“Think before the click.” For the vice president of information security at Liberty Latin America, Felipe Ruiz Rivillasthis advice greatly reduces the risk of falling into the clutches of cyber hackers, who seek to steal identities, data and money from individuals, organizations and governments.
But the continued evolution of cyberattacks, now enhanced with security tools artificial intelligence (AI), requires constant awareness to avoid being a victim of cyber fraud or becoming the entry point of a “hacker”warned the executive.
With that objective, Ruiz Rivilla; Carla Framil Ferrán, vice president of Legal in Liberty Puerto Rico; and Marcel del Prado, cybersecurity consultant and Pentera executive, led a discussion on cybersecurity for staff of the telecommunications provider this Thursday, which was attended The New Day.
“We are attractive because of the value that our information has. What can be materialized and even more capitalized. It is not thinking ‘this is not going to happen to me’”Ruiz Rivilla warned.
In turn, Del Prado urged us to keep in mind that cybercrime “is a tremendous business,” which often functions as organized crime and generates constant and massive attacks, to the point that a country like Brazil registers 64 billion attempts annually.
With this scenario, experts shared 10 tips on what to do and not do to be safer.
To do
distrust: “Always be suspicious, both at work and personally. Nothing is free,” said Ruiz Rivilla. He explained that, although the terms of a free platform like Facebook or WhatsApp are not read, it is known that this document details what they do with the information that their users upload or share. “What are we paying with? With our data.”
Now, other smaller-scale applications can be used “for evil,” warned Del Prado, who urged being very careful with gaming applications used by minors and also adults, because they may include permissions to access the camera. the device’s microphone or browsing habits.
In the case of calls, Del Padro stressed that “you should never trust that the incoming number is real,” because there are tools to falsify them. When in doubt, he recommended hanging up and dialing the phone yourself to call back and make sure. It is important not to give “redial” in those cases.
Protect identity: Ruiz Rivilla advised against publishing photos of minors on social media profiles, as well as other identifiable details, because studies have revealed that many cybercriminals study their victims and their habits for a long time before carrying out the attack or attempted attack. fraud.
Additionally, with current AI tools, videos and voices of family and friends are extracted to impersonate loved ones in extortion and fraud schemes.
Have a code word for emergencies: For these scenarios, in addition to trying to contact the person through another means, Ruiz Rivilla recognized that it is necessary to choose a password to “be able to prepare ourselves with our family circle.”
Add a security layer: “Leave with the task of taking all your accounts and activating double factor authentication,” Ruiz Rivilla instructed the attendees. “It’s super easy and it saves their lives.”
Contain and monitor: Changing passwords periodically helps contain future attacks in case that information is already exposed without the user knowing, experts warned. Del Prado also urged deleting “cookies” with some frequency to close those doors, and review the controls on the devices used by minors. In turn, Framil Ferrán recommended activating the bank’s credit monitoring tools and alerts to find out in time about possible unauthorized transactions.
What not to do
Do not scan QR codes in restaurants, bars or public places without confirming that, in fact, he is the official of the place. As is the case with “skimmers,” casings that criminals place over points of sale to steal credit and debit card information, there is a trend for QR codes to be pasted on top of legitimate ones so that people can scan them without suspecting that they are points. of “hackers” entry.
Do not use the same password for everything. If a cyberhacker gains access to one, they will try it on other accounts.
Do not save access credentials on your phone or computer in a note or list without encryption. The alternative is to use the vault tools that come with the iPhone and Android operating systems, especially when they are configured to require additional verification with fingerprint, face or password. On the computer, use an authenticator such as the one provided by Google or Microsoft.
Do not connect to public Wi-Fi networks to carry out procedures such as online banking or with open social accounts. “That information that they are transmitting is being seen by whoever has control of that network,” warned Del Prado.
The cloud lifesaver
Even with all the prevention and protection measures, from the individual level to that of networks and organizations, Ruiz Rivilla urged to keep backups up to date (“backups”). These must be updated daily and preferably hosted in the cloud, not on the physical equipment, to prevent breakdowns and also losing access to files in the event that a cyber-hacker hijacks the systems, a modality known as “ransomware”.
Only in this way can “losses be avoided in the event of an attack or the computer is damaged,” he stressed.
“All the measures we are addressing for personal use and those we use at the company level will never be enough. It is never zero risk. The only way to have zero risk is ‘turn off and let’s go’‘”, concluded the Liberty Latin America executive. “This never stops and is not going to stop, but it is important that we are aware that we have that risk.”