Month: January 2023

Every form of life has become completely extinct in different historical periods. From the extinction of dinosaurs to the glaciations and the disappearance of our fellow human ancestors. The emergence of a new link in the species chain, which has improved physically and neuronally, implies the later disappearance of the predecessor: there are no Neanderthals that have survived the appearance of the Homo habilis.

This approach raises the question: will it be our own hands that lead to our extinction?

During the last decade, we have witnessed technology grow at a constant rate, consistent with our own evolution. However, nothing prepared us as a society to the rapid and unstoppable technological growth that started with the COVID-19 pandemic. The emergence of this global challenge not only meant a public health issue, but also the social isolation of people. It became clear that there was a need to evolve, just like our cave-dwelling ancestors, to stay connected and resilient in this new way of life.

We managed to evolve, technologically, up to ten years in just a couple of them. We realized the infinite possibilities available for us to connect without even leaving our homes. But what happens to our security under these communication channels? In most areas of our daily life, digitalization represents technological evolution by completely changing the rules on how we handle data privacy.

As a new link in the evolutionary chain, artificial intelligence (AI) allows machines to efficiently solve problems or tasks, even better than a human being. In its simplest form, it uses data sets to determine solutions, patterns, and even create them from scratch.

There is an inherent risk in the use of computer systems. We must guarantee that our information is managed securely, regardless of the digital service or system we are using. With the emergence of advanced AI, business approaches to digital platforms are also changing. Should we ask ourselves, then, how the Internet is financed?

Clarissa Véliz Perales, Philosophy and Ethics professor at Oxford University, warned that “the company’s business model is to sell its users’ personal data to banks, insurance companies, governments and other companies that, in turn, resell it and can be used for almost anything […]”, a situation under which most social networks and websites based on AI work. Therefore, it is safe to say that day by day, every second, huge amounts of data are collected, with and without our consent.

Considering the amount of information in cyberspace and technological evolution we are facing, what would happen if all the data that today is encrypted on the network is suddenly opened? If all the private and confidential information in world were to be exposed in a computer with endless capabilities. These computers are called quantum computers, with the ability to analyze and decrypt data in a matter of seconds, with billions of possibilities and meanings.

By employing computers with exceptional physical capabilities and systems based on significantly advanced AI, we could solve almost any problem of humanity… or decrypt data that would cause irreparable damage to society.

Ilyas Khan, CEO of Quantinuum, explains that quantum evolution is a threat to our lives, stating that “quantum computers will render most existing encryption methods useless.”

When this happens, we will be facing the possible extinction of online privacy and security: the quantum apocalypse.

Unlike apocalyptic prophecies where the Earth is hit by earthquakes and massive floods, the quantum apocalypse will be brought by computers capable of breaking data encryption protocols and schemes. They will create the possibility for those who use them to manipulate information at their convenience. If cybercriminals had access, they could empty bank accounts, block the defense systems of entire governments and access everything considered “private” in the digital world.

Is it time to burn our devices and close all our digital accounts? Is it time for total panic?

The answer is no. Like every point in human history since the first hominid appeared on Earth, evolution cannot be slowed down. Our society, now digitized, cannot turn back the clock on the technological growth on which not only we are dependent for communication, but also to meet our basic needs such as the healthcare sector and food supply chains.

What can I do to protect myself while computing evolves?

Waiting for the evolution to continue may seem too passive an action for Internet users. Currently, we are totally exposed; the culture of personal data protection is still in its early stages, especially in the framework of domestic regulations, so many of the preventive and protective actions need to start at our homes:

• Verify to whom we provide our information: be certain that we provide our data to reliable and truthful entities.
• Block unnecessary requests: as users, we must provide only the necessary data to be able to use digital services.
• Read, read, read: every entity that uses personal data is required by national law to provide a privacy notice or a data processing notice. It is our obligation as users of digital services to read such policies to make sure how and what is done with our data.

Secure passwords: it is essential not to use the same password between low-risk systems and critical systems; for example, do not use the password of a social network in a bank account.

