Cybersecurity: Navigating the Maze

Do you think you can find your way through a maze?

Take a look at the maze below. See if you can find the way through it.

 

picture of maze to solve with pencil

Perhaps you think it’s easy. It’s really not too difficult. But there’s only one way through it.

“Hold on there!” you say. You probably think there’s more than one way.

Really? You missed something the first time you looked.

 

 

There’s a trap door on the outer path that will drop you into a den of deadly vipers if you go that way.

Picture of above maze but showing hazards that weren't apparent previously

 

If you try to go straight through the middle, you will enter a minefield and never even make it to the middle. Only one way remains that will get you through. Can you find it?

“NO FAIR! You didn’t tell us that!”

You certainly need to know those things to get through the maze safely. So, is that fair? Maybe not.

But it’s not that different from trying to navigate the world of cyberspace. There are a lot of hidden dangers out there. I can guarantee that you don’t know about some of them.

Some are pretty harmless and can be ignored. But some will mess up your computer. Others will result in someone with malicious intent stealing your information, or your money. In some cases, your physical or financial safety may be threatened.

You know about some of the threats, especially if you’ve been reading this blog regularly. But there are many more that I haven’t begun to talk about. Some of these are only known to a select few.

Wouldn’t you like to know about those? Wouldn’t it be nice if someone would put warning signs up on the dangerous paths of the maze of cyberspace?

That’s what I’m trying to do with this blog. It may look like I’m spending too much time warning you about one threat after another. But what happens if you don’t know about it and you take the path that runs right through the middle of the minefield?

 

There’s a difference between the maze above and cyberspace. In some cases, you won’t know you didn’t make it through the maze. You will have fallen prey to some danger, but not find out until much later, once damage has been done. The signs are often not obvious. In many cases, that’s the plan. Often, the bad guys don’t want you to find out because that allows them to keep doing what they’re doing without anyone finding out.

It helps to know where the traps are. It’s harder if there aren’t any signs saying “Caution: Minefield Ahead.”

If you have a maze ahead of you, you have several options.

One would be to refuse to attempt the maze, since you don’t know which way will get you killed. That may be OK for the maze, but it’s not a very good solution when it comes to cyberspace. But it is a solution that some people take, at least partially. They are afraid of what might happen, so they don’t take advantage of what the Internet offers.

A better way is to decide to get better informed.

There may not be any warning signs in the maze. But suppose you were able to find out what kind of traps exist that you might run into. What if you could then learn the subtle signs that a trap is ahead of you? For the trapdoor, there may be signs on the ground that indicate a trap door might be present. For the mine field, there might be signs that the ground was disturbed. There may be equipment that can detect the presence of mines. If you are able to learn what to look for so that you know when there is a trap, you might just make it through the maze in one piece.

So, you now have some better options. You can proceed cautiously, alert to the warning signs. When you see a warning sign, you now have some choices. You can go back and find another way. Depending upon the danger, you may be able to proceed, if there is some way to do so while escaping the danger. What if the minefield had red X’s painted on the ground where each mine is located and you were careful to tread lightly so the vibration of your walking didn’t set off something nearby? You’d have a better chance of getting through the minefield without injury.

Photo of maze through hedges, with hazards marked on ground with red

Of course, there are no red X’s marking all the mines in cyberspace. But there are often other ways around the dangers. If you know what kinds of dangers are present, and you know how to recognize them when they are present, you have a much better chance. Then you can choose to avoid that particular situation and find a different path. Or, if you know enough, you can sometimes find a way to accomplish what you need to do without getting trapped.

An example would be with e-mail attachments. If there is an attachment to an e-mail that you feel uncomfortable with, you can call the sender to verify they are really the one who sent it. If they aren’t, don’t open it. You just avoided the danger. If they did send it, it could still be infected, if their system is compromised. If you are concerned about their computer being infected, you need a way to investigate it without compromising your computer. There are ways to do this; some of those require more explanation than I can give in this post. (One way would be to open it on a “spare” computer that you don’t use for anything important. Most people don’t have a spare computer that they don’t care about but, if you happen to have one, that would be one way.)

If you didn’t know that e-mail attachments might be risky, you would probably open one that was malicious. When you get an e-mail from DHL saying your package couldn’t be delivered, you would be likely to click on the attachment to find out what they are talking about. But, if you know that these kinds of e-mails are likely to be “fake,” that they attempt to get you to open an attachment or follow a link that will infect your computer, you will likely not open that attachment or click on that link. It helps to know that e-mail attachments and links can be risky, especially from an unknown source. It also helps if you know that e-mails that report a “problem with your account,” “failed delivery” or “failed payment” are a way that the attackers try to trick you.

If you don’t know the tricks and the traps, you won’t be able to avoid them. If you know what they look like, and you keep alert to the signs, you have a much better chance of making it through safely.

Maze from above, but showing cyber hazards

If you want to make it through the maze of cyberspace while avoiding the unmarked dangers, you need to learn what they are, how to recognize them, and what to do when you find them. That is one of the things I am trying to do with this blog.