You too can become a victim of cybercrime. This is not only detrimental to the educational institution where you study, but also to you. Imagine that all data from a thesis is no longer accessible. Or that your fellow students’ files have been encrypted on behalf of your account. You don't want to think about it happening to you, but chances are you will have to deal with this sooner or later. Globally, a cyber attack is carried out every 10 seconds and the cost of cybercrime is estimated to be $10.5 trillion worldwide by 2025.
By creating awareness and through prevention, the damage can be limited. Of course, it is the responsibility of the educational institution that you can work in a secure environment. But there are also things you can do to handle ICT facilities safely and prevent incidents.
What is cybercrime and what are the different types?
Cybercrime or computer crime are crimes committed using an ICT asset, targeting another ICT asset. Examples? A virus on your PC or laptop or a hack on a social media account. In a DDoS attack, a lot of information is sent to a server in a very short time. The server becomes overloaded, rendering a website or internet service unusable. This often involves websites of large commercial companies, bank services and credit card companies.
You may also encounter phishing or ransomware. In case of phishing, criminals pretend to be a trusted entity such as your educational institution or bank. For example, they ask for login details or other personal information via email, app, or sometimes even by telephone. This data is then used to hack into your account. Ransomware is a computer virus that urges you to pay money to get rid of the virus. Ransomware encrypts documents and photos making it impossible for you to access them. The virus tells you to pay a sum of money to get rid of the blockage. Both phishing and ransomware can be prevented if you understand how it works and act correctly.
What can you do yourself preventively?
Choose a unique password
Use unique passwords for your accounts. This way, someone who knows one of your passwords will not suddenly have access to other accounts. Choose strong passwords that are harder to crack by choosing a long password -or better yet a passphrase- that is easy to remember. A password manager such as Lastpass can also help you with this. Password managers are a safe place to store your passwords and help you choose secure passwords. If you use such a service, make sure you choose a unique, strong master password or passphrase to access your password vault.
Enable two-step verification
A number of online services offer two-step verification or 2FA/ 'two-factor-authentication'. To gain access to your account, there is an extra check of your identity, for example with a code that is sent to your smartphone. This makes it harder to hack your account.
Don't click on links in emails and don't open attachments
Unless you know who sent them and what they are for. That link or attachment could install malware on your computer. Download free software only from sites you know and trust. Think carefully when asked for login details such as usernames and passwords. Never click on buttons or links in an email you don't trust. For example, even if the email or text message appears to come from a trusted sender, just to be sure, go directly to the website of the company in question or check with the company to see if the email came from them.
Not only on your laptop or PC, but also on your smartphone, router and other smart devices in and around the house. The software on your device quickly becomes obsolete and ways to hack devices are constantly being found. Updates fix vulnerabilities and make your device safe again. Cyber criminals actively search for vulnerabilities in outdated software. Therefore, install updates immediately if your device asks for it.
Secure your internet connection with VPN
A public Wi-Fi network of, for example, a pub, train or bus is not secure, whether you use a password or not. Once you log into a public Wi-Fi network, malicious parties can gain access to your device and everything on it. So it is better not to use such networks. If for some reason you do use an unsecured network, do so via a VPN connection, for example EduVPN. This prevents anyone from intercepting sensitive data.
Are you on a public network without VPN? Then do not use internet banking, log in with DigiD or your UvA log-in until you have a secure connection again. And only go to websites whose address starts with https://.