In today’s world, the digital environment is the primary space for storing and exchanging information. Personal data, financial transactions, and professional communications have moved online, giving rise to new technological risks. Unauthorized access can lead not only to financial loss but also to identity theft.
Ensuring cybersecurity requires a systematic approach and adherence to digital hygiene. Information protection is built on access control, encryption of communication channels, and critical analysis of online resources. Ignoring these protocols makes personal data vulnerable to automated harvesting systems and targeted attacks.
Liter.kz spoke with Dinara Kassimova — PhD and expert in IT, digital security, and Big Data — on how to minimize risks and build an effective online defense system.
– Why is it so important to protect our online data today? – Today, data is the “new oil.” Information about your purchases, location, contacts, and biometrics is collected and monetized. If this data falls into the wrong hands, the consequences can be fatal: from bank account theft to blackmail and identity theft. With the advancement of AI, scammers can create convincing deepfakes using just a couple of your photos and a voice sample.
– What makes a password secure? – I strongly recommend using long and complex passwords. A reliable password contains uppercase and lowercase letters, numbers, and special characters. Even better, use a long passphrase that is easy for you to remember but difficult for others to guess. A strong password is one that cannot be cracked via “brute force” or dictionary attacks. It should be at least 12–16 characters long, unique, and not contain obvious info like birthdays or names of relatives.
– Can I use the same password for all my accounts? – I categorically advise against this. Password reuse is one of the most common and dangerous mistakes. If one service is breached, hackers will automatically try that same password on other platforms. This method is called credential stuffing. It’s like having one key for every door you own.
– What is Two-Factor Authentication (2FA) and why is it necessary? – It is an extra layer of security that requires not just a password, but a second confirmation. Here’s how it works: the first factor is something you know (password). The second factor is something you have (a phone for SMS, a code in an app like Google Authenticator, or a hardware key). Even if your password is stolen, a hacker cannot log in without access to your physical device.
– How can I tell if a website is safe? – I suggest looking for the following signs:
- HTTPS Protocol: Look for the padlock icon in the address bar and the “https://” prefix (S stands for Secure). This means the connection is encrypted.
- Domain Name: Check the spelling carefully. Scammers create clone sites by changing one letter (e.g., g00gle.com instead of google.com).
- Legal Information: Look for a privacy policy and company contact details.
– Is public Wi-Fi dangerous? – Yes, it is potentially dangerous. Cybercriminals can intercept your traffic using “Man-in-the-Middle” attacks or set up fake hotspots like “Free_Airport_WiFi.” My recommendation: if you must use such a network, always use a VPN to create an encrypted tunnel for your data.
– What should I do if my account is hacked? – You must act quickly. Try to reset your password via email or your linked phone. Terminate all active sessions in your security settings (“Log out of all devices”). Change passwords on all linked accounts, especially your email. Report the hack to the service’s support team and warn your contacts not to click on any links sent from your name.
– How can I protect my personal data on social media? – Set your profile to private. Limit who can see your phone number and email. Do not post photos of tickets, documents, or your home geolocation in real-time. Do not accept friend requests from suspicious or “empty” accounts.
– Should I save passwords in my browser? – As a specialist, I am skeptical about this. If someone gains physical access to your unlocked computer or if a virus (stealer) infects the device, your passwords can be extracted in seconds. A better alternative is a password manager (Bitwarden, 1Password, KeePass). They store your database in an encrypted format.
– What are the most common mistakes users make? – In practice, I most often see the same errors: simple and identical passwords, ignoring 2FA, clicking on phishing links, installing suspicious apps, and neglecting security updates. Remember, security is not a destination, but a continuous process. Stay vigilant!
