Four Common Cybersecurity Myths Debunked

Misconceptions about cybersecurity often leave individuals and businesses exposed to potential attacks. For instance, it is commonly thought that cybersecurity is solely the responsibility of IT departments, or that only using antivirus software is sufficient protection from cyberthreats. 

Addressing these misconceptions and adopting robust cybersecurity measures are essential steps in safeguarding your data and personal identifying information (PII). In this article we will discuss four common cybersecurity myths: "Public Wi-Fi is safe if I am just browsing," "I'm not a target for cyberattacks,” "All I need is a strong password to be safe online," and "Mobile devices do not get viruses." We hope this article  empowers readers with awareness, knowledge, and tips to thwart cyberattacks.   

Myth 1: Public Wi-Fi is safe if I am just browsing.  

Public Wi-Fi networks are often unsecured and can be a hotspot for cybercriminals. Common threat to public Wi-Fi networks include on-path attacks (also known as man-in-the-middle attacks) and eavesdropping on unencrypted connections.  

Cybersecurity Tip:

Use a VPN (Virtual Private Network) when accessing public Wi-Fi on laptops and mobile devices. A VPN provides a secure internet connection by encrypting data as it passes to and from the device. One can think of a VPN as a protective "tunnel" so the data is not visible to cyber criminals as it passes through a network. To get a VPN, download a trusted app or purchase a subscription from a reputable provider that meets your specific needs. However, even with a VPN, it is still advisable to avoid accessing sensitive personal information, such as bank accounts. 

Myth 2: I am not a target for cyberattacks.  

This myth is based on wishful thinking. In reality, cybercriminals often target easy, less secure victims rather than specific individuals. This can lead to problems such as ransomware attacks, successful phishing schemes, and identity theft. Typically, less secure targets include individuals, businesses, or organizations with weak cybersecurity practices, such as outdated software, poor password management, and unpatched systems. These vulnerabilities create opportunities for cybercriminals to exploit and execute their malicious activities.

Cybersecurity Tip: 

Stay vigilant, implement patches and system updates promptly. Scrutinize every email and link before engaging with its content. Regularly backup your data to a secure location. Watch  your accounts for any unusual or suspicious activity. Additionally, avoid divulging personal identifying information (PII) to unauthorized individuals to protect your privacy and security (see cybersecurity tip under Myth 4 for more details).

Myth 3: All I need is a strong password to be safe online.  

Many believe  a strong password  (at a minimum 12 to 16 characters with special characters) alone is the ultimate defense, and while  crucial, a password represents just one layer of protection.  Data breaches occur from compromised  robust passwords. . Phishing and other social engineering attacks/schemes can be sophisticated and “seem so real” that people let down their guard and  reveal their credentials, entirely bypassing password defenses. Compromised passwords are often used to gain unauthorized access to accounts, steal sensitive information, or perpetrate further attacks. Hence  it is essential to implement additional security measures to your password to safeguard your information effectively.

Cybersecurity Tip:

Enhance your security by implementing multiple layers of defense, starting with two-factor authentication (2FA) using an authenticator app. Authenticator apps are preferred because they generate time-based one-time passwords directly on your device, reducing the risk of interception compared to SMS or phone call 2FA, which can be vulnerable to SIM card theft. 

For enhanced laptop security, consider using a physical USB key for two-factor authentication. Additionally, employ a password manager to securely store and generate strong, unique passwords for each account, which will further bolster your overall security. Avoid using weak passwords like "1234" or "password," never share your passwords, and refrain from storing them in insecure locations such as unencrypted files or visible notes.

Myth 4: Mobile devices do not get viruses. 

The notion that mobile devices are immune to viruses is a misconception. While they may not be as commonly targeted as computers, mobile devices are still vulnerable to threats such as;  malwares, spyware, phishing and Adware. These threats can steal personal identifying information (PII). 

Many think having antimalware software is sufficient for protection. While antimalware software is important, it is not a catchall solution. For example, zero-day exploits can bypass antimalware software, highlighting the necessity of regular software updates and patches. 

Cybersecurity Tip:

Apply the same precautions to your mobile devices as you would to protect your computer. Only install trusted apps from official app stores, keep your software and operating system updated, delete unused apps, and verify links before clicking. Install and use reputable  antivirus/security apps software, enable remote tracking and wiping features.