Knowledge Center

CISO Perspective: Is Anything Safe from Getting Hacked?

keeping-my-information-safe | Read Time: 4 minutes

By Robert Eastwood | Published: May 2022

image

Working in the information security field, I am often asked a rhetorical question like, “is anything safe from getting hacked?”

My answer is yes. But it is important to examine this a little closer to ensure you’re taking the proper precautions to protect yourself and your information.

Using Devices and the Internet Safely
How useful would a phone be if it were not connected to a service provider? How useful would a tablet, PC, or laptop be if it did not have Wi-Fi or internet capabilities? Unless you are using a standalone application, the device itself is not going to be particularly useful. Once a device has some type of useful functionality, and a Wi-Fi and internet connection, it is susceptible to an attack.

Let’s take things one step further beyond traditional computing devices. What about IoT, which stands for Internet of Things? These are devices that rely on an internet connection to bring you, the consumer, the functionality you paid for.

Smart Speakers for example, are not especially useful without a Wi-Fi connection. How will you listen to your favorite podcast or news update? Truth is, it will not work.

How about your home networking devices? They need to connect to the internet so that you can surf the web or stream your favorite movie.

Aside from purchasing these devices, bringing them home and connecting them to the internet per the instructions provided, how much research have you done to really know how secure these devices are?

For example, many devices have services like remote access built into them. This is so the consumer or the vendor can remotely access the device for legitimate purposes. Well, if you and/or the vendor can remotely access the device, what is stopping a hacker from doing the same?

Some off the shelf home security monitoring services have been hacked. In one such case, the hackers had the ability to monitor the surveillance video of the home and even communicate with the members of the household over the audio feature!

Understanding the Ins and Outs of Protecting Yourself

The point is not to be fearful of these technologies, but to understand how they work and how to secure them. Read the manuals carefully! Most of the time they will provide instructions on how to change default passwords, and other network settings.

Here are some additional tips you can use to stay secure:

  • Keep your device software up-to-date.
  • Change any default device passwords immediately.
  • Use two-factor authentication whenever available for an added layer of security.
  • Make sure anti-virus and anti-malware software is up-to-date and running properly.
  • Make sure your home Wi-Fi is secured using WPA2 or WPA3, which provide a more secure internet connection than older WPA systems.
  • Use a home firewall, which your internet service provider should be able to help with.
  • Talk to the device manufacturers’ tech support if you have any questions about further securing the device.

If You’ve Been Hacked
Having a device or account hacked can be scary, but there are steps you should take immediately if you’ve been the victim to help limit damage, including:

  • Have any compromised devices professionally wiped and change your usernames and passwords for all accounts, including your bank accounts, social media and online shopping.
  • Have your bank and credit card companies freeze your accounts, report any fraudulent charges, and get new cards and account numbers.
  • Have a fraud alert placed on your credit reports with EquifaxExperian and TransUnion.
  • File a police or identity theft report, and consider filing a report with agencies like the Federal Trade Commission and Federal Bureau of Investigation who track these incidences as well.

Back to the question we started with, “is anything safe from getting hacked?” Yes, but more than likely, if it's connected to the internet, you need to secure the device and do your research.

That is a CISO perspective.




About the Author – Robert Eastwood
Robert Eastwood is Senior Vice President, Chief Information Security Officer at WSFS Bank. He has more than 24 years of experience in the information security field, including nearly 20 years at WSFS, most recently as Vice President, Information Security Officer, where he developed and executed a multi-year strategic plan for Information Security. He also holds a number of professional certifications and memberships in the Information Services, IT and financial services fields.

 

 

How To Keep Your Company and Yourself Safe from Fraud

Whether it’s a compromised email, ransomware, mail theft, or other criminal attempt, fraudulent schemes continue to trend upward and can cost businesses and consumers alike. Preventing fraud requires vigilance from every employee to protect your company’s finances and information. Here are some tips to help protect your business and yourself.

Read More

How To Keep Your Bank Accounts Safe from the Latest Fraud Trends

Instances of fraud have continued to rise in recent years, and it can often seem like scammers are able to stay one step ahead of their victims. As new schemes continue to emerge, it is important for consumers and businesses to remain vigilant to protect their information and bank accounts. Here are some recent fraud trends and tips to help protect yourself.

Read More

How To Spot and Avoid Common Scams

October is Cybersecurity Awareness Month, which serves as a great opportunity to brush up on common scams and how to protect yourself. Scammers work around the clock to find new ways to defraud innocent consumers, and thousands fall victim to scams each day.

Read More

Can You Spot a Phishing Scam?

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of expanded use of online banking, the problem is only growing worse.

Read More

Digital Considerations to Help You Prevent Fraud

You’ve seen it – someone sends you an email posing as your bank, asking you to verify your account information. Or maybe your business receives an electronic invoice from a vendor with a minor, yet off-putting, detail – like an unfamiliar email domain name. One small lapse of judgment on your part, and you’re compromised.

Read More