Yogyakarta, May 7th, 2020—Center Digital for Society or CfDS Fisipol UGM held a Digital Discussion #19 program on Thursday (5/7). Online discussion through WhatsApp Group platform raised the topic “Securing Mobile Phones from Cyber Threats”. The speaker in this discussion was Vidiskiu Fortinu from the Research Associate at CfDS Lab. The discussion began at 15.00 WIB and was moderated by Made Agus Bayu Sudharma (Bayu) as the CfDS Event Assistant.
As often happens before the discussion, the moderator introduced himself and conveyed group rules as well as introducing the speaker. For the introduction, the moderator asked the audience about what causes mobile phones are vulnerable to cyber-attacks. According to the audience, mobile phones are vulnerable to cyber-attacks due to lack of digital literacy from smartphone users, installing lots of applications, and providing random personal information.
The speaker started the discussion by explaining the common understanding of cyber-attack. In general, there are active and passive attacks. Active attacks aim to change the data in the system that will have an impact on system performance, whereas passive attacks only use the information without affecting on the system. The worst possibility, our smartphone data is used or altered by the attacker. This can only happen with the permission of smartphone users. Besides, there are also digital and physical cyber-attacks. Smartphone users who are connected to external networks, such as the internet or Bluetooth, can be exposed to digital types of cyber-attacks. “Basically, these attacks are similar to cyber-attacks on PCs. Some of the most frequent examples, we just connect to an unknown Wi-Fi, it can be called a man-in-the-middle attack,” said Vidiskiu.
Vidiskiu explained that there was a third device that intercepted information sent from the smartphone to the Wi-Fi. From there, a lot of information can be obtained, especially if the information is not secured by the encryption method. While physical types of cyber-attacks, for example, smartphones are physically opened or stolen, then the data is taken or manipulated.
In his discussion, Vidiskiu explained what was the cause of cyber-attack. He also explained how to optimise the features of Android/iOS that we use to protect our phones from cyber-attacks. According to him, the most important is the OS update. In addition to getting new features, known security issues are usually fixed with OS patches.
“Activate security features such as lock screen and auto-lock to prevent physical burglary. Also activate the find my phone feature, in case your mobile phones disappears. Usually, if your mobile phone is connected to a Google account, it can also be locked from the remote. Also limit the permission to install the app and access the gallery, contacts, and camera for the installed app. Especially for android phones because they are more vulnerable than iOS. Double authorise your application when you think the important data existed,” said Vidiskiu.
Mentioning a viral issue, namely the users’ data leaking from one of famous e-commerce can be an indication that digital transactions are quite risky with leaks, both buying and selling or cashless such as e-banking. Vidiskiu advised our attitude towards the incident so that the data security is maintained in the future. This can be done in several steps, specifically:
- Double-check when transacting where there the website is HTTP or HTTPS because the safe one is HTTPS.
- Don’t give the OTP code or any verification codes to anyone.
- Update the antivirus on our device so we can find out if there is a virus that is stalking us.
- Don’t use public computers to do online transactions using your own devices.
- Finally, your account password must be safe enough.
After finishing the discussion, the moderator opened a question and answer session to deepen the discussion. The audience was very enthusiastic by asking specific questions about cyber-attacks. The speaker then also clearly and coherently answered every question. The discussion and it at 17.05 WIB.