The 2014 Bath Digital Festival carried the theme of Good vs Evil. With ‘good’ days highlighting how to improve your digital skills, and celebrating the best in tech in the west with the SPARKies Awards, Halloween became host to the festival’s ‘bad’ day – a day informing and educating on how to keep your websites safe from brute-force attacks, as well as industry experts coming in to talk about cyber security.
Oli Ward, from The Agency, started off the session by discussing security measures for WordPress – one of the most popular website platforms used today. With over eight years of experience working on website development, Ward was knowledgeable and had plenty of fun facts to lighten the somewhat serious talk. For example, he told the crowd how over 95% of websites who had complained of brute-force attacks – all had ‘admin’ as their WordPress login. If you want to keep hackers out of your website, having a less obvious login is a good place to start. Ward’s biggest tip for security is ensuring your have some WordPress-approved security plugins. These can monitor and block brute-force attacks, as well as scan any additional scripts for malware or broken files. His last tip for maximum security is to audit and review code as often as possible. If your plugin has a new security announcement, check it out and make sure you’re not at risk. Keeping up to date with security enhancements are always going to benefit your site and keep you safe from the latest attacker.
After a hugely successful talk at last year’s festival, Professor James Davenport from University of Bath returned to talk about cryptography and it’s role in everyday life. Arguably, the most well known cryptography system is the Enigma machine – which was cracked during World War II by cryptanalyst Alan Turing. These days, cryptography systems are virtually impossible to break. This is good news for anyone using the internet as electronic security is becoming increasingly important. Cryptography is used to protect credit card information, email messages and even corporate data. Confidentiality is created by encrypting messages to be transmitted or data files to be stored using an encryption algorithm such the Triple Data Encryption Algorithm, which applies the Data Encryption Standard (also known as DES) cipher algorithm three times to each data bloc.
When sending such personal information online, as well as security, you need privacy. Dr Steven Murdoch from University College London come to explain the need for anonymous communications. Dr Murdoch explained that he was a part of a user privacy project – Tor project – which is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Tor is used by a whole range of people, from military personnel to bloggers, whistleblowers and activists to ordinary people. It can be used to source military intelligence, to maintain civil liberties for activist groups, and for socially sensitive communications – such as forums for rape victims, or people with illnesses. However, like most anonymous platforms, Dr Murdoch explained how Tor was also subject to user abuse. People take the anonymity and use it as an excuse to send threats and abuse to strangers on the internet. The most recent cases being the twitter trolls who abused MP Stella Creasy and sent rape threats, which resulted in their arrest.
The Digital for Bad day gave a great insight to the ever-changing internet, and how digital can affect so much more than meets the eye. Technology is a powerful tool, but as the day showed – it all depends on who’s hands it falls into.