There are no equivalents to highway codes, nutritional1 guidelines and movie-style ratings systems to help people make safe choices on the internet.
人们要在互联网上做出安全的选择,没有像现实生活中交通法规、营养指南以及电影风格评级制度之类的东西作为参考。
Many consumers feel hopeless and helpless, as retailers2, healthcare providers and governments lose millions of records and hackers3 steal their identities to make fraudulent transactions. Senior businesspeople may be among the most at risk because of their wealth or because they may have access to commercially sensitive material.
许多消费者感到绝望和无助,因为零售商、医疗服务提供者及政府丢失了数以百万计的记录,而黑客窃取消费者的身份进行欺诈交易。高层商界人士属于风险最高的人士行列,原因在于他们的财富,或是因为他们可能有获得商业敏感材料的途径。
Current forms of cyber security protection, particularly for individuals, are not keeping up with wily hackers, who are able to change tactics quickly.
当前的网络安全保护形式(尤其对个人来说)跟不上能够快速改变策略的狡诈黑客。
Jay Kaplan, chief executive of Synack, a security start-up, says people should prioritise monitoring how their information is being used, because they have to assume it has been stolen by someone.
初创的网络安全企业Synack首席执行官杰伊愠湓灦(Jay Kaplan)说,人们应该着重监测他们的信息是如何被使用的,因为他们不得不假定自己的信息已经被别人窃取了。
“It is inevitable,” he says. “Everyone needs to take a stance that eventually their information will be compromised unless they live under a rock and never share electronically. Even then, it is impossible, given they do things such as file tax returns.”
“这是不可避免的,”他说。“每个人都需要认识到,他们的信息终究都会受到危害,除非他们生活在岩石下面,而且从不使用电子方式分享信息。即便这样,信息泄露也不可能避免,因为他们要做纳税申报之类的事情。”
Regularly checking your personal credit rating is the best way to keep track of financial fraud, but it is harder to monitor how hackers are using healthcare data or how identification such as social security numbers in the US or national insurance numbers in the UK, that are used to access myriad4 sensitive accounts, may be being misused5.
定期检查自己的个人信用评级是发现金融欺诈的最好方法,但要监控黑客如何利用医疗数据或者那些用来访问大量敏感账户的身份信息(如美国的社会保障号码或英国的国民保险号码)如何被滥用要困难得多。
Mr Kaplan says companies’ and government agencies’ dependence6 on this form of identification and other easily discoverable identifiers such as names, addresses and dates of birth, is archaic7 and no longer secure.
卡普兰说,企业及政府机构对这种身份识别形式以及其他容易被发现的识别信息(如名字、地址和出生日期)的依赖是过时的、不安全的。
He recommends companies come up with a more secure authentication8 system and that consumers use two-factor authentication, where a password is used in conjunction with another randomly9 created code, often sent by SMS or generated by an app.
他建议企业使用一种更安全的身份验证系统,消费者使用双重身份验证——密码与随机创建的代码配合使用,后者通常由短信发送或由应用生成。
Vince Steckler, chief executive of Avast, an antivirus software maker10 for consumers, says people become scared when they see thefts of individuals’ data from companies such as Target and Home Depot11, the US retailers. But he adds they really need to worry about how much data they share voluntarily online.
杀毒软件制造商Avast首席执行官文斯施特克勒(Vince Steckler)说,当看到个人信息被从美国零售商——如Target和家得宝(Home Depot)——那里被窃取时,人们会感到害怕。但他补充说,人们真正需要担心的是自己在网上自愿分享了多少数据。
“Users probably give far more private information about themselves through their normal use of the internet —Facebook, WhatsApp, just about any kind of app on a phone or computer,” he says. “They give up a massive amount of personal information. The biggest threat to people’s privacy is just the legitimate12 stuff they are using.”
“用户在日常使用互联网(Facebook、WhatsApp等手机或电脑中的任何一款应用)时,提供的私人信息可能还要多得多,”他说,“他们暴露了大量的个人信息。对人们的隐私威胁最大的是他们使用的合法工具。”
Hackers often use publicly available data about people that is on the internet to “socially engineer” contacts, pretending to be someone users know or trust in order to get them to download an attachment13 or click on an infected link. Or they can use online information on friends and family members to answer the questions that might be used to access password codes.
黑客经常利用在网上可以公开获得的个人数据来制造社交关系,假装是用户认识或者信任的某个人,为的是让他们下载一个附件或者点击一个有病毒的链接。或者,他们可以利用一个人的朋友和家人的网上信息回答可能被用于获取密码的问题。
“On a public profile, people have where they are born, what university they went to, who their family members are, what city they live in. All that information can be used to get more private pieces of information such as social security numbers, addresses and phone numbers,” Mr Steckler says.
“在公开简介中,人们透露出自己的出生地、读过的大学、家庭成员以及所居住的城市。所有这些信息都可以被用于获取更多的私人信息,如社会保障号码、家庭地址及电话号码,”施特克勒说。
People should be aware of what information is available about them online and be suspicious when they receive emails from unknown senders. When clicking through to another site from an email, do not enter personal details as it could be a fake domain14. Instead, search for the site on an independent search engine and log in from there.
