UR Blog

Privacy and security | UR Browser

Author: Kelsey Armstrong

‘WannaCry’ Wakeup Call For Online Security

 

Ransomware - paying for access to files

A massive cyber attack struck the globe last Friday, affecting 150 countries and over 250,000 computers including those of major government organizations and corporate operations. This ransomware dubbed ‘WannaCry’ is fearsome because once it is activated on a device, it encrypts all the files so that they are inaccessible. At that point, it instructs the computer owner to pay a ransom in Bitcoin in exchange for unlocking their files. 

So what can you do to make sure you’re protected against this vicious ransomware?

  • Be a conscious clicker: an email or some other form of message can contain infectious attachments and links that can spread malware onto your device.You can simply hover your cursor over email links to reveal the URL’s destination. If you are not sure, do a search on the sender to find out more and stay on alert.
  • Don’t be forgetful about updates: immediately install updates to your operating system and to all your software as they become available. Such updates for your device’s system are designed to fix vulnerabilities which ransomware can target. 
  • Backing up your files is key: ransomware works with a hacker first encrypting your hard drive, which makes your computer still operable, but the catch is that you can’t access any of your files. If you already have your important files backed up on an external drive, you would not have to pay a hacker to decrypt them if you get attacked.
  • Remain aware on social media: social media is all about connecting and sharing with others. Therefore, it is essential to remain in a security headspace to avoid clicking on infectious downloads when on Facebook, Instagram, or even Snapchat.
  • Always stay official: remember to only download apps from official application stores. This will reduce the probability of downloading a pirated versions of apps that contain infectious malware.

All in all, staying vigilant on the web is the most crucial wisdom. Hackers around the globe are always looking for new ways to make trouble in return for their almighty dollar, so don’t make their lives easy.  Always think twice before clicking and make sure you are using updated versions on your system. If your device becomes affected, get in touch with Europol for assistance in your native language.

Sources

Fortune, http://fortune.com/2017/05/14/ransomware-wannacry-faq/

Owl Detect, https://www.owldetect.com/uk/stay-safe-online/archive/nhs-cyber-attack-what-steps-have-you-taken/

ABC News, http://abcnews.go.com/US/simple-things-protect-ransomware-attacks/story?id=47410339

Trump Repeals Privacy Protections

The Trump administration gets rid of privacy protections for internet users.

The Obama-era is over and the future of privacy is getting even murkier. This past Monday, President Trump signed a repeal of online privacy protections established by the Federal Communications Commission (FFC) under the Obama Administration.

Internet providers now have a much larger scope than consumers with the way they share or sell customers’ browsing history for advertising purposes. This data stream is a sacred vessel for advertisers because it allows them to build much richer profiles on consumers so that they can better target ads.

Read more here The Verge

How to Protect Your Digital Privacy at the U.S Border

EFF guide to digital privacy at the US border

Be prepared when traveling

If you are traveling through the US border, you may be subjected to an invasive device search. This is beginning to raise questions amongst those who want to protect the private data on our computers, phones, and other digital devices.

On these grounds, the Electronic Frontier Foundation (EFF) has released a new guide for those traveling to the US. In a long or short format, this guide gives travelers the facts they need in order to prepare for border crossings while protecting their digital information.

See more on the EFF website: https://www.eff.org/press/releases/digital-privacy-us-border-new-how-guide-eff

Useful resources:

Digital Privacy Guide at the U.S. Border
EFF’s pocket guide
Your constitutional rights

Connected Devices: The EU is concerned

European Union and Connected Devices

Should you de-connect your connected devices?

From sports brands to pharmaceutical corporations, companies worldwide are gathering more data than ever due to boost of Internet connected devices now integrated into their IT infrastructure.

By May 2018, new European Union rules related to the General Data Protection Regulation (GDPR) will go into effect and could potentially interfere with companies that bank on collecting and processing user data for their businesses.

So, what’s the problem?

The dilemma for these companies experimenting with Artificial Intelligence (AI) begins with profiling, which is essentially the ability for companies to use automation to determine certain characteristics of their individual users.

When companies use data analytics and related automation technologies to predict whether someone is likely to be a good worker or be more prone to a specific illness, that business is taking part in profiling.

“Companies need to carefully determine how to use their various types of data for different purposes that don’t potentially put them at risk of a violation. In some cases, that may mean a company should leave out certain demographic data when debuting a specific service overseas.”

Executives of major tech companies like Cisco and Microsoft are advocating for the technology community to “explain very well” complex and misunderstood AI technologies to policy makers who may be ill-informed. 

As the EU prides itself on protecting the personal data of an individual, these companies conducting business in the Europe must be extremely cautious with how they handle and process their customer data. 

Read more on Fortune: http://fortune.com/2017/02/14/google-microsoft-cisco-privacy-profiling-artificial-intelligence/

Image credit: Shutterstock

Big Data “For Dummies”

As we embark into a fully data-driven world, it is important for technology consumers to ask questions to better understand where their personal data is going.

Unfortunately, the interminable sphere of Big Data can get really boring and confusing. This is why cartoonist Josh Neufeld and Michael Keller of Al Jazeera America collaborated to create “Terms of Service: Understanding our Role in the World of Big Data,” a comic novella sum field guide that demystifies Big Data and its implications on daily life.

The comic itself is centered around how data is handled in the United States and explores the tradeoffs between giving up personal data and how that data could be used against you. It answers many questions, such as:

• Which technologies might seem invasive today, that five years from now will seem normal? 

