Imagine this: You stumble upon a tempting deal for a used iPhone on eBay. Excitedly, you make the purchase and eagerly power it on. But instead of the expected welcome screen, you’re greeted with a photo of someone’s dog. As you explore further, you discover unfamiliar contacts, personal photos, and a sense of shock, confusion, and even fear. What just happened? The answer is simple: The person who sold you the phone did not wipe their data completely and left behind a lot of personal information that somebody could exploit.
This is just one example of how the things we own and use every day can become cybersecurity risks if we don’t pay attention. In this blog post, I will show you how old smartphones, wireless printers, IoT home devices, old hard drives and USB sticks – can put your privacy and your devices in danger. I will also share with you some tips on how to prevent cybercriminals from stealing your data.
So, let’s start with…
The Lingering Risks within Outdated Models
How often do you change your phone? Every two years, maybe every year, or even more frequently if you love new gadgets? And what do you do with your old phone when you get a new one? Do you sell it, give it away, toss it in the trash, or simply stash it away in a distant closet to gather dust while you are playing with a newer version?
Whatever you do with your old phone, you need to know the potential cybersecurity risks that it can pose. These seemingly outdated devices can still hold a lot of personal information, such as contacts, photos, messages, passwords, browsing history, banking apps, social media accounts, and much more. If you don’t erase the data and dispose of the phone properly, it may end up in the wrong hands. Hackers can exploit your leftover data to steal your identity, access your accounts, spy on you, and even extort you. This isn’t a far-fetched scenario; it has happened to numerous people and could happen to you.
To avoid this, you should always back up your data, factory reset your phones, and remove any SIM cards or memory cards before getting rid of your old phone.
And even if you are not planning on letting your old phone go. If you want to keep it as a “backup phone”. I’d still advise on treating it as if you were giving it away. Because most phone-makers stop providing security updates for their phones after two or three years. And without these updates, your phone can become an easy target for a cyberattack. Hackers don’t need to physically touch your old phone to hack it, sometimes all they need is a working internet connection.
The Unanticipated Vulnerabilities of Convenient Printing
Wireless printers are undeniably convenient! They let you print, scan, copy, fax, and email documents with ease, anywhere, from any device. However, this convenience also opens the door to huge cybersecurity risks if they are not set up correctly. Wireless printers can be easily hacked. No, seriously. Did you even know that printers need the same level of protection as your PC?
If someone can get through default printer security measures (if there are any) they can access your network, steal your documents, or even take over your printer. Imagine if someone copied your private files without your knowledge and sent them to someone else. Or worse, imagine if someone printed out hundreds of copies of something offensive or inappropriate while you were away, good luck explaining this to your colleagues.
To prevent things like that, you should always use strong passwords for your printers, keep them on a separate network, and regularly update their firmware. Firmware is the software that runs on the printer itself and controls its functions. You should also turn off any features that you don’t use, such as remote printing or cloud printing.
The Dual Nature of Smart Devices: Convenience and Vulnerability
IoT stands for Internet of Things, and it means the growing number of smart devices that can connect to the Internet and communicate with each other. These devices range from smart speakers, coffee machines, and thermostats to cameras, doorbells, locks, and lights. IoT devices undoubtedly enhance our lives, offering the convenience of controlling our homes through a simple app on our smartphones. However, with convenience comes the risk of becoming an attractive target for cybercriminals.
IoT devices get hacked very often. By hacking IoT devices hackers can spy on you, control your devices, steal your data, and access your network. For example, hackers can use smart speakers to eavesdrop on your conversations or control other voice-activated devices in your home. They can use smart cameras to spy on and record you without your consent. They can use smart locks to lock you out of your house or let intruders in when you are not home. They can use smart lights just to bother you and be annoying. They can also use IoT devices to launch attacks on other devices or networks, such as a distributed denial-of-service (DDoS) attack that can overload a website or a server and make it unavailable.
To avoid this, always change the default passwords on your IoT devices. Use encryption and authentication methods when possible, and update your device software regularly. Keep all your IoT devices on a separate network, away from your PCs and smartphones. And please, avoid using public Wi-Fi networks to connect your IoT devices, as they are often insecure and easy to hack.
You should also be aware of what kind of data your IoT devices are collecting and sharing, and who has access to it. Check the privacy settings and policies of your devices and the apps or services that they use, and opt out of any unnecessary data collection where possible.
Preserving Your Privacy Beyond Simple Deletion
What do people usually store on their hard drives and USB sticks? Probably some documents from work, family photos, and downloaded movies, among other files. However, what happens to this data when they get a new hard drive or repurpose a USB stick? A common response may be, “I simply delete them.”
Well, you might think that deleting your files is enough to get rid of them for good. But that’s not the case. “Deleting” only makes the data invisible, not gone. It would be too slow and energy-consuming for hard drives to physically delete your data, so they just mark it as rewritable and “empty”.
So basically, your “deleted” data is still on your hard drive and can be recovered unless it has been rewritten. There are tons of software that does exactly that, google it!
If you want to make sure that no data can be recovered from your old hard drive you need to take extra steps to properly erase it. There are different ways to do this, depending on how much time and effort you want to invest in the process. One of the easier ways is to use software that overwrites the data several times with random patterns (such as DBAN). Or you can buy a device that erases the data with a strong magnetic field. You can find them on Amazon, just search for “hard drive eraser”. But the simplest and most effective way is to physically destroy the device. Break it in half or punch a couple of holes through it, no device – no data to recover.
Cybersecurity is not just about sophisticated technology, it’s also about the everyday items we own and use. And they can easily become cybersecurity risks if we are not aware of the potential threats and how to prevent them.
Thinking about improving your cybersecurity but don’t know where to start?
For personal cybersecurity, start with a few fundamental practices. Update your devices’ software and firmware, use strong and unique passwords, be cautious when clicking on links or opening email attachments, as they may contain malware, regularly back up your important data, and enable two-factor authentication whenever possible.
Running a small business and want to protect it?
Start by scheduling a discovery call with our experts! Or leave us a message, and we will reach out to you shortly to assess your unique needs and develop tailored solutions. Take proactive steps today to fortify your online security and protect your IT infrastructure, your confidential information, and your digital future.
Stay proactive, stay informed, and stay secure.