Web Security

While the world wide web is amazing in many ways and an invaluable tool, there are risks associated with using it, such as hackers, viruses and identity theft.

Hackers

Hackers are people who break into online computers and networks. Many hackers just do it for their own gain, such as for profit, to get access to information that is being withheld from the public, or just for sport. However not all hackers are like that, as there are also ‘White hats’ who are generally security experts and work with an organisation to find vulnerabilities in their computer systems to protect against attacks.

Viruses

Viruses are malicious code that is used to do several different things. For example, they could be used to slow down devices, gain access to a device, or install software without the user's knowledge, such as ransomware (a type of virus that locks away a device’s files until a ‘key’ is used to unlock it). So, they are a serious concern. However, there are measures that can be taken against them, such as antivirus software which checks downloaded files and programs for malicious code and can run full scans to check if any pre-downloaded files or programs contain viruses.

Identity theft

Like in real life, it is possible to steal someone's identity usually in order to gain access to their data, bank details, or to impersonate them. However, this is generally easier online because all that is needed is information; no physical objects are required to steal someone's identity online. One way this can be done is someone could disguise a website as a trustworthy site to get people to give their personal information without realising it (this is known as a ‘Phishing’ attack).

The primary way to defend against identity theft in general is to make sure you only enter personal information if you are CERTAIN the site you are entering the information on is legitimate and secure. Some things to look out for are: the padlock on the left of the search bar, check the URL (website address) to make sure it is correct, and no characters are out of place.

There are many threats out there on the web, but that doesn’t mean you shouldn’t use it.

As mentioned above there are things you can do to keep yourself safe and protected from online threats. Some of the best ways to do this would be to install antivirus software, only use websites and sources that you know are trustworthy and secure, use strong passwords and other login technologies like two factor authentication (requires approval from another device to login) and biometrics, such as fingerprint scanners, iris scanners and facial recognition.

Something to keep in mind is that even though these technologies do make it much safer and less likely for you to be affected by a virus or hacker, these are not 100% secure. There is always some way around pretty much any form of security. It just depends how difficult it is to get around.

Firewalls

One of the main ways of protecting a computer or network of computers is to use firewalls. A form of digital security gate used to scan each packet of information coming in to, and sometimes out of, a network. Firewalls often come built in to modems, Windows and other operating systems often have them built in too, so it is not necessary to install one separately. However, larger businesses will install custom firewalls like proxies (a sort of middle man) in order to better protect their data, and therefore their customers’ data.

Secure Protocols

Along with having security like firewalls on a device, there is also what is known as HTTP (Hyper Text Transfer Protocol) and HTTPS. An Information transfer procedure that is used to transfer information all over the internet. The difference between HTTP and HTTPS, is that the S stands for ‘secure’, so as you would expect, HTTPS is more secure and is often used to protect highly confidential information like online banking. The way this extra security is achieved is through encryption,

SSL (Secure Sockets Layer) or TLS (Transport Layer Security), and RSA

Encryption is a process of turning information into code, so that unless someone has the means to turn it back (often a password or key of some sort) it will just look like a jumbled mess). Encryption is often used in transmissions across the internet, for example, instant messaging services such as Facebook, WhatsApp and Google Hangouts, to name a few, will encrypt a message before it is sent, then transfer it across the internet to the recipient/s who has the key to decrypt it and turn it back into readable text.

SSL is a type of encryption that is designed to protect websites and connections between them and their users.

TLS is the newer version of SSL and is still sometimes referred to as SSL.

RSA is another very powerful form of encryption.

Standards for authentication

There are many ways of checking that someone is who they say they are, usually by using something like a password or PIN number that only people who should have access will know. However as mentioned earlier it is possible to gain unauthorised access via methods like phishing attacks, viruses and hacking to name a few.

One of the easiest things you can do to protect yourself against this is to use a strong password.

A strong password should:

⦁ NOT contain any information like your name or any numbers that personally relate to you, like your birthday for example.
⦁ NOT be comprised of only lower-case letters, make sure you use at least one capital letter.
⦁ NOT be a commonly used password like 12345 or password. Make sure to choose something that is unique to you.

In summary, a good password is one that has a mixture of lower case letters, capital letters, numbers and possibly even other symbols, like using an ! instead of an i or 1 when possible. Some examples are given bellow.

While having a strong password is very important, it isn’t the only way to keep your information secure. There are other security measures that can be put in place to add extra security, like Two-factor authentication and Biometrics for example.

Two-factor authentication is an extra layer of security that can be added along with a username/password setup, so that as well as putting in your normal username and password you’ll need to get a code from another device that is already logged in (usually a smart phone). And the code will change even as often as every 30 seconds, so even if someone has your username and password, they will need access to your phone to gain access anyway.

Biometrics in recent years has turned from something which was mostly found in science fiction, to something that is in the vast majority of modern smartphones and some laptops/desktops.

Almost any smartphone from 2016 onwards has a built-in fingerprint scanner, and sometimes a face scanner or iris scanner or both. However, fingerprint scanners are currently the most common as they are very reliable, fast and easy to use, while face and iris scanners are not as quick and usually require

enough light, and to be viewed from a particular angle, otherwise they won’t work.

So, in conclusion yes the World Wide Web can be dangerous, but that doesn’t mean you shouldn’t use it, as at least in my opinion, the befits far out way the risks. I hope this article has helped you better understand the World Wide Web and has shown you that it isn’t as dangerous as you might have thought.