The digital trail we leave on the Internet can be dangerous. We need to be fully aware of what information we make public on social media, because in the wrong hands, even something that seems innocent can lead to a crippling cyberattack.
Digitization is growing exponentially. With this in mind, it is crucial for us to be aware of what information we are making public and know how that might be used against us, since even information that we consider harmless can have serious consequences for a company if it is not handled properly.
A lack of awareness and care toward the data we share online can compromise the security of the company, as cybercriminals can exploit this data to attack systems, networks, and computers. In this article, we will explore two common methods of obtaining information: footprinting and fingerprinting.
Metadata: what is it, and what is it for?
When we take a picture with our cell phone, the device stores additional information such as the date, the model of the device, and the geographic coordinates of the place where the picture was taken, among other things. This is true for many file types, such as PDF, DOCX, and XLSX, among others. If, for example, we upload a file containing confidential product information, we may also be storing information such as the model of the computer used – and even usernames and passwords.
What is footprinting?
This technique involves accessing all the public information that a company has shared on the Internet. To achieve this, cybercriminals examine social media networks and news media and can even analyze file metadata. Companies often share information with the public on a daily basis, and by doing so, may unintentionally disclose information that the company wants kept confidential. Once this information has been publically shared, cybercriminals can collect all the data they can from it without violating any laws.
What is fingerprinting?
Fingerprinting involves collecting information, but unlike footprinting, it requires interaction with the system being analyzed. By doing so, cybercriminals can obtain information about the web browser, operating system and other device characteristics to create a complete profile of their target. Using this technique, users can be tracked and information about their online behavior can be collected without their explicit consent. This information could be used, for example, to discover a method of accessing a system.
Prevent your company’s critical information from being collected with these methods
First, we have to acknowledge that it is impossible to hide or eliminate our digital footprint entirely, since leaving traces on the Internet these days is inevitable.
However, we can significantly reduce this footprint by adopting certain habits and acquiring basic knowledge. Today, many messaging and social networking applications remove metadata when uploading images to the network, but it is still important to be careful about what we share. Avoid publishing images of easily identifiable places or important locations of the company, such as server rooms, security accesses or emergency exits.
It is also essential that you make employees aware that they should not take photos at their workplace, especially with the screen on, as they could reveal confidential information on the screen or on the desktop itself.
For cases like this, we have created Zepo, your personalized cybersecurity training tool.
Zepo is your best ally, a cybersecurity training tool for your company available entirely in Spanish, helping you to detect and prevent any threat and act quickly and effectively.
Want to know more?