Cyber-enabled crime still remains a growing industry, overtaking some conventional crime types. Law enforcement has been adapting over the last few years but the pace of change is breathtaking. There is a whole industry surrounding the ‘new criminal’ that leaves behind conventional attack in favour of cyber attack. Passwords are no longer enough to protect people from cybercrime, and many passwords are just too short or easy to break. Hackers are running multiple programmes and don’t need too much information to allow them to complete the sequence. Passwords should now be viewed as part of the security chain and not the only requirement to keep our systems safe.
Multiple security barriers are now needed to block online criminals and effectively secure sensitive information. Some companies are developing a physical key designed to protect online accounts to be used alongside existing security measures such as passwords. These measures may not be needed if we think more carefully about our passwords. Strong passwords protect against phishing sites, limits third-party access to emails and files and works to prevent hackers from pretending to be their target. Many of us have trouble remembering long and secure passwords and often favour those easy to hack, such as our children and partner’s names. These weaknesses in our security are often compounded by the fact that they are then written down. The difficult issue of getting passwords right has been acknowledged and researched by the Government and we are starting to see alternative guidance emerge.
The advice to use or include three random words in your password creating algorithmic strength against common issues like brute force attacks – where hackers use software to churn passwords out until it discovers the correct one. It’s about choosing three random words that mean something to you and therefore can be remembered. It also advises not compromising your work and home systems by using the same password for both. "Cyber Streetwise" promotes just three simple steps. Taking on this advice alongside the two other simple steps can go a long way to make your online experience much more secure. Cyber Streetwise asks people and businesses to:
- Step 1 - Devise passwords made of three random words to help protect you from cybercrime. A strong password is your first line of Defence against hackers and cybercriminals. You can still use symbols and numbers if you need to, however, three random words are key.
- Step 2 - Install security software such as anti-virus. This helps protect your device from viruses and hackers.
- Step 3 – Download software updates as they contain vital security upgrades which help keep your device secure. Password policy and advice is constantly debated and will continue to be.
GCHQ recognises one of the most important elements in encouraging people to use strong passwords is whether they can remember them, so the three random words advice makes good sense. Most cybercrime today is enabled by human error – trusting instructions that are sent electronically, or being taken in by complex scams in which criminals pose as clients, vendors, employees, executives, or other professionals in order to gain access to financial assets. Extracting passwords is big business especially through phishing. We can all take small and big steps to keep our systems safe and secure. Strong passwords, regularly changed and following the simple steps advice can make a huge difference.