人们应该了解,自己的哪些信息在网上可以查到,并且在收到陌生人发送的邮件时应保持怀疑态度。当从电子邮件中点击链接进入另一个网站时,不要输入个人详细信息,因为该网站可能是一个假冒域名。你要做的是,在另一个独立搜索引擎上搜索该网站并从那里登录。
Senior managers and executives in organisations may be even more at risk, cyber security experts warn, as hackers will presume they have good credit ratings or perhaps access to confidential15 work files while working remotely.
网络安全专家警告称,组织中的高层管理人员可能面临更大风险,因为黑客会推测他们有很好的信用评级,或者在远程工作时可以访问机密的工作文件。
Tony Anscombe, head of free products at AVG, a security software maker, says consumers need to think about forgoing16 some convenience in return for better security. When shopping online, he recommends people use the option to check out as a guest to restrict the number of ecommerce sites that store their details.
网络安全软件制造商AVG免费产品主管托尼褠斯科姆(Tony Anscombe)说,消费者需要考虑放弃一些便利,以换取更好的安全性。上网购物时,他建议人们使用访客结账的选项,以限制电子商务网站存储他们详细信息的数量。
“One of the first things I suggest to anyone is you can type in your credit card details each time you make a purchase. It is only a 16 digit17 number, it is not too complicated,” he says.
“我对所有人的第一个建议是,每次网购,你都要输入一次自己的信用卡信息。只有16位数字,并不太复杂,”他说。
He adds that consumers should use different email addresses for different purposes, such as shopping and banking18, so hackers cannot match an email stolen from an ecommerce website to one from a bank. Emails from more than one address can be directed to the same device, so this should not be too inconvenient19, he says.
他补充说,针对不同的目的(如购物和办理银行业务),消费者应该使用不同的电子邮件地址,这样黑客就无法利用从电商网站偷来的电邮去匹配从银行窃取的电邮。可以从同一款设备发送多个不同地址的电邮,因此,这样做应该不会太麻烦。
Other basic steps that Mr Anscombe recommends include checking your social media settings to make sure you know what you are sharing, turning off facial recognition so that you do not get tagged in photos without your permission and using different and complex passwords for each account.
安斯科姆建议的其他基本措施包括,检查你的社交媒体设置,确保自己知道分享的内容;关掉面部识别功能,这样你就不会在未经自己许可的情况下被在照片中标注出自己的名字;每个账户要使用不同且复杂的密码。
“Every time you write something down that is personal, think: Who is storing it, where is it being stored and why am I sending it to them?” he says.
“你每次写下涉及个人隐私的信息,都要想一下:谁在存储它,存储在哪里,我为什么要发送给他们?”他说。
1 nutritional [njʊ'trɪʃənl] 第8级 | |
adj.营养的,滋养的 | |
参考例句: |
|
|
2 retailers ['ri:teɪləz] 第7级 | |
零售商,零售店( retailer的名词复数 ) | |
参考例句: |
|
|
3 hackers ['hækərz] 第9级 | |
n.计算机迷( hacker的名词复数 );私自存取或篡改电脑资料者,电脑“黑客” | |
参考例句: |
|
|
4 myriad [ˈmɪriəd] 第9级 | |
adj.无数的;n.无数,极大数量 | |
参考例句: |
|
|
5 misused [mɪsˈju:zd] 第8级 | |
v.使用…不当( misuse的过去式和过去分词 );把…派作不正当的用途;虐待;滥用 | |
参考例句: |
|
|
6 dependence [dɪˈpendəns] 第8级 | |
n.依靠,依赖;信任,信赖;隶属 | |
参考例句: |
|
|
7 archaic [ɑ:ˈkeɪɪk] 第9级 | |
adj.(语言、词汇等)古代的,已不通用的 | |
参考例句: |
|
|
8 authentication [ɔ:ˌθenti'keiʃən] 第11级 | |
鉴定,认证 | |
参考例句: |
|
|
9 randomly ['rændəmlɪ] 第7级 | |
adv.随便地,未加计划地 | |
参考例句: |
|
|
10 maker [ˈmeɪkə(r)] 第8级 | |
n.制造者,制造商 | |
参考例句: |
|
|
11 depot [ˈdepəʊ] 第9级 | |
n.仓库,储藏处;公共汽车站;火车站 | |
参考例句: |
|
|
12 legitimate [lɪˈdʒɪtɪmət] 第8级 | |
adj.合法的,合理的,合乎逻辑的;v.使合法 | |
参考例句: |
|
|
13 attachment [əˈtætʃmənt] 第7级 | |
n.附属物,附件;依恋;依附 | |
参考例句: |
|
|
14 domain [dəˈmeɪn] 第7级 | |
n.(活动等)领域,范围;领地,势力范围 | |
参考例句: |
|
|
15 confidential [ˌkɒnfɪˈdenʃl] 第8级 | |
adj.秘(机)密的,表示信任的,担任机密工作的 | |
参考例句: |
|
|
16 forgoing [fɔ:'gəʊɪŋ] 第12级 | |
v.没有也行,放弃( forgo的现在分词 ) | |
参考例句: |
|
|
17 digit [ˈdɪdʒɪt] 第8级 | |
n.零到九的阿拉伯数字,手指,脚趾 | |
参考例句: |
|
|
18 banking [ˈbæŋkɪŋ] 第8级 | |
n.银行业,银行学,金融业 | |
参考例句: |
|
|
19 inconvenient [ˌɪnkənˈvi:niənt] 第8级 | |
adj.不方便的,令人感到麻烦的 | |
参考例句: |
|
|