All graphics by Mara Mercado
MANILA, Philippines – The personal information of about 55 million Filipinos are now out in the open, making them all vulnerable to identity theft – no thanks to a hacker who attacked the Commission on Elections (Comelec) system.
The huge breach in the system of the Comelec says a lot about the cybersecurity measures of the poll body and all government agencies as well. (READ: Is Comelec liable for website data leak?)
As individuals, however, people can still protect their own computer system and its contents from cybercriminals or hackers. Now is not the time to take for granted the security features readily available for use on the Internet. (READ: Malware, phishing, cybersecurity: terms you need to know)
How can we protect our personal systems from malicious attacks? Rappler lists some cybersecurity tips:
1. Be careful with what you download
The Internet is a motherlode of files that can be downloaded – for a minimal fee or sometimes even for free – by any user into his or her computer. Various files such as songs, movies, and other essentials are just so accessible nowadays since there are a lot of websites that offer free downloads.
However, such accessibility poses a cybersecurity threat, according to cybersecurity firm Trend Micro. Some of these websites and files, regardless of how legitimate they look, may carry malicious codes or malware that can harm your computer system.
If you are not careful, you may end up downloading a file that may compromise your important documents or worse, your personal information. For example, an innocent-looking file of a song you like may carry a keystroke logger (keyloggers) that can record the activities of your keyboard – including your passwords.
To prevent this, you should only download from trusted websites. Make sure also that you have antivirus or antispyware software installed in your system as these can detect and eventually delete malware.
2. Install trusted security software in your computer
If you have a new computer, one of the first things you should do is to install software that can protect your system. This is important as you won't know that your system is infected with malware – viruses, worms, and spyware – until it starts compromising your files, security, and your computer.
Spyware, for example, may collect personal information and track your online activities.
Antivirus and antispyware programs are designed to prevent malware from entering your computer and eventually save you from future headache. These security software detect and delete the types of malware that may have breached your system – just make sure to always run a virus scan.
While some come with a hefty price tag, there are free antivirus and antispyware software available online. Just makes sure that you download clean ones. Some operating systems (OS), Windows for example, also come installed with free protection.
Once you have these security software installed, make sure that you constantly update them in order to get new features that can protect your system from new malware.
3. Turn on your firewall
The word may leave a bad taste on people who associate it with the Great Firewall of China – a series of projects implemented by the Chinese government to regulate Internet use in their country – but in theory, a firewall is a “solid line of defense” against hackers and other intruders.
A firewall, according to TechTarget, controls and oversees network traffic and acts as a barrier between your network and the Internet. This means that incoming traffic to your computer can be filtered depending on the way you configured the firewall settings.
Simply put, a firewall keeps out malware and protects your computer from hackers trying to access your personal data, passwords, and other sensitive information. Activating it will prevent this from happening.
More often than not, your OS carry pre-installed firewall already so you just have to turn it on and keep it updated.
4. Keep your computer's operating system up-to-date
While it may be inconvenient to update your computer OS given the Philippine Internet speed, an hour or two of waiting beats compromised files and stolen personal information.
Software company Symantec stressed that updating your OS will ensure that new security features – designed to address new cyberthreats – are deployed into your computer. Failing to update may help malware overpower your system and eventually cause more harm because it does not have the right mechanisms to prevent an attack.
OS updates are usually automatic in some computers. For Windows OS, for example, updates are carried out every second Tuesday of the month.
5. Secure your wireless network
A secured wireless network does not only keep your neighbors from leeching off of your Internet bandwidth, it also keeps individuals with malicious intentions from tapping into your private system.
United Kingdom-based Information Commissioner’s Office (ICO) warns that if your wireless connection is open, a stranger may break into your unprotected computer and view, steal, and even spread virus. He can also monitor your online activity – including copying your credentials. Once one computer is infected with a malware, it can then spread to all machines connected to the same network.
Password-protecting your wireless router is easy and instructions depend on the brand you are using. Some even come already secured with a password.
However, it is important that you change these default passwords and encode your own unique one for your wireless router. Using a default password may lead to a potential vulnerability that can be exploited by hackers.
6. Be careful with emails
Long gone are the days that everyone used snail mail to send messages and hard copies of important files. Now, a user can instantly send and receive huge documents via email.
This convenience, however, has been exploited by cybercriminals. They often send malicious links and files infected with malware through email to unsuspecting users. The best way to prevent this, aside from making sure that you have updated anti-malware programs in your computer, is to remain vigilant when dealing with emails.
Be wary of shady emails that come from strangers as these may contain malware. Install a spam filter in your inbox to automatically separate potential threats from legitimate messages.
If you receive an email with a link asking you to input your personal information, do not give what they want or you may be fooled by those engaged in phishing – a method when a website looks legitimate, like the ones you go to. Submitting your sensitive information may lead to identify theft.
If you are not sure whether or not an email is legitimate, it is best to call and confirm with the business directly, instead of risking your personal information.
7. Use unique passwords for your accounts
Passwords are basically the first line of defense between cybercriminals and your personal data. It should also be the strongest especially when dealing with highly sensitive information such as bank accounts.
However, according to Troy Hunt, the “tyranny” of having multiple accounts online paves the way for people to use predictable passwords instead of unique ones.
Yes, it is very tempting to use the same passwords, especially with the vast number of social media websites available. Doing so, however, may cause more harm than convenience. For example, if you maintain similar passwords and even just one is hacked or exposed, it is likely that the rest of your online accounts will be compromised.
What makes for a strong password? According to Trend Micro, it should not make use of common or easily-guessed patterns such as “123456.” A strong password should include at least 12 characters that are a mix of upper and lowercase letters and special characters.
The online security firm added that above all, a person should never use as passwords information that are obvious such as maiden name or a pet’s name that are often posted on social media.
Lastly, Trend Micro advised against storing passwords in a document saved in a personal computer. Once this computer is compromised, hackers can access this document. – Rappler.com
Read more about the Comelec breach and how you can protect yourself:
Jodesz Gavilan is a writer and researcher for Rappler and its investigative arm, Newsbreak. She covers human rights and also hosts the weekly podcast Newsbreak: Beyond the Stories. She joined Rappler in 2014 after obtaining her journalism degree from the University of the Philippines.