Research has been conducted to generate technological solutions that prevent the quantum apocalypse, establishing cybersecurity strategies to protect all sectors of society, from governments to every individual user with a computer at home. These solutions are called “post-quantum” because they are intended to be computer and quantum intelligence proof. While the changes represent a challenge for any generation, not doing something about it is not an option.

If you are reading this blog, it is because you, as well as a high percentage of the population, have started to look for information through the Internet, instead of books and printed media. We have seen this use of technology increase in the last two decades, but since 2020, its growth has been exponential. Today, we see how children are born with this chip, this information about technologies that allow them to know how to use a tablet or a cell phone before they can talk.

Therefore, it is essential to have a protection strategy, a plan that allows us to have a secure life in the digital world. According to the Inter-American Development Bank in Latin America, only 14 of the 26 countries that are members of the IDB have a National Digital Strategy.  The IDB document is focused on how countries can have a better organization on how to use technology, close access gaps, to keep children, adolescents, and adults safer.

With the help of this document, it is expected that a digital strategy can be developed:

1. The rights of children and teenagers in the digital environment are made effective.
2. Use of technology with ethical and responsible principles.
3. Cybersecurity tips.
4. How to manage the content and data shared by children and adolescents.
5. Teaching parents to use parental controls on their children’s devices.
6. Communicate to children and teenagers that there are governmental services to help and report when there are problems or digital crimes.

What makes this population group more vulnerable? Their age, their innocence, and their need to assert themselves before the world and build themselves as individual beings are characteristics of children and teenagers that are more accentuated than the adult population.  So those of us who are adults, children, and adolescents, seek social acceptance, interpersonal connection, and fun through digital media. How can we protect them? First, by learning and protecting those of us who care for and educate them.

It is important to explain to them why they should not share personal information on digital platforms and be able to guide them in good practices. Doing these activities together can help build a bond of trust. Invite them to create an avatar instead of posting a picture of themselves and do the same yourself, lead by example. Teach them how to use privacy settings, choose the right people to share their information, photos, and activities with, and talk to them about the risks that exist in the virtual world.

In addition to the security settings and the activation of parental controls, ensuring that they don’t access websites or content that they shouldn’t be seeing. We should teach our kids about posting on sites. Deleting a post does not mean it’s permanently gone, all their online posts, comments, and shares are part of their digital footprint. We should also let them know the importance of privacy. We should also teach our children how much personal information is too much information online. Remember that these types of identifying information (names, dates of birth, school names, and hometown), if exposed in a data breach, could make them vulnerable. We recommend establishing a series of rules such as only sharing images with close family members, asking before sending a picture and using other names on their online profiles, among others.

How do we build digital care for the well-being of children and adolescents?

Communication is key, so the first step is to talk. Sharing personal experiences that happen to us even as adults helps to create a bond of trust and receptivity.

When talking to children it is important to approach the subject through metaphors and situations or concepts that are familiar to them, for example, caring for a pet or personal or physical care. With this, we are communicating the message that they should take care of themselves not only individually but also collectively, because, just as in the pandemic, when using a mask, we take care of the people we love, the same happens in the digital world: if we have good security, we are taking care of our family and friends.

• Communication in the cyber world is here to stay, that is why prohibition will not be efficient, it is much better to help them to open and choose safe spaces where they can communicate and play.  In addition, this will allow us to know what kind of applications, platforms, and tools they use while using the devices.
• Another recommended practice is to determine fixed times for device use. When it is found that they are accessing content that is appropriate for their age, it is recommended to have a conversation in which the risks are explained and if necessary, proceed to block access to the site, game, application, etc.
• Establish a VPN connection in your home. This connection will help you to ensure that no stranger can identify any member of your family.
• Finally, it is important to teach them the parallels of the dangers between the physical and digital worlds. For example, if they are taught that it is dangerous to talk to strangers in the physical world, the same should apply to the web.

Today, technology occupies a very important place and with the arrival of the metaverse, it will become more and more important.  Today let’s work on cybersecurity as a shared responsibility; we must help generate cybersecurity awareness from an early age, this will help reduce the risks to which they are exposed.

