Users' Poor 'Internet Hygiene' Leads to Security Breaches
Are there more Internet bad guys out there these days? Sure, but experts say that unwise user practices pose a bigger risk to data security.
The reason, according to security analysts, is a massive gap between the way consumers and employees perceive the Internet, and its actual use in today’s world. Most of us view the web as a useful communications medium, similar to the TV airwaves.
But if you talk to law-enforcement pros, you’ll get a darker take: They see the Internet as a
hostile environment, and one that thus far is nearly impossible to control.
As evidence, consider this: Prosecution rates for the FBI in cyberspace are less
than 2%, yet it's the No. 1 criminal priority for that agency.
Here’s a partial list of the poor-hygiene practices that lead to breaches. How many of these are you guilty of?
- Failing to update software with the latest security patches.
- Downloading unsafe software programs, such as screensavers and games, that are famous for harboring malware. Also, installing unsafe apps on smartphones and tablets.
- Creating weak passwords, using those passwords across different accounts, writing them down, and sharing them with family members or coworkers.
- Creating blogs with such tools as Wordpress or Joomla, then neglecting those blogs (which opens them up to savvy hackers).
- Clicking on suspicious links and, in general, falling for phishing scams. Remember, today’s highly targeted spearphishing campaigns can be very persuasive, and are often designed to infiltrate a corporate network and steal sensitive data over a long period of time.
Worst Breach Ever: 1.2 Billion Credentials Hacked
In recent months, a Russian cyber-gang has breached over 420,000 websites to pilfer more than 1.2 billion credentials, according to security analysts. It is reportedly the largest data breach known to date. The gang amassed over 4.5 billion records, 1.2 billion of which appear to be unique and tied to more than half a billion email addresses. The cyber-gang, dubbed CyberVor (“vor" is Russian for “thief”), used botnets to scan hundreds of thousands of websites for known vulnerabilities. Companies both large and small were targeted.<?xml:namespace prefix = o />
51% of Consumers Share Passwords
You have to scratch your head sometimes at consumers’ behavior. In a recent study, while 52% of respondents said security was a top priority when choosing a mobile device, 51% admitted they are putting their personal data at risk by sharing usernames and passwords with friends, family, and colleagues. The survey of 2,000 consumers also questioned whether those passwords are strong enough to protect people’s applications and the data they hold. Half the respondents said they remember their passwords rather than writing them down or using password-management solutions. To experts, this indicates people are relying on easy-to-remember combinations and using the same password across multiple sites.
One Email from an ID Thief Wipes $300M from a Company’s Value
If you think warnings about the perils of the digital age are overblown, here’s a case to consider: recently, a single email wiped $300 million off the value of an Australian mining company. A self-styled “environmental activist” who was displeased by the company created an authentic looking email address, used identity fraud to impersonate the business’s press officer, and sent out a bogus press release that suggested the company faced severe financial difficulties. The result? In the next day’s trading on the Australian stock market, the publicly held company saw its valuation fall by an astonishing $300 million.