Updated: Feb 26
Long ago, people didn't lock their houses, or their cars, and that was normal at the time. Nowadays, you definitely wouldn't leave them unlocked when you're not home! The same transition is happening to the internet right now, so treat of your digital life like your house and you'll already be more secure online.
Your Digital Life Is A House
You can think of everything you upload to the internet as items in your house. Some have a lot of value, some don't. You place them were you want, without too much thought or effort towards security. You have freedom to place them as you like inside the house, since you know when you go out the door is locked and windows are shut. But what we often don't think about is that the value we place on our items is not the value others would. "One man's trash is another man's treasure" as the saying goes, and vice-versa. This could not be more true in the case of the internet.
Things we place value on (banking apps, sensitive documents, etc) we tend to be careful with choosing a password for (or hopefully you are), whereas when posting pictures of your cat on social media, you probably put less thought into security. Who cares if someone copies your cat photos, right?
It's Not Just A Cat Photo
This is exactly where the trash / treasure comes in. You may not be aware that the metadata in your cat photo gives a hacker your phone model, serial number, operating system, date, time, location, sometimes even the network details that you are using, as well as any visible details in the photos (that shiny Macbook pro on the sofa behind your cat, router in the background...). Or maybe you are aware, but it's not important to you.
To a hacker, this data is gold. They can use it to discover and break into your wifi network, learn what times you are usually home, when you go out, when you go to sleep, who lives with you, how you enable the alarm when going out. They can sell this data on dark websites to burglars, who then use the data to know when to break into your house. All of a sudden that meaningless cat photo has a lot more value, doesn't it?
You Do Have Something To Hide
And this is why I encourage you to think of everything you have online as the contents of your house. Don't leave it unlocked. By this I mean taking all the steps you can to keep the door so only you have access. Encryption plays a vital, yet hidden, role. Without it, anyone could see your bank card number when you shop online. Recently people have become more aware of it's importance in messaging and communication too.
Time to mention our trash / treasure metaphor again: you might think you have nothing to hide, because the contents of of your message has nothing sensitive or valuable to you. But someone else might place a different value on that data. So if you have the choice between letting other people see your conversation, or keeping it between only you and the recipient, you would chose the latter I imagine. The problem is most messaging or social apps, are built from the ground up for sharing information (like the rest of the internet, see my other post here), and don't want to tell you that they can actually be hacked fairly easily - otherwise no one would use their products.
My point is, it's up to you to learn how to lock your door, and not rely on something because everyone uses it 'so it must be okay'. Go with the assumption that most people know nothing about security. Take a moment to read up on an app or website before signing up for it, instead of blindly clicking 'agree' to everything that pops up. You would amazed at some of the things people agree to in the T's and C's, because companies know nobody reads them (I will make another post with some examples of this soon!). But just like you wouldn't let every single person who walks by on the street into your house, don't give away all your data just through habit. Does a game of chess app really need access to your location, contacts, microphone, and photos? Don't click agree just to save a few seconds.
Securing The Internet Is Still In It's Infancy
The internet itself is still a very new invention, in the grand scheme of things, despite having become a fundamental part of our lives. Electricity has been around much longer, and has become much safer since it's beginnings. We rarely even think about security in electric in our daily lives, we just use it. The internet and people who use it are just starting to become aware of the major security flaws that are riddled all over it, because more and more people use it, and with more and more sensitive data. And it's slowly becoming the consensus that everything should be encrypted by default (just like HTTPS replaced HTTP) in the same way as people gradually realized they should lock the front door when going out. It's only after lots of crime and accidents and hazards, that it becomes second nature to lock up, since everyone knows what could happen if they don't. The same thing with the internet, people are gradually more aware of how many dangers there are, how easy their data can be accessed, and in turn start looking for ways to protect it. None of this is new, it's been like this since the beginning, only now more and more people rely on it on a daily basis.
The Worst Part, You Have No Idea How Bad It Is
While we are now bombarded with news about cyber attacks and ransomware since the lock-downs began, this is really just the tip of the iceberg. We're only hearing about hacks that were discovered or made it into the news. This is just a rough guess, but I reckon only 20% of hacks actually get mentioned or discovered. Not to sound like a doomsayer, as there are plenty of positives happening in the security world and in the end it will result in a safer internet for everyone, but it's important to be aware that it's far easier to access your data and there are far more uses for it than you might think.
Just remember, when you give away your data to a website or service - you don't know how good their security is, and even if the site you are visiting itself has good intentions, there could be someone snooping in the middle (a HTTP connection for example). It's always best to err on the side of caution.
If you want to learn more about staying safe online, check out our "Security Habits Everyone Should Know" post here.