From powerful governments to renowned celebrities have been victims of hackers and theft of information through the network. And anyone who has an email account can be the same. In the case of journalists, the situation worsens, taking into account the sensitivity of the information they handle. Against this background, the Foundation for Freedom of the Press (Flip) has just published an antispyware manual that, although it is aimed at journalists, can serve anyone who wants to protect themselves from cyber attacks and the theft of private information.
“In this 63-page document, the Flip strongly points out that” there is no single solution to be secure online. “Digital security is about understanding the threats they face and how to counteract them. The first thing that is determined is what information and who you want to protect from, threats can change depending on the place, what is being done and with whom you are working in. Therefore, to find the best solutions you must first evaluate the type risk “.
The Flip refers, on a timely basis, to threats such as the illegal interception of communications, theft of equipment, theft of credentials, falsification of accounts, cyberbullying, industrial espionage and the installation of malicious programs. Without counting the attacks that can be made, even against the devices that allow the connection to the Internet. “Any team is susceptible to receiving attacks. It is important to remember that no program is perfect. There are always errors, they are called bugs, which can be exploited by third parties to access the devices and access the information stored in them. ”
Likewise, there are specialized devices that are able to store everything that is written on the keyboard and are known as keyloggers. Some look like small USB memories that can be connected to the USB port of the compromised device almost imperceptibly for users. Thanks to these devices, the spy can access, for example, the passwords of a person’s electronic accounts.
“Routers, which connect computers to the Internet, can also suffer attacks. In almost all cases these teams have backdoors, remote entries that facilitate the administration and updating of this equipment by suppliers. However, these backdoors can also be used by third parties to monitor the traffic that passes through the router. This information allows us to know which pages are visited, with whom we communicate and how often. ” Even the very cables that carry all the information between the big servers and the devices can be attacked. “There are probes, devices that allow cloning all the traffic that goes through these cables without anyone noticing.”
Therefore the Flip makes several specific recommendations. First, use phrases, instead of words, for digital passwords. “To create this password you can use the quote of a song, a verse of a favorite poem or any phrase that is easy to remember and that is not very obvious.” It is also recommended to use password administrators. In reference to some websites, which have security questions to allow the user to retrieve a forgotten password, such as the name of their first pet, the Flip recommends inventing fictitious answers, because the response to These questions can be known by people close to the user.
As far as smartphones are concerned, the Flip warns that when they are misused “they are a permanent source of personal data because they allow knowing the location of a person minute by minute, leave traces of their activities and have greater vulnerabilities “And that” WhatsApp was not designed to share confidential and / or sensitive information. Their vulnerability or flaws in the privacy and security of communications has been amply demonstrated. ”
Therefore, it is recommended to take some time to configure and, if necessary, reconfigure the cell phone, for example, to encrypt the communications and that the message is converted into an illegible code. For this there are several applications that are available on the Internet such as: RedPhone, Signal, Jitsi and Hancel. The same goes for text messages that can be encrypted with applications such as TextSecure, Telegram and Hancel itself or with the chats, which can be ‘secured’ with applications such as Pidgin, Adium and Gibberbot.
To surf safely on the Internet, the Flip recommends, first of all, avoid pages whose web address starts with http and not https. The former are insecure, while the latter prevent others from reading the traffic on the website they are visiting and hence their advantage. There are even programs that allow surfing without a trace, anonymously. For example, Tor Browser, Orbot and DuckDuckGo. To which it is added that it is worth remembering that “social networking sites are owned by private companies that do business with the data that their users give and trust”.
It is recommended, likewise, to be very attentive to malicious or spyware, among others, avoiding opening files or links sent by email from unknown senders, reviewing content from a suspicious attachment with antivirus software and using “common sense: files that claim to contain the latest images of a celebrity or even photos of alleged infidelity of people nearby or announcements of any prize are traps to download malware or to know personal information. ” Likewise, if in order to access the content, you are asked to register or enter the user and password data in a service or social network, you should carefully check that it is not a fake site.
Likewise, it is advisable to encrypt the data that you have in your cell phone, using tools that the same devices have. “In Android phones, it can be done in the ‘Security’ configuration and follow the steps indicated by the device. On iPhone and iPad, look for the configuration of ‘Data Protection’ or ‘Data Protection’, in the adjustment section; Encryption of information on the device will be activated once a key is created. ”
In the same way you can go to programs responsible for deleting data safely and completely. To these recommendations, so to speak, techniques, add some common sense: “Avoid using the same Internet cafe or WiFi network from the site other than the office. If a very sensitive publication is being prepared, it is advisable to write it on a computer that is in a secure place and that never has an Internet connection “.
Also, if you want to store information there, you should check the security of the USB memories in which the data will be passed. Similarly, it is recommended to enter email or social networks from your own computer. “If it is done from a borrowed device, it is necessary to close the session, use private browsing and do not forget the other advice given previously. Always turn off the computer when you leave the desk for a long time. ” Finally, it is recalled that the Police already has a Computer Crimes Unit, dedicated to prosecuting this type of criminal activity. “On their website they typify the types of crimes that are