Security Surgery with Matt Lewis Part Two: A Day in the Life

As part of our Always On, Always Here campaign, which explores how we make our connected society safer and more secure, we’re answering some key questions about cyber security in smart cities, everyday routines, connected health and more.

In this four-part series, Matt Lewis, Research Director, provides the answers and explains how the work we do shapes and secures our society in ways that you might not be aware of.

In this edition, we’re focusing on how cybersecurity affects our daily routines, from working remotely to Smart TVs and Critical National Infrastructures (CNI). Watch the video or read the Q&A below and get in touch if you want to find out more.

How has working remotely affected my risk profile?

The likelihood of phishing attacks has certainly increased during this period. While working remotely, people might be more likely to click on links because they are using new or additional pieces of equipment that they haven’t been using before.

We are also much more reliant on our home networks that might have other family members’ devices connected to them. With so many people online, many are experiencing bandwidth or connectivity issues, but it’s important to resist the temptation to connect to unknown networks or systems in our vicinity instead.

With this in mind, it’s important to practice good cyber security hygiene. By that, I mean choosing unique, secure passwords for different systems and ensuring that your WIFI access points also have strong passwords configured.

What are the risks to smart TVs?

Good question! Smart TVs often have inbuilt webcams and microphones to allow for video conferencing and messaging systems, but they also have a big potential for privacy exposure. Like traditional IT systems, you can be tricked into downloading malicious apps to your smart TV which could use those webcams and microphones to spy on you or record sounds within your home.

As such, you should be vigilant about the types of apps that you’re downloading, and avoid clicking on untrustworthy links that download apps for us. Patching apps is also important. We’re not typically habituated in the concept of applying security updates to our television sets, but if a manufacturer releases a critical update that addresses a known security flaw, people with smart TVs should download them immediately and ensure that all the TV’s apps are up to date.

How have the threats to critical national infrastructures evolved over time?

Traditionally, many CNI systems have not been connected to the internet or have been on private networks. However, over the years, they have evolved to become increasingly interconnected with controls implemented to securely allow internet connectivity, to support remote working or integrate with other systems to open up to cloud-based platforms.

However, this evolution means that very critical, sensitive systems are now potentially accessible over the internet. Even if they are not directly accessible, they might be connected to internal corporate systems that have outbound access for email and internet. The issue or threat there is that someone falling foul of a phishing attack on that network might allow an attacker to have a footprint into the more critical aspect of that network, whether that be telecoms, nuclear, banking or any other CNI.