As internet and mobile services continue to rise in power and prominence in our personal and professional lives, so do the dangers and dragons lurking in the darkness of their shadows.
And while yesterday’s science-fiction has become today’s reality, there is cause to be concerned that about every aspect of our lives can be discovered and used in dishonest and malicious ways at the whim of cybercriminals.
Perhaps the most tragic case was that of the recent hacking of Ashley Madison, in which private lives – and affairs – were caught in the crossfire between a disgruntled employee and the company. The trove of data that spilled across the internet led to the suicide of several victims, and the resignation of the company’s CEO, and the episode continues to make headlines in its aftermath.
The massive cyberintrusion in the Office of Personnel Management (OPM) earlier this year taught us that even government-class security gear can fail to prevent information theft. In the attack, sensitive information belonging to more than 20 million U.S. government employees was stolen by hackers with alleged ties to the Chinese government.
The data breach at health insurance giant Blue Cross Blue Shield, which leaked the personal information of more than 10 million people, revealed the darker side of electronic health services, which have otherwise helped revolutionize the health and health service industry.
While Advanced Persistent Threats (APTs) tend to go after corporate and governmental targets, there are also new trends in hackers targeting small businesses and even personal computers and devices rather than going after the big players.
Mobile devices, which have become an inherent part of our lives, are being increasingly targeted by cyber-attacks, and malicious hackers are constantly finding new ways to remotely steal data from phones, listen to calls, take pictures, record voice, or even steal fingerprints. Or they can simply opt to hijack target devices altogether and use them for their own evil ends. And the worst part is that much of it can be done without the victim ever finding out.
And with the advent of Remote Access Trojans, even your bedroom can no longer be considered a private sanctuary, for hackers can take ownership of your webcam and start recording your most intimate activities, which will certainly be used against you in the future.
When they can’t run off with your sensitive information, hackers can target you with crypto-ransomware and encrypt your files and data beyond your reach, either to spite you or to extort you out of your bucks.
Recent research has proven that even antivirus software can be compromised and exploited by hackers, and the simple installation of antivirus programs does not guarantee full immunity against threats.
And while the Internet of Things (IoT) promises to be the next big thing, it will surely trail behind it a host of threats and new attacks. Don’t be surprised if you read about fridges and microwaves turning against their owners very soon.
The spike in attacks against government and corporate networks has turned cyber-security into a vital part of every country’s defense strategy, and officials and agencies are scrambling to shore up their networks against zero-day threats exploited by hackers, domestic and foreign.
Presently, the question is: Should we panic? Should we smash our computers and mobiles to pieces, incinerate the remains, throw the ashes in the sea, and run in the opposite direction to live the rest of our lives as hermits in a clandestine jungle where mankind has never set foot?
The answer is no. Fact of the matter is, the bright side of technological advances are far greater than the evil that trails behind it. The internet and mobile industry have allowed humanity to take leaps in the fields of medicine, science, disaster recovery, democracy and freedom of expression, among others.
Therefore, instead of freaking out and retracing our steps, we must take the necessary precautions to save our personal and corporate lives.
Perhaps the silver lining in all these attacks is that it has raised awareness among companies and governments, and many countries are considering passing laws that bind service providers to protect user data.
Surprisingly, most successful attacks on individuals result from lack of caution from the part of the victim. Adopting the following basic set of technical best practices can help protect your devices from most threats and vulnerabilities:
- Regularly change your account passwords, use strong passwords. and avoid using obvious, guessable passwords
- Keep your operating system and software constantly patched and updated.
- Invest in a reliable anti-malware program, both on your PC and your mobile devices.
- Avoid downloading programs from unreliable sources, or clicking on links in emails coming from unknown senders.
- If you’re going to store information in the cloud, consider using an encryption solution that will ensure your data remains safe even if the provider is compromised.