Safety First

Rie Vainstein • March 1, 2019

 

Safety First

 

We have all heard about the Dark Web, but not many people really understand its uses. Unfortunately, one of the many things it is often used for, is the illegal trade of stolen information – yours and mine!

Let me digress for a moment…

Back in history, travel was one of the most dangerous pastimes to pursue, because of the threat of highwaymen. These unsavory characters would disguise and secrete themselves at strategic points along lesser-used routes and would cause any unfortunate traveler (or coach) that may be passing by, to stop – usually at gunpoint. These distasteful individuals would rob any unfortunate traveler of their possessions and disappear off into the darkness.

Now back to present day…

We all buy things online. Some people even use online retailers to do their regular grocery shopping because it is all so convenient. Unfortunately, without even stepping out of our front door, we are under the threat of modern day “highwaymen”, who are poised and ready to rob us of our “valuables” – our user credentials.

There is a process whereby these user credentials can be skimmed off from a retail site without the company even knowing about it.

Once your credentials have been skimmed, they are packaged up along with thousands of others, and offered for sale on the Dark Web. No bad guys ever need to meet to hand over the “goods”. No cash is exchanged. Nowadays, it is all done digitally, using digital currency (bitcoin, for example), which is effectively untraceable. This is a multi-billion-dollar-a-year industry.

What can we do, as “Joe Public”, to protect ourselves? Well, a good place to start is with your username and password. There are a few simple things, regarding your password, that can be done to help mitigate potential damage:

  1. Don’t use straightforward “dictionary” words. If you can find your password in any dictionary, anywhere – don’t use it. “Dictionary” attacks – using computer programs to process through every known word, in every dictionary – is one of the basic methods the bad guys use to get into your accounts.
  2. Along with straightforward words, don’t use immediate family names, birthdates, anniversary dates, or anything else immediately connected with *you*. Make these things random… or, if you must use names, make them at least a couple of steps removed from you: perhaps your grandma’s name instead of spouse, sibling, or child? Or maybe your best friend from kindergarten?
  3. Make your password complicated. Create a password that includes UPPERCASE and lowercase letters, intersperse those letters with numbers, and sprinkle in as many symbols (# $ % ^ & etc.) as the provider will permit. Personally, one of my passwords is 32 mixed characters long! Overkill, maybe. Secure, possibly. Will I forget it? Probably! LOL
  4. Don’t store your passwords digitally. A lot of people store their passwords on their computers, in unencrypted format – they don’t even try to hide the fact that what they have saved is a password! It is better to purchase a physical notebook in which you put all your passwords. You can then keep it in a safe, or some other very protected place until you need to access it. There are digital options, but my personal preference is an old fashioned notebook.
  5. Don’t use the same password for different accounts. Make up a different password for each of your accounts. Be imaginative – you can do it!

 

Albert Einstein is quoted in “ What Life Means to Einstein ” (1929) as saying, “Imagination is more important than knowledge. For knowledge is limited, whereas imagination embraces the entire world…”. (PDF courtesy of The Saturday Evening Post)

 

  1. Don’t give out your passwords. If you have no choice and need someone else to access your account, for whatever purpose, change it as soon as they log out.

We all have to stay vigilant. Maybe you should think about enrolling with a monitoring agency which will track your information (there are lots of options). These organizations scan the Dark Web looking for matches with your credentials – name, Social Security number, phone number(s), address(es), bank account number(s), credit card number(s), etc. They inform you if they find a match. At that time, you’d need to access the affected account and change your credentials.

It is unnerving but, just as the highwaymen of old with their tricorn hats and blunderbuss weapons are now lost to history, with due vigilance from us perhaps these modern-day highwaymen (and women) will also become a “thing of the past”.

===

Contact us TODAY to discuss how we can raise your Cyber Security awareness

===
Non-Technical Security Training:

  • CertNexus’ CyberSAFE
  • also NC-Expert exclusive training (contact us for details)

===
Professional Network Security:

===
If you would like to learn more about how NC-Expert can help,  contact us TODAY  !

The post Safety First appeared first on NC Expert.

NC-Expert Blog

The Importance of Using a VPN

By Rie Vainstein March 31, 2025
A Digital Shield for Your Online Adventures As tech professionals, we often spend a good chunk of our lives navigating the digital realm. Whether you’re troubleshooting a network, coding a new app, or just binge-watching the latest series, one thing is clear: your connection to the internet is a double-edged sword. It’s both incredibly convenient and, if not properly secured, a potential vulnerability. Enter the VPN (Virtual Private Network) our trusty, digital bodyguard. If you’re not already using one, or if you’re not entirely sure why you should, let’s walk through some of the reasons why a VPN is essential for anyone working in IT and, frankly, for anyone who uses the internet. What Is a VPN? In simple terms, a VPN creates a secure, encrypted tunnel between your device and the internet. It allows your data to travel securely, masking your IP address, and ensuring that no one (be it hackers or nosy advertisers) can track or intercept your online activity. Think of it as your personal “cloak of invisibility” in the digital world! 

Troubleshooting Wireless Networks with Ekahau

By Phil Morgan March 13, 2025
Troubleshooting Wireless Networks with Ekahau: A Professional Engineer’s Guide Wireless networks have become the backbone of modern business infrastructure. From office environments to large-scale enterprises, ensuring a seamless wireless experience is essential for productivity. However, despite advancements in Wi-Fi technology, network performance issues often arise, ranging from signal interference and dead zones to capacity overloads and channel mismanagement. To tackle these issues efficiently, professional engineers rely on powerful tools. One such tool, Ekahau AI Pro, has become a gold standard in the wireless industry for troubleshooting and optimizing Wi-Fi networks. This blog delves into troubleshooting wireless networks using Ekahau tools, providing practical examples and technical insights to guide professional engineers in improving network performance.

Post-Quantum Cryptography: The Future of Digital Security?

By Rie Vainstein March 3, 2025
Futureproofing Our Security In our increasingly connected world, the security of digital information has never been more critical. From banking transactions to private communications, our data is constantly transmitted and stored across the internet. The current systems that protect this data rely on cryptography, a branch of mathematics that helps keep information secure by encoding it in ways that are difficult to decode without the proper key. However, with the rise of quantum computers, traditional cryptography is facing new and significant threats. This is where Post-Quantum Cryptography comes into play. What is Post-Quantum Cryptography? Post-Quantum Cryptography (PQC) [1] refers to cryptographic algorithms that are specifically designed to be secure against the power of quantum computers. Quantum computers, once they become practical, will be capable of solving complex mathematical problems much faster than classical computers. This will render many of the encryption methods we rely on today [such as RSA (Rivest, Shamir, and Adleman – initials of the inventors) and ECC (Elliptic Curve Cryptography)] vulnerable to attack. Quantum computers operate on quantum bits, or “qubits”, which can exist in multiple states simultaneously, unlike classical bits that are either a zer (0) or one (1). This allows quantum computers to perform certain calculations exponentially faster than classical computers. For example, in a matter of seconds, a quantum computer could potentially break an RSA key, which is considered secure by today’s standards. As quantum computing technology advances, the need for PQC becomes even more urgent.