How not to give all the money to hackers? 5 expert tips for users

Scammers can now steal money from accounts without even going into a bank, simply by connecting remotely to a smartphone or computer. How to protect yourself from this?

Head of the laboratory of artificial intelligence, neurotechnologies and business analytics of the Russian University of Economics and Nbsp; G.V. Plekhanov Timur Sadykov.

Today, the Internet has become a field of continuous fierce information confrontation, which began from the moment the first computer networks were put into operation, and now has acquired unprecedented proportions. Its members — foreign intelligence services of almost all countries of the world, representatives of banks and  corporations, fraudsters of various stripes, adherents of terrorist organizations, and an extremely wide range of unidentified persons pursuing the most diverse and mostly purely selfish interests.

It is possible to cause physical damage to the infrastructure of a serious adversary by penetrating his computer network, but successful attacks of this kind are relatively few in number. On the other hand, gaining unauthorized access to other people's data is easily converted into financial and reputational damage to the opponent. Therefore, the struggle on the Internet is primarily for the possession of data that is not intended for wide distribution.

A times the goal is more often — banal profit, it is not surprising that financial organizations are primarily targeted by hackers: banks, settlement centers, investment funds, etc. Data protection in such organizations — a difficult task, the solution of which can only be entrusted to professionals. The methods they use are individual, take into account the structure of the customer's business processes, and, as a rule, are classified for security reasons.

The average user is rarely of interest to serious hackers, but he may well be the victim of smaller scammers who are not squeamish about blackmail and theft from individuals.

What can be done to protect their data to an ordinary user?

Electronic mailboxes, messenger chats, cloud drives and other network resources are not, with very rare exceptions, reliable storages of confidential data. A wide range of people have access to these resources, the physical location of server capacities is unknown to the user, they are often located in foreign jurisdictions, and he himself can access his data only via the Internet. All of these factors make cloud and web-like resources a very convenient, but not-too-reliable data store.

Synchronizing a device that stores confidential information with additional devices (for example, a computer and a smartphone) significantly increases the risk of data leakage. A minor application installed on a smartphone may be a spyware and complete all data protection efforts on synchronized computer with smartphone.

The computer on which confidential information is stored must be password protected at both the BIOS level and the operating system level. These passwords should be sufficiently complex and significantly different. The possibility of fixing entered passwords with the help of video recording and similar means should be excluded.

Unauthorized persons must not have physical access to the device on which confidential data is stored, regardless of how securely it is protected at the software level. It can take little time for attackers to remove a hard drive and connect it to their own computer as an external drive.

Truely confidential data, which is absolutely unacceptable to leak, in principle there is no place on  a conventional device that connects to the Internet, is taken by the user to work or travel, to which strangers have physical access (even for a short time), and on which a significant number of programs are launched. Such data must be stored in encrypted form on media that is not connected to the Internet and securely protected physically, for example, on a removable drive in safe.

Источник aif.ru