Posted by Kevin Hernandez, Developer Relations Community Manager
For Cybersecurity Awareness Month, we are celebrating Shrutirupa Banerjiee, Web GDE.
The web can be an excellent tool to learn a new skill, connect with people all over the world, digest information, or use new technologies such as Google Bard. However, there can be threats that loom whenever you go online – malware and social engineering attacks (also known as phishing) are some examples of today’s cyber attacks that can steal data or gain access to your system. Luckily, we have people like Shrutirupa Banerjiee, Web GDE, working on ways to keep companies and individuals safe from these threats. Shrutirupa got her start in the field by way of Blockchain security and eventually transitioned into a malware research role as a Senior Security Researcher. As an advocate for cybersecurity, Shrutirupa shares what threats are facing us today and what steps we can take to keep ourselves safe.
Threats facing the web today
Shrutirupa is mostly concerned with malware and especially those that bide their time and sit in your systems for months and sometimes even for years. She describes, “These attacks get into your system and sit there for months while you’re unable to identify that there is any kind of malware or malicious program. When you’ve already gained trust, it will start connecting with the malicious servers.” A recent example of this type of attack was the SolarWinds attack. With this case, hackers were able to gain unauthorized access to the SolarWinds network in 2019, injected their malicious code into the SolarWinds software in February of 2020, and in March of 2020 SolarWinds unknowingly pushed a software update which included the malicious code (source: NPR). This malware was downloaded by 18,000 customers, compromising the data of companies and government agencies which included the Treasury and the Pentagon.
One mission that Shrutirupa is actively working towards is bridging the gap between developers and cybersecurity professionals. By being made aware of the new threats that face the web, developers can actively safeguard companies and consumers from malware attacks.
How you can stay safe online
Shrutirupa recommends the following to help prevent data breaches or attacks on our systems:
- Think before you click: Be aware of anything that you’re downloading and do your proper research on the source of the software. You can see what others are saying about the software on community sites like Quora or Reddit.
- Software updates: Make sure your software updates are up-to-date since these contain patches.
- Antivirus scanners: There are many free options that you can add to your computer and use to run regular scans to ensure that your system is running safely.
- Multi-Factor Authentication (MFA): This method allows you to have an extra layer of security when logging onto sites and notifies you of unauthorized logins.
- Developers and researchers working together: Consult cybersecurity professionals like Shrutirupa! Cybersecurity professionals are on top of new threats and can make you aware of what you should prioritize as a developer.
Shrutirupa has also been able to leverage Google technologies and the GDE program in order to educate and test in a safe environment. “Google provides me with an environment where I can mentor students who want to get into cybersecurity or want to do development in a secure way. Google also has resources like Google Cloud Platform where you can practice and test everything while learning,” she says.
With people of all ages accessing the internet, Cybersecurity Awareness Month is crucial and Shrutirupa believes that awareness of threats should be a regular occurrence due to the importance of it. She states, “We have children, parents, and grandparents all accessing the internet. Because of this, we should always be vigilant about what we’re downloading and understand previous and new cybersecurity attacks so we can prevent them.”
The Google Developer Experts (GDE) program is a global network of highly experienced technology experts, influencers, and thought leaders who actively support developers, companies, and tech communities by speaking at events and publishing content.