The Threat Of “Default” Tech

There seems to be a never-ending series of cyber-attacks against critical infrastructure in today’s headlines. The simple fact is that attacks are happening all the time. In a significant recent example, what started out as a nuisance-level infection went unresolved going on to become a major data loss. It highlights the continued lack of preparedness by organizations to create response plans and a glaring indicator that endpoint devices and users are often the first point of attack and compromise.

The Example of European Energy Cyberthreats

Despite all the regulatory structure in Europe, the subject of recent discussions was the Luxembourg-based Energy Supplier Encevo, and its European-based subsidiary electricity operator Enovos. In a post-facto review of the situation, the company shared that their customer contact portals were hacked in mid-summer. A malware infection led to escalated access to customer information, something that none of us should be comfortable about being in the hands of nefarious actors. Ransom demands were made. Payments in this case were not made because Enovos worked to restore the systems through a disaster recovery plan and neutralize further infections. The threat actor ALPHV, also known as BlackCat, appears to be the very same threat that attacked the Colonial Pipeline in the US with ransomware back in 2021.

These ransomware threats are built with a purpose: to exploit global targets throughout the energy industry. And not only are there existing unidentified infections out in the wild, but new ransomware is emerging on to the scene faster than many IT teams can handle.

Manage Yourself as a Threat

Top security organizations protect against risks posed from endpoints by managing security through devices, identity, and at the application level. Whether it is a workstation, laptop, mobile device, or application, security protocols force access through secured controls such as Multi-Factor Authentication, confirmed device protections, and application protections.

Outside of those protections, there’s a lot that we can do to protect ourselves when we use our own devices. Security and privacy can be hard to manage, but there are some best practices you should follow.

1. Do due diligence when researching what settings will keep your device safe
2. Review applications and settings regularly (at least every six months)
3. Audit which apps have access to data from other services, including social media, online accounts, or email accounts

Defaults can be Dangerous

Let’s walk down a reasonable, relatable scenario. You get a new phone and don’t have time to read through all the conditions, legal terms, data terms, and all the other fine print that comes with it when you are setting it up. So, you click ‘Yes’ and ‘Accept’ to everything that comes on your screen. Sounds reasonable, each of those things should help quality and experiences. We’ve all done it. Almost no one reads all the terms and conditions, but there’s a terrible assumption here and it’s one of the biggest problems when it comes to smartphones, websites, and apps.

Apps – You have got to be careful about where you get them from. Many popular, even well-reviewed applications have been found to have access to too much information and in some cases, stealing personal data. Banking information, private emails, and other sensitive information are found on your phone, so it makes sense to review the sources to be as trusted as possible. Even then, major well-known companies such as TikTok have faced scrutiny about the levels of data access their application enjoys and the residency of where that identifiable data winds up. Just because an application asks for rights to your camera, location, network information, or whatever doesn’t mean you should automatically grant it.

Permissions – Depending on your phone platform, you can audit what applications are accessing sensitive components on your phone. In addition to a selective trusted app source status, you can review apps considering what they are meant to do in the first place. You are going to want to select access to sensitive components including:

• Camera
• Microphone
• Location
• Sync contacts
• Multi-Factor Authentication

Review these items honestly because sometimes you might install an app that accesses more than it needs to function as you intend to use it. That fitness app that seemed like a great idea may be invasive to your private data. Does it really need to know your location all the time? Probably not. And you might not use that app all the time anyway, or ever. It never hurts to review the permissions you grant an app to make sure you aren’t oversharing.

Multifactor Authentication

By now, you should know what this is even if you don’t recognize it by name. Multifactor Authentication (MFA) is the phone-based authentication that many modern security systems have in place to protect access to platforms, web pages, and more. With all the constant threats that we face, simple usernames and passwords are simply not enough to protect even the most simple applications anymore.

Adopt MFA and if given the choice, it’s best to select non-SMS/text methods to validate if possible. MFA applications for your phone feature device-driven authentication features, biometrics, and recovery methods in case of emergency. Whereas simple text messages can be compromised but are better than nothing if it’s unavoidable.

The bottom-line is that our personal devices have become an extension of ourselves, and like any other technology it can be optimized to improve our lives. We live in a volatile world when it comes to the evolving threats faced within cybersecurity. And being aware enough to take these necessary precautions before installing any app onto your phone or tablet can be a difference maker when it comes to staying safe from unseen threats—even if you think your apps seem secure.

This article was originally published in Forbes, please follow me on LinkedIn.