What is cyber security and safety? Things you need to know
Young man with headphones and mobile phone.
Cyber security is something we all need to be aware of. In the past, it was focused on anti-virus software to stop pesky viruses from infecting your computer, but as we live more of our lives online and on our mobiles, it’s become a more complex topic to deal with.
Luckily, complex doesn’t have to mean difficult. We’ll help you understand the current cyber space a bit better by explaining a few common terms, how they could affect you and how you can improve your online safety.
What's the difference between cyber security and cyber safety?
Cyber security is all about protecting data, devices and systems through the use of tools like anti-virus software, firewalls, password managers, two-step verification and more. These tools can defend against certain cyber security concerns such as malicious websites containing viruses and other malware and phishing scams in your email and SMS messages that can lead to identity theft and financial fraud.
Cyber safety is all about protecting yourself from online harm and unwelcome or inappropriate content and behaviour. Cyber safety concerns include cyber bullying, cyber or image-based abuse, illegal or restricted online content, or anything that feels threatening to you, your kids or anyone else. While there are some tools that can help you reduce exposure to these concerns, like parental controls or family filters, it’s important to know how to recognise unwelcome content and activity so you can protect yourself and others against it and even report it to official government bodies like the eSafety Commissioner.
At Telstra, we talk more about staying safe online or protecting yourself online, which encompasses both cyber security and safety, because they are closely linked and you’ll need to consider both to enjoy safer online experiences.
What are some common cyber threats?
Anything that could put your personal details or your online safety at risk. Here are some of the more common cyber threats.
Phishing
It's the name given to scam emails, calls or messages that persuade you to provide personal or sensitive information, like a username, password or bank details. Some emails or messages can also try to get you to click on a link to a malicious website or open an attachment that could harm your computer.
These often come from someone pretending to be from a large organisation or brand that you might trust.
Malware
This is a general term for malicious software that hackers use to get unauthorised access to your computer and steal personal details or sensitive information.
Malware can be delivered in various ways, like malicious ads or popups on dodgy websites or downloading files from unknown or untrustworthy sources. They can also come to you in phishing emails or messages that contain an attachment or a link to a malicious website that activates malware when you open the attachment or click on the link.
Viruses and ransomware are types of malware.
Identity theft
When any unauthorised person has access to your personal information, they can use it to create fake identity documents or apply for real ones, or they may take loans out or make expensive purchases online in your name.
While identity theft is often considered to be a hacker’s activity, it’s important to note that lots of identity theft activities can be traced much closer to home. For example, it could be a former partner making purchases in your name because they have access to one of your accounts or your personal information. This is not to say you should start distrusting everyone, but it’s always good to be cautious when sharing details and when you part ways with someone, make sure they don’t still have access to any of your accounts.
Hacking and data breaches
It’s not uncommon for apps, services, websites, and devices to have security flaws or vulnerabilities. Criminals who are able to find and exploit those flaws or vulnerabilities can access private data and sell it over the dark web or use it to steal money.
You've probably heard about data breaches where millions of private records have been compromised - affecting the reputation of the organisation that was breached and the security of people who have had their information stolen.
That’s why companies and organisations are always working to try and eliminate as many of those security flaws and vulnerabilities as they can.
While there isn’t a huge amount you can do to stop the companies you deal with getting hacked, like Facebook or your favourite online shop there are a few actions to help reduce the risk and impact of your data being leaked. The first is to keep your devices and apps up to date so whenever a company rolls out security updates to close any flaws or vulnerabilities, you’re better protected.
The second is to enable two-step verification so even if an unauthorised party gains access to your username and password, they would still need to complete an extra identity verification step before they can get into your account, which can help to significantly reduce their chances to gain access.
Defending yourself against cyber threats
- Be sceptical of any unexpected incoming communication, no matter if it appears to be from a company you use and trust, and regardless of whether it is an email, text message, or phone call. If in doubt, double-check by reaching out to a company using contact details from their official website.
- Use strong passwords. Consider making your passwords a phrase that is unique to you. Typing a few words is easier and can be more secure than most traditional passwords. Use a password manager to generate passwords and help keep them secure. Many security software packages, like Telstra Device Security, include a password manager.
- Say yes to multi-factor authentication whenever it is available. Many online services offer multi-factor authentication, it's an extra level of security that needs multiple pieces of proof to log you in - so when a website asks you to enable multi-factor authentication, you should seriously consider it. To help keep your Telstra account secure, you can enable two-step verification, which is a type of multi-factor authentication.
- Apply the latest updates. Protect your devices by making sure the latest iOS, MacOS, Android or Windows updates are applied. Many modern devices will automatically check for updates and apply them, and do the same for apps downloaded from official app stores.
- Add an extra layer of security to your devices for stronger protection against scams, hackers and online viruses. Telstra Device Security helps keep your personal info off the dark web, secures your Wi-Fi and includes award-wining antivirus. It also protects against phishing, malware and other cyber attacks.
- Limit what you share online. Set your social media accounts to private and limit the amount of personal information you share online like your birthday, address, or photos that identify your children’s school.
- Backup your data to the cloud or external hard drive regularly. This can protect you from data loss related to hardware failures, theft or malware.
- Use secure Wi-Fi. Be careful about sending and receiving confidential information across a public Wi-Fi networks - it's easier for hackers to intercept it. You can turn any public hotspot into secure Wi-Fi with Telstra Device Security.
Recovering from a cyber attack
When things go wrong, follow these tips to recover and get help:
- Contact your bank - If you've accidentally given your banking details to a scammer, it's important to contact your bank straight away. Most big banks will cover any loss if someone makes an unauthorised transaction on your account, as long as you have protected your client number and passwords.
- Recover your identity - If you think you’ve been the victim of identity theft, act quickly. For advice, contact IDCARE and use their free learning resources to help you work out what to do.
- Seek advice and support - for scams that impersonate Services Australia brands like Centrelink, Child Support, Medicare and myGov. If you have given personal information to a scammer pretending to be any of these brands, reach out to Services Australia Scams and Identity Theft.
Report a scam or cyber attack
Report scams to Scamwatch - Scams can be reported to the Australian Competition and Consumer Commission’s Scamwatch.
Report to authorities - If you have been a victim of a cybercrime such as fraud, report it to ReportCyber.
Tell us about a scam or cyber attack
Keep kids safe online
Kids are more connected than ever - with access to devices, apps and games that parents can struggle to keep up with.
Restricting time spent online is a good start but becomes more difficult when kids need to be connected for school and for socialising during periods of isolation or lockdown.
Kids are also more vulnerable to the dangers of being on online - it's important to keep communication open, set up parental controls and make sure that kids understand the basics of cyber safety.
Top 5 tips to keep kids safe online
Cyber Security for Small Business
Many of the measures recommended for consumers also apply to small businesses - using secure passwords, keeping devices and apps up to date, and using anti-malware software.
To add an extra layer of security and prevent sensitive client information falling into the wrong hands, small businesses can sign up to Telstra Business Cyber Security Services, which includes access to 24/7 local support, expert advice and regular check-ups.
Telstra Enterprise security experts can help large organisations protect, detect and respond to threats to secure their operations now and into the future.
Explore Smarter Business articles on Cyber Security and Safety