Tuesday, April 23, 2024
"Fingerprint" by CPOA is licensed under CC BY-ND 2.0.
Protecting privacy and personal security can seem like a nearly impossible task in this electronic age dominated by emails, text messages, social media and artificial intelligence, but there are things that can be done to help secure your personal information.
That was the message that David Catsoris, a resident of Jonesboro and an information technology specialist for AT&T, shared with members of the Gatesville Lions Club on March 1. Catsoris has worked in the IT field since 1997.
"Security and privacy concerns have a big impact on our lives," he said. "All of our information is online, whether it's financial, medical or legal. There are some things you can do so you aren't a victim and find yourself in a situation where you have an account compromised or you're locked out of your email account."
Catsoris described himself as a "tech enthusiast (or) geek and a privacy and security advocate.” He said many of the tips he shares are things advocated by Daniel Solove, who is considered an international expert in privacy.
"You have a right to be left alone and to not have something intrude on your life," Catsoris said. "We should be able to control who has access to our information. We need to do more to protect ourselves — everybody needs to do more, because companies we deal with don't do a very good job of protecting our information.
"A cell phone is basically our digital identity. We all carry them, and we pay for the privilege of Google, Apple and everybody else to track us and try to sell us advertising. We can make ourselves safer and avoid becoming a victim (of cybercrime)."
Catsoris pointed to several examples where data breaches diminished people's privacy and threatened their security.
Credit monitoring company Experian had a security breach that left people's financial information vulnerable for 47 days, and Equifax, another credit monitoring bureau, had a similar breach and settled a class action suit that offered only miniscule compensation ($6.97) to those who were compromised as a result of a class action lawsuit, he said.
He also noted security breaches affecting T-Mobile customers and urged those with the service to change their passwords.
"T-Mobile had a bad 2022," Catsoris said. "They had 100 breaches."
Ring security cameras, which are popular, have been hacked and misused by some. He said there are times when people's camera networks have sent false reports to police agencies, and that the people sending the false information watched law enforcement respond to the reports for their own entertainment. Those who are caught are charged with crimes, but not until others are victims of their actions.
"Ring cameras are inherently insecure," he said. "I am not fond of those or other internet of things devices (everyday objects that are connected to the internet and can send and receive data and record video or audio)."
The Dole food company is among the major businesses that have suffered from computer hacking to the extent that it impacted their packing plant and had a negative impact on the food supply chain, Catsoris said.
The National Security Agency has shared guidance with Americans on how to protect themselves from hacking and theft of private information.
"It's ironic that America's top spy agency is giving you advice on how to protect your privacy," Catsoris said. "They say to turn off messages and to not have web cameras turned on." He said they also discourage people from using programs such as Alex, Google Home or Siri, which listen constantly. Those programs enable some companies to hear people talk to others about specific products, and then send them targeted advertising via social media.
He said in some cases, sensitive military information has been shared online, and even the U.S. Marshal's Service and FBI have suffered data breaches.
"If they can hack the FBI, how trivial do you think it is for someone to break into your phone?" Catsoris asked.
In 2022, Americans lost an estimated $8.8 billion because of cybercrimes, up from more than $5 billion in 2021, Catsoris said.
Medical records have been hacked, and in some cases, GoodRx, which offers access to discounts on pharmaceutical drugs, has sold information to Google and Facebook without users' consent.
"What do we do?" Catsoris asked. "Use strong passwords. Don't use recognized names. Passwords also need to be longer. Most passwords can be cracked literally in seconds. Do not reuse the same password over multiple sites. If one site is hacked, your password is compromised."
That can be easier said than done, Catsoris admitted.
"How many accounts do we all have?" he asked. "I use a password manager because I have up to 120 entries (different sites used).”
He said password managers create more difficult passwords to decipher. The passwords are encrypted both on your personal device and on the server of the password manager. Catsoris said while those more difficult passwords might still be hacked, it becomes much more difficult and time consuming for cyber criminals to do so, meaning they often choose to move on to an easier target.
"You should delete unused accounts and scrub them," Catsoris said. "It's also best to stop using most of the free email available. Google reads every email you have ever sent. Emails should not be considered secure conversations. Do not put anything in an email that you would not want printed on the front page of the New York Times."
He also encouraged people to use browser-based accounts to log in, saying that they are more secure than apps, and to opt out of tracking when reviewing privacy settings, which are often hidden in an avalanche of terms of use details.
"Also turn off your phone radio," Catsoris said. "Bluetooth can be used to track people to the extent that someone can see how long you stand in a certain spot in a specific store looking at a particular item."
When browsing the internet, Catsoris said search engines such as DuckDuckGo and Mozilla Firefox are better than Google or Bing" when it comes to privacy and security.
"Google has had a lot of problems with malware (designed to disrupt, damage or gain unauthorized access to a computer or cell phone),” Catsoris said.
Hardware keys or YubiKeys also can help people protect their privacy and data security by requiring authentication to access your devices and information, he said.
He said email through Proton is more secure than email provided by sources such as gmail or Hotmail, and that Signal offers a more secure messaging system.
For password help, a password manager such as Bitwarden can protect people's security.
Proton, Signal and Bitwarden each offer a free tier of service, as well as paid products for added security, Catsoris said. He said his Bitwarden subscription costs $10 a year.
"It takes some effort, but there are definitely some things you can do to protect yourself," Catsoris said.
