Задать вопрос специалисту

Приобрети журнал - получи консультацию экспертов

Курс НБУ

Internet Safety

Matviyuk Roman
head of department of ASM


Today no one is surprise with the word "hacker". It has been included in our daily lexicon for a long time; almost every new movie from Hollywood or our northern neighbors has characters of that profession. Mostly they are young men dressed in sloppy clothes, who by pressing one key can get into computers of Pentagon or a bank. Passwords are selected and bank accounts are cracked in one stroke in those films. Thus, in our imagination, hacker is an almighty man of network. Today information technology is covering increasingly various aspects of our lives. It is hard to imagine what happens in next 5-10 years. But there is a dilemma: on the one hand – concerns an issue how one can trust the latest technology in this situation, because you do not want become victim of hackers, and the other – one does not want to look like "dinosaur", abandoning benefits of human thought. We will try to understand, what to do in this situation.

First and foremost, we should realize - is that we are ordinary citizens and no one will follow you on purpose (unless of course you are Eugenia Tymoshenko or Gregory Nemyria, whose e-mails in the network were discussed by all the leading Ukrainian mass media). Historically, today the era of hackers is not at its peak - a large number of them were caught by regulatory authorities worldwide. Mostly hackers further or perhaps at once contact corporations, manufacturers and talk about "holes" that they found. This communication can be either on a voluntary basis when the person who found vulnerability, is working full time or part-time, or have form of blackmail (although history proves that the blackmail does not bring anything good). Some corporations hold competitions to break their own software, thus verifying its reliability and moderate means of getting information on potential hackers who could further improve their products, if this is necessary. If not, just to be aware of any potential intruders - in any case, corporation remains winning. Therefore, each time we hear less and less about some high profile cases involving hackers. It is worth mentioning recent high-profile events around Wikileaks. Resource that has support or maybe was created today by the strongest and most-promoted (this could be wrong) hackers network - Anonymous, has used for their revelations a "mole", who I do not know how, but helped to copy all information in resource.  In modern realities it is hard for one person to seriously confront large corporations and even more to stay not caught after all, so there are associations stitched by common idea.

Let's go back to now, to us - ordinary people who just want to use the latest technology and make sure that all of our information will be stored and does not become property of other people, of course, if we do not want this. What can be classified as information that we often leave for use of different resources? First of all this is email (or any other instant message programs Skype or ICQ), without which probably any Internet user does not do now. Second – is information from real life (address, passport data, etc.). Third - is banking data, more precisely, data access to your accounts via the Internet. Perhaps that’s all, because other possible information in one way or another can fit under the above categories.

How to protect yourself from intruders specifically for each case? Above all, no one will "dig" for you for purpose (of course, if you do not fall under the above criteria). "But what about cases of stealing passwords from email accounts or data authentication in the social network, computer games service or any other kind of data?" - you can ask. By the way, theft of banking data can be largely attributed to this. So, 99% of these cases occur due to user's computer spy software that spreads like virus and is not focused on specific user. It simply collects maximum possible data, and then sends it to attacker, and he has to decide how to use it, whether it's stealing money from your account or, for example, sending unsolicited mail on your behalf - all are acceptable for attacker and depend on nature of stolen data.

Either users or service owners, who lose users through viral stealing data, do not like this situation. Therefore, substantial funds are allocated for solutions implementation to ensure security of data, and for good reason. With this kinds of study there were several different methods to protect areas of focus: session keys use - ie those generated at each session initiation (connecting to site, payment card, etc.), for example, via SMS message or an e-mail. There are even special devices for keys generation and particular software. Database technology, where initialization session took place, for example, at entrance to resource from another location, does not give access to your data until you authenticate yourself for owner through same SMS code or letter in email.

Also for banking operations, especially for funds transfer physical keys are used, that only owner has them, and use of stored data on them automatically confirms your right to requested information (it is not possible to pull it out from physical media). Also, there are other methods, but they are less common than those described above. Owners of services would not want to lose their users, so they continue seeking methods to improve your data security. The only thing that is more and more difficult is using various services, because at some point you will have to find middle between reliability and ease of use. As to the user, confidentiality of data required to initialize session, using passwords of sufficient complexity, and do not forget connecting cell phone or alternate email address to services remains at his conscience. It certainly adds some inconveniences when using services, but will significantly increase reliability of saving your data.

Do not be afraid to take advantage of new technologies. Just remember the only thing, when choosing authorization methods, observe the same principles as choosing lock on the front door to your house. And do not forget - no one will be found guilty when information is lost, if you choose an ordinary latch, using logic that I have nothing to steal, instead of door lock-crab with a special key and an optional second lock with key of completely different action. As you know, you start to appreciate only when you lose.

Добавить комментарий

Защитный код

Что для Вас криптовалюта?

Виртуальные «фантики», крупная махинация вроде финансовой пирамиды - 42.3%
Новая эволюционная ступень финансовых отношений - 25.9%
Чем бы она не являлась, тема требует изучения и законодательного регулирования - 20.8%
Даже знать не хочу что это. Я – евро-долларовый консерватор - 6.2%
Очень выгодные вложения, я уже приобретаю и буду приобретать биткоины - 4.3%

29 августа вступила в силу законодательная норма о начислении штрафов-компенсаций за несвоевременную выплату алиментов (от 20 до 50%). Компенсации будут перечисляться детям

В нашей стране стоит сто раз продумать, прежде чем рожать детей - 33.3%
Лучше бы государство изобретало механизмы финансовой поддержки института семьи в условиях кризиса - 29.3%
Это не уменьшит числа разводов, но заставит отцов подходить к вопросу ответственно - 26.7%
Эта норма важна для сохранения «института отцовства». Поддерживаю - 9.3%