Information security, the first step to personal protection

With advances in technology, the use of IT devices, particularly mobile devices, continues to rise. Much of the time and space making up life have transitioned to the online world. In the COVID-19 era, in particular, more people than ever work from home, and much of our work is being done online.

Today, safety is as much of a concern in the online world as it is in the offline world. In the latter, we need to keep our machinery oiled and maintained to keep it running smoothly and safely; in the former, we need to get security patches and upgrade user verification to look after our interests and stay safe. Essentially, online safety requires individuals to stay vigilant and take the necessary steps to achieve it. Today, online safety is not a choice, but a necessity.

A connected world

The pressure is on manufacturers to make their products network compatible. If our home appliances, cars, and the medical equipment in our hospitals can’t connect to a network, they’re not as convenient, and are something dated that may soon lose their place.

These connected devices can increase convenience, but without proper information security, the risk involved may far outweigh the convenience.

Security in daily life

If you look at the taskbar of the PC or laptop that your company is using, you can see that it takes up a lot of resources and has many security programs installed.

Connecting to a company intranet from outside requires multiple security measures, including a request and approval process, verification using a security solution such as an OTP generator, connection to a VPN, and logging in on a virtual computer.

To use online banking to make an account transfer, there are many security programs that must be installed first. We have become accustomed to using security solutions such as face recognition, fingerprint recognition, and OTP generators in online activities that require security.

Relentless and varied cyberattacks

Among the various and intricate cyberattacks occurring today, some of the most common methods include planting malware on a personal computer or server system to encrypt important data to prevent its rightful user from accessing it, demanding payment for its decryption (ransomware attacks). They are followed by a ransomware attack by paralyzing the victim’s infrastructure to prevent normal business activities from taking place, and releasing or selling the victim’s important business data.

Modern apartments in Korea come with a smart home system known as “wallpad” which typically have a camera for user recognition. An issue arose with the wallpad when a cyberattack occurred in November 2021. The hacker supposedly hacked into the wallpads of an apartment building to spy on the occupants’ private lives, triggering a public outcry.

As the world settles into living with the coronavirus, work, customer service, and many other areas of life have gone contactless for everybody’s safety. Employers that have gone contactless often have their staff connect from outside with a VPN solution. However, cybercriminals have taken advantage of flaws in VPN solutions to hack into email accounts, sit in on online meetings, and distribute malware.

Point-of-sale (POS) malware attacks involve planting malware in online store servers or retail POS terminals to steal credit card information. They have been continuously on the rise since they began around 2008, and there are now estimated to be tens of millions of cases.

Information security, a necessity for protecting ourselves and the workplace

Information security is now as much a concern for personal safety as it is for workplace safety.

Voice phishing, an all-time favorite of scammers, results in the loss of billions of won each year, and the culprits are now getting more creative with new methods such as messenger phishing. The Korean government announced that voice phishers stole around KRW 774.4 billion last year alone, and the amount is increasing each year.

When it comes to protecting yourself from voice phishing and other kinds of scams, you must stay alert but calm and take the necessary precautions. Carefully examining requests for payment and verifying the legitimacy of transactions, even those from close acquaintances and those that are pre-arranged, can protect you from fraud.

If you need to connect to the company’s network, you should use a company-issued PC or one made safe with security solutions installed. Accessing the company network on a shared PC or through a public Wi-Fi connection is very risky and can potentially expose login credentials and important business data.

Mobile devices should be securely locked in case they are lost. If you lose a mobile device issued by the company, notify the relevant department immediately. You should also install the security upgrade patches provided by device manufacturers and security service providers.

You should observe the online safety protocol in your workplace, and report any suspicious findings to the relevant department. We immediately seek help if there is a problem with our computer, but rarely report suspicious activities that could be information security breaches, and this is something that must change.

While you alone won’t likely vastly improve your organization’s information security, you alone can easily bring the organization down with information security blunders.

Therefore, the company should continue to pursue various measures to improve the information security awareness of all employees, and employees need to understand that in the wider scheme of things, information security doesn’t just concern the company but also themselves and their families. Information security isn’t to be taken as a hassle; it’s a necessity that we all must take seriously in our daily life.

Writer Editorial Department