• As technology users, how do we keep up with the pace without letting our data determine who we are?

French newspaper Le Monde recently published the first 30 pages of the French version of the comic. Recent concerns about the collection and sharing of data have brought Big Data to the forefront of privacy discussions.

Sources

Terms of Servicehttp://projects.aljazeera.com/2014/terms-of-service/#1

Al Jazeera America, http://america.aljazeera.com/tools/pressreleases/al-jazeera-america-releases-first-graphic-novella.html

5 Frequent Types of Malware: Explained

Types of malware hackers use

You may have heard malware thrown around, but do you know what it means? Learn more about the largest types of malware we come across on the web.

What is malware?

Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise, cause harm to the host computer. Here are explanations on the five most observed types of malicious programs to watch out for:

1. Adware 

Adware is a form of financially-supported malware that usually presents itself in the form of unwanted advertisements displayed to a user. The Internet is filled with these types of programs that can hijack your PC for profit. Most of them are hidden inside so-called “free” downloads and pop-up ads that forcibly install software on systems with active vulnerabilities.

2. Spyware

This type of malware covertly collects information and transmits it to interested parties. Information gathered includes web sites visited, browser and system information and IP address. Spyware does not have any infection mechanisms and is usually dropped by a Trojan. A hacker uses spyware to track your internet activities and steal your information without you being aware of it. Credit card numbers and passwords are the two most common targets.

3. Trojan Horses 

Just like the trojan horse from ancient greek mythology, this type of malware is disguised as a safe program designed to trick users, so that they unwittingly install it on their own system, and later are sabotaged by it. Normally, the hacker uses a trojan to steal both financial and personal information. It can do this by creating a “backdoor” to your computer that allows the hacker to remotely control it.

4. Viruses

Like a virus that can infect a person, a computer virus is a contagious piece of code that infects software and then spreads from file to file on a system. When infected software or files are shared between computers, the virus then spreads to the new host.

5. Worms

Similarly, worms also replicate themselves and spread when they infect a computer. The difference, however, between a worm and a virus is that a worm doesn’t necessitate the help of a human or host program to spread. Instead, they self-replicate and spread across networks without the guidance of a hacker or a file/program to latch onto. 

 

Surf safe with UR: all downloads are automatically scanned for viruses and if you arrive on a suspicious website, you will immediately be alerted.

Phishing vs. Pharming

fish-in-fishbowl

What is phishing?

Though phishing and pharming attacks are related, they both happen by different means. For example, phishing attacks usually involve an email that appears to be from an e-commerce company prompting you to take action and log in to your account with the link provided in the email.

The website you visit is not the real site but a well-designed imposter site. It may seem authentic to you, so you will enter your username and password, which is then obtained by the attacker. 

What is pharming?

On the contrary, pharming is different in that it can happen when you are going to a legitimate website, even when you have typed the URL of the site yourself. In a pharming attack, the criminal “hijacks” the intended site’s DNS (domain name system) server.

The end result is that you are redirected an imposter site that looks like your intended site. Most people can not tell the difference and will enter their username and password as usual, only to be captured by the attacker. 

 

UR has an integrated Safe Browsing feature which alerts you of sites that are suspected of phishing or pharming. Learn more about UR’s safety features.

Party time? A Refresher in First, Second and Third Party Data

Advertisers, websites and data brokers are having a ball with your data.

The Breakdown on Your Data

First-party data is the data you give away willingly to websites. Advertisers and publishers can extract and compile data by requiring you to register online and by then analyzing your activity.

Example: your email address, name, pages you like, ads you click, etc.

Third-party data is information that’s collected by an entity that doesn’t have a direct relationship with consumers. This data is normally compiled by specialist firms who pay websites to collect information about their visitors. This data is then used to piece together detailed profiles about users’ tastes and behaviors as they browse the Internet.

Example: an advertising tracker will place a cookie on your browser and see where you go so you see ads for things you want. (Maybe those shoes?)

Second-party data is the newcomer to the scene. It is essentially first-party data that another party obtains directly from the source. This data isn’t given away directly—it usually is obtained through a direct relationship with another entity. Deals can be made between publishers or a Data Management Platform (DMP). Or simply between two parties who could benefit from each other’s first-party data.

Example: a pet store sharing data with a veterinarian, who both have similar clients.

The Wider Scope of Your Data

Collecting and dealing with all that information requires a wide range of different players. Data brokers earn their living by helping advertisers and publishers manage their own first-party data, as well as selling them more data about users.

“Companies stress that they do not know users’ names. But they identify them by numbers, and as they build up detailed profiles about those numbered users, there is concern that the information might be traced to individuals.”

– The Economist

All this data is divided into segments defined by location, device, marital status, income, job, shopping habits, travel plans and many other factors. These segments are then are then auctioned off to buyers of ad space in real time.

While data sharing can lead to products and services that make your life easier, more entertaining, economical or even informational, it is important to be aware of your data. So, whether it’s your first-, second- or third-party data, it is important to understand where your data goes, and how it is used.

Sources

http://www.economist.com/news/special-report/21615871-everything-people-do-online-avidly-followed-advertisers-and-third-party

https://hbr.org/2015/05/customer-data-designing-for-transparency-and-trust

https://www.wired.com/insights/2015/03/internet-things-data-go/

© 2017 UR Blog

Theme by Anders NorenUp ↑