“Bullying”, “insistence”, and “deception”, are some ofthe words that characterize the digital life of children and adolescents. With theuse of social media, minors are exposed to these worrying behaviors that wemust confront. In recent years, the emergence of new social media platforms andthe subsequent strengthening of existing ones has brought great advantages forbringing people together, leaving aside geographical boundaries.

COVID-19pandemic brought with it an increase in the use of social media, which hasallowed us to reduce the impact of isolation and lack of face-to-face humaninteraction on interpersonal relationships. However, this has also brought withit new threats, such as social engineering attacks that are becoming much moreintelligent and are accompanied by the evolution of technologies.

What are the risky behaviors, cyberattacks, and threats to which underage users are exposed?

First, it isimportant to be aware that most attacks make use of a technique called socialengineering, which is based on emotional manipulation. So, what is socialengineering? It is the practice in which actions are carried out that seek toinfluence people’s attitudes and behaviors, based on the study of our thoughts,feelings, and behaviors. In the digital world, social engineering is usuallyfocused on creating and performing deception techniques to obtain anindividual’s personal and confidential information, which allows them toperform a wide range of activities ranging from selling such information tocommitting crimes using the stolen identity.

As mothers,fathers, guardians, teachers, and adults who have minors under their care, wemust be alert to the main threats facing children and adolescents. What arethey? In 2022, the biggest cyber risks are:

1. Sharing Sensitive Content:

In Mexico, morethan 50% of minors have an electronic device with internet access, and 33% ofthem do not receive adequate education about the dangers of its use.

Let’s teach our children how to maintainadequate security filters when sharing content on social networks. Some of therecommendations are:

• Share only with trusted contacts
• Keep your profile “private”,accessible only to people you know and trust.
• Use strong passwords that are 12 to 18characters long. Ideally, use a password manager such as LastPass or Apple’sKeyChain.
• Do not accept requests from unknownpersons.

2.     Doxing:

Have you ever heard this term before?

Doxing is the act of revealing personal,banking, telephone, work, or intimate information, as well as photos. Itspurpose is to threaten a person or cause intentional damage, usually tocomplete revenge.

This type ofdigital gender violence is one of the main threats considered this year,especially for the female population.

3.    Grooming:

The practice ofgrooming is a social engineering technique in which an adult maintains contactwith minors, seeking to gain their trust through deception, friendlyconversations, and sometimes gifts. The objective is to convince them toperform illegal actions or sexually abuse them.

How it is performed?

The most common vector contacts through streamingrooms where the attacker approaches users offering gifts such as tokens or characters. Eventually, threats to obtain personal information such as bankcards, personal accounts, digital assets, or compromising photographs.

4.     Catfishing:

Catfishing, or catfish, is another socialengineering technique that is similar to cloaking. This happens when attackerscreate fake profiles on social media platforms to scam or abuse a user.Typically, their profile has fake personal information that is enhanced byphotographs or videos, creating the appearance of a legitimate profile, but infact, its content may come from illegitimate sources or from users who havebeen victims of identity theft.

This practice is usually very popular inonline dating platforms, where they seek to romance their victim, creatingemotional ties strong enough to appeal to enough trust and start with the scam:borrowing money with the excuse of being going through an emergency, asking fordonations for the charity they supposedly work for, even sending maliciousfiles or links that infect the device and access the victim’s personalinformation.

How toprevent it?

First, it isimportant to accept that we need to face these threats and be aware of them. Bybeing informed, we can then take the next steps.

The next stepwould be to know and understand what are the new digital trends and networksthat minors use to socialize and maintain human relationships in thispost-pandemic technological era.

Once we know clearly,we can move on to educating minors. If we understand the risks, we can sharewith them basic cybersecurity strategies that will help take care of theirwell-being and integrity.

