Cisco UK & Ireland Blog

Safer Internet Day: The Good vs. the Bad

February 5, 2019

David Bowie:“I think the potential of what the internet is going to do to society — both good and bad — is unimaginable. I think we are on the cusp of something both exhilarating and terrifying.”

Jeremy Paxman:“It’s just a tool, though, isn’t it?”

That was 1999. Whilst Y2K paranoia was booming and the Euro currency was just being created, David Bowie was making the most accurate prediction since 1865, when Jules Verne wrote about humankind’s first trip to the moon in his book, “From the Earth to the Moon.”

(For the record, he knew the rocket would launch from Florida, the name of the ship, the correct number of astronauts aboard, and the feeling of weightlessness they would experience…Fairly impressive stuff…)

It’s the both ‘good and bad’ aspect of Bowie’s prediction that intrigues me the most.

On the ‘good’ side of the internet, I’ve tried to think of a less selfish example than “I CAN WATCH ANYTHING I WANT WHEN I WANT!” – and this one from a few years ago still gets me:

One day, a classroom of children in a slum in Kolkata were trying to find their location on Google Maps, but it didn’t return any results.

The kids were understandably aggrieved by this, and set out to, quite literally, put their location on the map.  They named the project ‘Awaz’ (‘Voice’).

They learnt how to use innovative smart mobile technology which had been developed by Matt Berg at Columbia University’s Earth Institute (the purpose of which was to gather information on communities that were impoverished).

The children went door to door, taking all the photos that were needed for Google Maps.  But they also took things a step further, and conducted a survey at the same time; asking residents how many people lived there, what age they were, and their occupation.  They also took the opportunity to ask about any health issues they might have had and what public services they would like to have access to.

Using the internet, the children analysed the data and found out things like there were 71 sources of water, but all of them undrinkable.  Access to vaccinations against diseases like Polio were very low – the rate of vaccinations was around 40%.

Armed with this information, the children galvanised supporters, and took to the streets.  They met with key public service figures and addressed the issues about water, public hygiene, and the amount of impoverished children who weren’t going to school.

As a result, polio vaccination rates have gone from 40% to 80%, there are portable water hook-ups to serve the neighbourhood, and a trash heap has been transformed into a football pitch for the local children.

That example, for me, epitomises the power of the internet (and the power of some amazing kids).  But for every ‘good’ example, there’s the ‘bad’ stuff too:

The internet can be a feeding ground; a platform for those who want to cause chaos, exploit money, and potentially cause other people harm.

In our latest threat report, which will be released in a couple of weeks, one of the threats we talk about is ‘Emotet’, a prolific email spam campaign which became notorious because the threat actors behind it appeared to be shopping it around as a distribution channel for other attack groups.

Helping bad people be more bad? It doesn’t get much more malevolent than that…

So what needs to be done to ensure there are more ‘good’ uses of the internet rather than ‘bad’?

The theme of Safer Internet Day (today) is “Together for a safer internet”.  And it’s true – a safe internet will take a village.

Cyber security vendors, ourselves included, need to work more with both governments and educational facilities to ensure more people are cyber aware.

In line with that, we have just announced our collaboration with the UK police to train all officers in cyber security. The Cisco Networking Academy will be providing specialised training and guidance to 120,000 officers across England, Scotland, Wales and Northern Ireland.

Additionally, as part of the wider Networking Academy initiative, Cisco has already given cyber security training to over 1,000 students.

Of course, it’s also up to ourselves to make sure we’re aware of how the internet can be manipulated.  So, I wanted to leave you with a few tips on how to protect yourself from some of the most common cyber scams today:

Phishing (an email containing a malicious link or attachment). Watch out for:

  • A sense of urgency. For example, if they urge you to act now to take advantage of something or prevent something.
  • An overly generous offer.
  • An email or attachment you weren’t expecting/ from someone you don’t know.

What to do:

  • Hover over links before clicking on them. If it looks suspicious, it probably is! Always let your IT team know if you receive anything like this.
  • IT managers can perform simulation exercises to assess how employees react to a staged phishing attack, and then educate more as a result.

Email spoofing (an email claiming to be from someone you would normally trust). Watch out for:

  • Any emails that ask for large sums of money to be transferred or anything to do with a sense of urgency.
  • Even emails that appear to come from an employee or customer can be faked with some research on your corporate site and LinkedIn.

What to do:

  • Check the sender’s address. Is there a slight misspelling?
  • Put a policy in place; always verify money transfers with a phone call (don’t just email back – the scammer can do that too!).
  • The IT manager can filter any messages that have an envelope sender (Mail-From) and “friendly from” (From) header that contain one of your own incoming domains in the email address.

Connecting a mobile device to a public network. What to do:

  • Only use public networks that require a password, indicating that encryption is in use.
  • A VPN connection will help, but when most employees are using cloud services to get their work done, IT managers could consider a Secure Internet Gateway to stop threats at the DNS layer – for a free trial of Cisco Umbrella click here.
  • Only use secure websites (those which begin ‘https’ – ‘http’ is an unsecured site)
  • Keep security software up to date
  • Disable sharing. Wi-Fi-enabled devices might be set automatically to allow sharing with or connecting to other devices. In a public network that means connecting to unknown and risky device.
  • Don’t leave your mobile device unattended. No matter how safe you feel in your local coffee shop, never leave your laptop, smartphone or tablet unsupervised, and don’t stay logged in to any site you’re not actively using. Likewise, always remember to log off if you’re using a shared computer, such as at a hotel business centre.
Leave a comment