In the second part of our series we saw the ways that our target – Yane – who, indeed, can be anyone of us, can be hacked and why such an attack would be successful. In this part, we will discuss the ways that you can make yourself a more difficult target, thereby decreasing the risk of a hacker attack.

Image by Mohamed Hassan from Pixabay


It’s all about basic hygiene, not high technology

The ways of protecting oneself from hacker attacks do not require knowledge of advance technology nor high expertise. We only need to be disciplined and to apply the digital equivalent of regular hygiene. Briefly, all we need to do is to slightly reduce our personal comfort and slightly increase our discipline.

What did Yane lose during the hacker attack?

Yane was a victim of a hacker attack. He lost a part of his digital life and maybe a certain amount of money. But above all, Yane spent a great deal of time and additional funds to retrieve his digital life and put it back to normal, for which he had to communicate with various support teams, confirm his identiy, talk to the Police and attorneys, purchase new equipment, apologize to many of his friends for the attacks against them through his hacked profiles.

Meet the new Yane

Yane is a new person today. He is a bit more experienced, much more suspicious, and very disciplined. Yane stopped using social networks, spent a great deal of time on changing his passwords and regularly updates his computer. He even changed his e-mail address hoping to become a lesserr target for the hackers.

Instead of having to become a new person and to restrict or exclude your digital life, try the following rules on basic hygiene of cybersecurity.

Appropriate and different key for each door

As we use different keys for the doors of our home, vehicle, mail box… we should be using different passwords for each of our websites. Your keys are not equally complex – more important doors have keys that are more difficult to copy and locks that are harder to pick. In the same manner, your passwords need to be more complex so that they cannot be cracked.

Two keys for the important doors

Just as we have two locks for the important doors and we use two different keys, we should activate secondary authentication on important websites. This facility is called multi-factor authentication and is usually a six-digit number that changes every 30 seconds. You have this number on your mobile phone in an appropriate application or you receive it in a SMS message. Even if someone guesses your password, he/she would not be able to find the number you have on your device and changes every 30 seconds.

Just as we service our vehicle, we must maintain our device

The digital devices – computers, mobile phones, tablet-computers – have software that needs to be updated on regular basis. Just as we do not allow our vehicle to run on the same oil and we change it regularly, the same way we must update the software versions on our digital devices.

If something is too good to be true – it is not true

Regardless of whether the messages received are SMS, e-mail, Viber or something else, take all messages with a doze of suspicion. If the messages are promising effortless profits, quick earnings, rewards, unexpected romantic relations – they are all too good to be true. And they are not true. Don’t trust them!

Now what?

We hope that with this series of texts we have helped you be a bit more secure in your digital life. Of course, that means being more careful, being more disciplined and having a bit less of comfort. The reality is that we all are just people – we get tired, our concentration falls, and we will not be sufficiently watchful. Unlike us, attackers use machine-guns that do not get tired nor will they get bored from attacking us.

Therefore, let’s use the technique that does not get tired protecting us – let’s keep it updated, with different complex passwords and always doubt for a while before we respond to some of the messages received.

Author: Bozidar Spirovski, online security expert.

This text was produced as part of the project “Good Governance in Cybersecurity in the Westen Balkans”, implemented by DCAF – Geneva Center for Security Sector Governance, funded by Foreign, Commonwealth and Development Office of the Government of the United Kingdom. The contents of the text is the sole responsibility of the author and the Metamorphosis Foundation and may not reflect the positions of DCAF and the donor.