Acting humanly and kindly is what makes us strong. So, let’s look forstrategies to learn together with our children, nieces, nephews, students, andall the underage people we live with. By learning about cybersecurity together,we are not only protecting them, but we are strengthening the trust that willallow us to take care of them and protect them closely

We are now living adigital revolution, in which the concept The Internet of Things is very commonand a part of our lifestyle. This has brought many conveniences and advantages,for example, the ability to give new features and functionalities to a deviceinstead of having to replace it. Our devices can evolve with every update andadapt to what we require on demand.

To understand this better, let’s travel a little back in time when theinternet and things were elements that rarely merged. This reading gives anostalgic flashback where we can remember the tone (or sound) when the internetconnection was established on your computer through the telephone line, whenyou made your first searches in the browsers, met people with the sameinterests in other parts of the world and even communicating with friends realtime miles away.‍

The internet seemed likea safe and magical place. In this way the internet and the computer were partof the same concept and exclusively related to each other; cell phones, lightbulbs, medical equipment, refrigerators, security cameras, televisions,watches, etc., belonged to a different universe. Ah, those were the good olddays, where everything was more complex or simple depending on the point ofview. Even for some readers who have no memory of the “PostModernity” era, the prospect of a life without digital access will surelyseem, ironically, a science fiction story.

The merge of bothconcepts was a process that began with slow, being as in any scientific processtrial and error. Step by step the internet was incorporated and standardized asan essential part in our social development, objects began to include smallcomputers allowing more capacity of connectivity. These devices began toreceive the adjective “smart” because with a network connection theycould send alerts expanding their capabilities and communication tools, at thesame time transmit data. Mainly allowing to improve our interactive experiencewith these objects, as well as to facilitate and/or automate processesvirtually in all branches of industry, science and social. While this happensthese devices track and collect information from users, such as their habitsand preferences creating user profiles that can be used to segment advertisingcampaigns, modify prices through the possibility of purchase, among others.

Suddenly we find ourselves today ina stage that some call “The Age of Hyper Digitalization”, clearlythere is no such dial-up connection tone, and we take for granted theavailability of access and connectivity to networks. At home as in the office,we add devices and trust them, the question is “Why shouldn’t I trustthem?”, if their name clearly says, they are “smart”. The adjective issimply a marketing term that has much better acceptance than if they werecalled “Networked objects with user analysis capabilities”, which is notan attractive name and could be mistrustful.

We have mentioned how convenientInternet-enabled devices can be, however, it is important to keep in mind thatthey also represent serious threats to our digital environment. Unfortunately,many of these members of the Internet of Things (IoT), unlike the most commonoperating systems we use on our computers, lack continuous updates. Letting asystem operate in this way gives cyber attackers the opportunity to takeadvantage of this lack of maintenance, leaving vulnerabilities exposed for longperiods of time, the more devices connected the greater the number of attackvectors. To make this clearer, let’s imagine that the lock on our house door isnot working, it is obvious that we should fix it to eliminate thisvulnerability. What would happen if we decided to procrastinate this weakness?Eventually some attacker will discover it and will probably share his discoverywith other attackers and anyone who knows this “secret” will be ableto access rob us.

It would be very difficult andimpractical to create such updates and patches on our own, but there areactions we can take to prevent these vulnerabilities:

1. Buy     devices that have a good reputation and from brands that promote good     practices of continuous updating.
2. Segment     our network. For example, if we are at home we should create a network for     our trusted devices, another for all those belonging to IoT and finally an     exclusive network for guests.
3. Preferably     these networks should remain hidden and with IP access control lists.
4. Not     only should we consider the “coolness” of any IoT device that we     would like to install at home, but we also need to consider the safety of     the environment over aesthetics.

The Internet of Things is becoming an important partof our daily activities, eventually we will be back in the generational loopwhere conceiving of a life before this “smart” devices will seem very “vintage”.We are now facing, individual and collective challenges, centered on theimperative need to grow a digital awareness culture where cybersecurityknowledge is not only a specialized subject, on the contrary, we are all everyday more connected to the network and devices, because of this we need to havethe tools and information to prevent attacks protect our personal data.