Defending your Digital Castle


Kenneth Vu, Staff Writer

The world is becoming more and more dangerous as it transitions to a digital phase, and it requires a lot more knowledge on how someone can stay safe. Caution must be taken, and your guard must be kept up high when online. Here’s how hackers can own you.

Quinn Cabral, AP Statistics teacher is currently in her second year at Gunderson and also teaches AP Computer Science Principles.

“We’re in a time where we have all this technology,” Cabral said.“But we don’t know how to be safe with it all the time.”

Currently, the digital world is filled with hackers of malicious intent. They exploit bugs and create malware for their personal gain. To be cautious, it is extremely recommended that you try your best to protect yourself online. 

Kevin Vu, a software engineer at Microsoft Azure, explains the biggest mistakes people make about their online security. Vu has also previously worked at Google and Amazon.

“The biggest things are passwords, that’s number one,” Vu said. “The second thing is downloading sketchy apps or mods.”

Vu knows that people aren’t always concerned about their passwords, and he thinks better care could be taken.

“Let’s say [your password is] 10 characters, it’s pretty much instantly crackable. So if you have a short password, it’s like you don’t have a password at all,” Vu said. “So it’s important to have a longer password.”

However, there is a downside to setting long and complex passwords, and Vu knows this very well. 

“The big thing is that if you have a bunch of unique long passwords, you’re never going to remember all of them,” Vu said. “It’s just going to be way too inconvenient, and it’s going to be like a pain in the butt, the login of all those websites.”

Luckily, Vu knows a simple solution to this otherwise intimidating problem.

“There are these things called password managers that make it much more convenient,” Vu said. “And there’s a lot of research that’s been done in the password managers and it’s pretty much the way to go.”

It seems wrong to put all your passwords in one place which could be hacked. However, Vu believes otherwise.

“It’s much safer to use a good password manager that has a whole bunch of unique passwords and one-time authentication codes to all of your websites,“ Vu said. ”Instead of just using one password for all your websites, that’s extremely insecure.”

For this strategy to work, Vu recommends setting an extremely strong password for your password manager, as well as changing it every few months.

“The goal is you only have to remember one extremely hard-to-crack password. And you can log in to everything securely,” Vu said. 

However, a password may not always protect your data from those with bad intentions. Sometimes, the victim could even be tricked into giving their personal data.

“Phishing attacks are very prevalent now,” Peter Tran said. Tran works at the Santa Clara Sheriff’s office. He enjoys automating things using technology and knows the cybersecurity world. 

“The best way to get someone’s information is actually to [be a] social engineer. It’s about tricking the person into trusting something that seems legitimate when it’s really not.” Tran said.

Phishing attacks, which “fish” out the info from their victims with clever bait, work in quite a simple way.

Tran explains that people are able to make fake websites and emails in order to mislead people into giving away their information.

“Phishing emails [and websites] ask you for specific information, like does it ask you for usernames and passwords for anything? Does it ask you to enter anything?” Tran said. “Does it also alarm you in a way where it says ‘Oh, you have to do an action very quickly’, or it tells you that you’ve won something, so you have to be suspicious of all that stuff.”

Fortunately, Tran knows a way to spot when someone is trying to perform a phishing attack on you.

“First, you want to check to see if the name of the website itself is legitimate,” Tran said. “Sometimes, illegitimate sites will have just weird-looking URLs in them, so you have to be aware of that.”

Bad actors on the internet are becoming increasingly more clever to trick more people. 

Sometimes, a URL could look extremely similar, such as “”, spelled using the letter “i” rather than an “L”. This can trick a lot of people, so make sure you truly are on the right website, or you may accidentally submit personal information you don’t want malicious people to have.

“I think it’s always good to be cautious and always be cognizant,” Tran said. “You have to have the mindset of being suspicious of everything, especially if things seem to be too good to be true.