Roberto Popolizio
Published on: November 23, 2024
In this interview series by Safety Detectives, I speak with cybersecurity experts who share actionable tips, insider knowledge, and predictions for the future, helping you understand what’s really happening with your data and how you can protect your digital life more effectively—without losing your sanity.
Ieva Matulaitiene is the CEO of Mysterium Network, where she is responsible for driving the company’s strategic growth, overseeing business targets in the Baltics, and leading marketing and commercial development initiatives. Mysterium Network is an open-source, decentralized platform designed to create a censorship-resistant internet. Founded in 2017, it aims to empower users with tools and infrastructure that facilitate secure and private online communication.
What are in your opinion the cyber threats or vulnerabilities that are most underestimated by small businesses and individuals? Can you share an example for each?
Unfortunately, the protection of customers’ data is often underestimated by both small and large businesses. We have all seen various leaks and attacks happening from big corporations to small ones that give out all the crucial information about the userbase – names, addresses, passwords, and all other data that can be effectively used for various nefarious purposes.
Small businesses are particularly vulnerable in this regard as they usually provide services for niche audiences that can be targeted by specific threat actors to extract data that is incredibly valuable for them yet incredibly damaging for the customers.
What mistakes make people and SMBs vulnerable to these attacks, and what can they do to prevent them and limit their impact?
Funnily enough, big businesses have the mindset of “we are too big to fail,” whereas SMBs have the opposite outlook – “we are too small for anyone to care.” Although it sounds redundant, that’s the core cause of underprotection that both of these entities face.
In regards to SMBs, the first prevention tactic would be to lose this mindset and to enforce security measures, even the basic ones – encrypting the connections between employees by a secure VPN line, ensuring knowledge about social engineering tactics, and keeping the data of customers encrypted too. Leaving it all in plaintext is just a disaster waiting to happen.
Note: Not all VPNs can always bypass georestrictions
Unlike traditional VPNs, which rely on centralized servers, Mysterium’s dVPN operates on a peer-to-peer basis, utilizing a global network of residential nodes to route traffic. This enhances privacy and reduces the risk of censorship or surveillance
What should victims of such cyber attacks do right away, and who should they call first? The police, a cybersecurity expert, or who else?
The rule of thumb here is to call the authorities first, but, as we all know, investigations take a long time since authorities are rather busy with various other things they need to investigate.
An immediate call to a cybersecurity expert AFTER calling the authorities is a step one should take, as a cybersec expert will help with what you should do immediately. That is, what can be done at this exact moment to immediately increase security at your end, and what can immediately be done to mitigate the possible damages to your customers.
The key word here, as you may notice, is “immediately” – authorities will take time and will bring justice, but it won’t happen right away. Cybersec experts can provide immediate help for the time being, not from a legal perspective but from a purely risk mitigation perspective.
What are the 5 crucial things people should STOP or START doing today to prevent cyberattacks and better protect their data privacy?
- STOP thinking you are not important. Targeted attacks are rare, but if you do not protect yourself and end up in a data breach, you might face some troubles.
- START using a VPN. It won’t protect you from giving out your password to cybercriminals, but it will encrypt your data on public and private networks, keeping it from eavesdropping.
- START thinking that “if it seems too good to be true, it probably is.” This will prevent you from falling victim to various scams that can compromise your data.
- STOP reusing passwords and, to some extent, emails. One breached reused password means that the threat actor can access most of your accounts. As for emails, use different emails for different services, especially for those that seem less reliable. An email without personal information or used for “spam” purposes can be quite helpful.
- START checking reports of various breaches. There are many ways (e.g. Have I Been Pwned) to check breached databases, and if your email is there, make sure to change passwords and all that to prevent any bad stuff from happening.
Looking ahead, are there emerging threats that companies should immediately start preparing for? How do you suggest doing that?
Cyber attacks from state-sponsored threat actors should start happening, given the current tensions in the geopolitical world, increased. This will affect both big corporations (remember the Sony hack?) and small businesses that rely on niche yet possibly powerful customers.
Preparations should start from small things – secure VPN lines for employee communications, risk management plans, and hiring competent cybersecurity experts who can check how well you are doing.
If there was one key lesson you wish our readers could bring home from this interview, what would it be?
Although there are millions of internet users, it doesn’t mean you are a mere drop in the ocean and that you are not important, and that no hacker will care about you. Everything is interconnected and there is always a big possibility you may fall victim to threat actors. Treat yourself as an important piece in this internet maze, and it will help you stay safe!
How can our readers connect with you?
Website: https://www.mysteriumvpn.com/
LinkedIn: https://www.linkedin.com/company/mysteriumnet/
X: https://x.com/MysteriumNet