Probably the main reason Computer Security Day (which is today) exists, is because we -- as a species -- tend more toward cure than prevention. Most of us only ever change our passwords once the last one has been discovered and put to ill use.
Naturally you've taken heed already this year, and run through the Computer Security Day checklist to revisit your online life and update your digital door locks. But was it always thus?
We've probably all fallen foul of hackers, viruses, malware or some manner of online scam at one time or another. I've a couple of stories on this front, one of which you might recognise, while the other is a bit more of a head slapper.
An insecure password, which was made public via a completely different site being hacked (I used the same password for both), let someone into my flimsily protected Google account. Naturally there was a credit card attached to the account, and someone kindly allowed me to buy half a dozen pay-as-you-go mobile phones for them. Awesome.
Aggravating as it all was, this security slip up on my part highlighted something interesting about paying for things using an online platform, like Google Checkout or PayPal. You see, I received an email receipt immediately after the purchase was made. Not from the bank, because they don't offer that feature even today, but from Google. So I immediately jumped on the phone to the nice credit card folk, and reported the fraudulent transaction.
What's interesting was that it hadn't even gone through yet. The credit card company hadn't even received the transaction info. Google's automated email system was significantly faster than the banks payment system, so they were able to block the card before anything had even gone through.
What Did We Learn?
Entirely my fault for having a rubbish password (easily fixed) and for leaving a credit card registered on an insecure online account (quickly removed). But as a payment platform, using that digital intermediary worked extremely well, as I found out about the fraudulent payment way before the bank even knew about it! Neither were the details of my credit cared shared with the hacker, as all they could do was make a payment using Google's system, and not a direct credit card transaction. A fortuitous safety net I've made use of ever since.
I've rambled on long enough already, so I'll save my other digital security face plant for later on. It's way better, and involved squatters getting into a Big Pharma sterile area because I effectively opened the door for them. Your turn first, though!
What I'd like to hear now is all about your cyber security horror stories, and how you fixed or overcame them.
Email hacked? Wi-fi inadvertently shared? IoT light bulb letting the North Korean government into your bathroom? What happened, how did you fix it, and what did you learn from the whole thing?
Don't forget! Now that you've secured your digital self, come and tell us how you can make yourself and others safe and sound in the physical world, in our brand new Safe and Sound Design Challenge.