Protect your data in an era of heightened surveillance.

Protect your data in an era of heightened surveillance. (wired.co.uk)

If you have been following the news lately, you may have come across the recent expose of the Hacking Group on wikileaks where confidential files from the company were exposed. Kenya is one of the nations that was in contact with the hacking group over plans to acquire cyber surveillance software Galileo.

Using this system, an operator can switch on the microphone to listen to your conversation, track location, read messages and take photos stealthily.

The question on many people’s mind is how can one stay safe with so much cyber snooping going on. Someone could be looking over your shoulder this moment so read on for some important tips on how to maintain privacy online.

From time to time, developers discover holes in commonly used systems and send alerts on the updates to devices. Always update  your  android, windows and iOs systems as soon as one is available.

Another option is to download and run Detekt, an anti malware software that was developed specifically to find surveillance software like Galileo. Detekt was developed with the support of  Amnesty International.

Claudio Guarnieri, the developer behind Detekt was quoted on Amnesty’s website amnesty.org,

“There’s no transparency on how these technologies are being used, by whom and in what kinds of circumstances. The only thing we know is that they are being used a lot to stop activists and journalists.”

Detekt does not have malware removal capabilities, but it can tell you if your device is under surveillance, after that you have to seek expert advice.

Also, avoid torrents, cracked software and other illegal sites. Modified copies of legitimate software are put up for download on illegal sites and torrent shares with spyware and trojans embedded. Ensure you download software from sites of origin and always run an internet security scanner.

Your browsing activity is the easiest way to compromise your identity. You can remain anonymous by connecting through a Virtual Private Server (VPN) or using the Tor browser.  Both methods hide your IP address (and your location) to make sure that your online activities are not tracked. You can also use combine Tor and VPN for an anonymous but slower experience. This is especially important when you are sending information as a whistle blower and do not wish your location or identity revealed.

READ: How Hacking Team software is used to track down dissidents and activists

Other ways you can protect yourself disabling browser history, auto logins and cookies. Lots of websites have tracking cookies and can monitor your online activity and history. Some Trojans steal this information and transmit it to a control centre. In addition, simple but sensible measures such as strong passwords and access codes for all your devices and online accounts will  go someway in protecting your accounts. We all remember the case of the Kenya Police website that was hacked simply because the password used was ‘password’. Enabling 2 factor authentication also ensures that even if your password is stolen, it is still useless without your phone.

Finally, you need to take measures in case your device falls in the wrong hands. Burglaries and theft that targets devices not for the value of the device but for the information in the devices. Recently, journalist and blogger Leon Lidigu was arrested in Rongai and later released without his iPad or laptop.

It is likely that his devices have been put through unauthorized search. You can ensure that your data stays safe even when your device is taken off your hands through encryption. Encryption is the practice of converting data into mangled code that cannot be accessed without a passkey or password.  You can encrypt your computers hard drive so that unauthorized access when laptops are lost or stolen is impossible. You can also encrypt your flash drives, external storage memory, phones and tablets.

The only caveat is, your device will be useless if you ever forget your password after encryption. No one can help you.