Here’s some unfortunate irony: More than half of parents (56 percent) say they gave their child a smartphone for safety and security reasons. Yet, 40 percent of all mobile devices are prone to cyberattacks.
Parents motivated by security are often thinking in a physical sense, not a virtual one. After all, it’s how most of us prioritize our child’s well-being. But the world is changing. Today’s bad guys are less likely to come through cracked windows than hacked Windows.
If your child has — or soon will have — a smartphone, read on. There are things you can do to make it — and the other devices on your network — less of a siren call to attackers.
“But Who Would Hack Us?”
It’s common for families to consider themselves an undesirable target for cybercriminals. But, here’s the reality: The dark web marketplace offers downloadable “kits” that make attacks on individuals and homes not only affordable, but very scalable. In other words, it’s easier for criminals to steal smaller amounts of data from a bunch of people than go for bigger amounts in an enterprise attack. Home networks are far less secure than corporate ones, so it’s easy to see the appeal of running concurrent small-scale attacks.
Novice and experienced data thieves alike use inexpensive hacking tool kits to cast wide nets that snare big caches of personally identifiable information, or PII. The crooks either sell that PII to other bad actors or use it themselves to pull off lucrative identity crimes.
The PII of children is an especially juicy catch because it typically accompanies unspoiled credit histories, which enable identity thieves to take out loans that never get repaid. (Try applying for student loans years later with a wrecked credit history. It’s not pretty.)
Outdated Phones are Unlocked Doors
When connected to vulnerable home networks, smartphones are a pathway to all other PII-rich devices on the network — computers, tablets, smart appliances, virtual assistants, security cameras and intelligent doorbells. Just think of what’s on your home laptop alone — last year’s tax return, digital photos of your kids, the emails and physical addresses of everyone you know, a cache of stored passwords, maybe even a few sensitive work files.
When ransomware finds its way from a child’s smartphone to its home network, each of the above PII elements (and so much more) are at risk of not only malicious encryption, but also theft and resale. Recovering that data, not to mention repairing the damage from illegal use of it, is a painful process that demands major financial and emotional fortitude.
4 Simple Steps for Stronger Security
Fortunately, there are four easy, inexpensive things parents can do to mitigate the risk of ransomware attacks originating on a smartphone.
Know the Phone. Smartphone security depends mainly on the software running within the device. This leaves families with older phones, especially hand-me-down devices that become “out of sight out of mind,” at greater risk. Even if you configure settings for automatic updates, they may not happen after a certain amount of time. There are significant differences between how long Apple devices and Android devices (like Samsung, Google, and Motorola) continue to patch security vulnerabilities on older smart phones. Apple for instance generally supports its smartphones for five years or more, at least from a security patch management perspective. On the other hand, most Android phone users, including those who purchase more expensive ‘flagship’ models from manufacturers like Samsung, should expect between two to three years of ongoing vulnerability and patch management- four years maximum for security patch management.
Talk with Kids. (And not just once.) Just as you would have regular check-ins on other important topics, adjusting the content as they get older, it’s smart to share frequent reminders about good online behavior. Sure, they might get sick of hearing “Don’t click strange links,” but they’re probably just as tired of hearing “Brush your teeth,” and you’re not going to stop saying that, right? Keep yourself educated by visiting sites like FamilySecurityToday.com so you can advise them of new tricks and traps to avoid.
Backup your Backup. Cloud storage is great, but it’s not the only answer to protecting your data from theft or encryption for ransom. A best practice is to use two cloud providers. As a cherry on top, consider adding external storage, such as a 2TB portable hard drive, to your backup process. Keep the selfies and Snaps in the cloud and your most critical files in the cloud and on your physical drive.
Watch at Work. If you or another adult in your household is lucky enough to have an employer that provides data security and privacy training, take advantage. The security tips company IT departments share with employees have just as much application at home as they do at work. If they don’t apply today, they will very soon. As corporate info security teams learn how to prevent different cyber attacks, the crooks don’t just give up; they simply change their aim.
By day, Eduard Goodman is chief privacy officer for intelligent identity security firm Sontiq. By night, he is head of the Goodman family IT department. Chat with him at egoodman@sontiq.com.