.com or in Google), have multiple authentication if available (may include biometric data) and do not click on links from suspicious emails or incredible offers. By system, you must avoid unsafe pages or download unofficial programs, delete documents that contain information that compromises security, do not use the usual email account for offers and promotions and keep the operating systems of the devices updated, so that they are corrected. the vulnerabilities. They also recommend avoiding access to untrusted free Wi-Fi and securing home routers.
You can follow EL PAÍS Technology in Facebook and x or sign up here to receive our weekly newsletter.
Subscribe to continue reading
Read without limits
_
#era #massive #hacks #defend