Why you’re not as secure as you think you are
by Larry Bridwell - Global Security strategist at Sticky Password - Friday, 22 August 2014.
There are 2.4 billion Internet users in the world today. Many of these users, in good faith, leave their personal online security up to their service providers. Sadly, time and time again, we see these companies fail to effectively protect sensitive customer data.

Why are there so many breaches?

Since 2013, there have been close to 1 billion records stolen as a result of data breaches. In the last year we have seen some of the most prominent organizations fall victim to cyberattacks.

The Heartbleed bug became another major issue as the bug created a vulnerability in the way browsers communicate to secure websites. The vulnerability was discovered in the OpenSSL cryptographic software library that is commonly used on servers utilized by banks, email providers, social media companies, etc.

Attackers were able to listen in to communications between the server and customers to steal passwords, personal data and more. While users were prompted to change all passwords and create new, stronger passwords, many of them were seemingly unaware of the seriousness of the security breach and the Heartbleed bug still continues to be a problem.

eBay fell victim to hackers in one of the biggest hacks to date. Users’ personal names, usernames, encrypted passwords, email addresses, phone numbers and date of birth were all stolen from its database. Even though passwords were encrypted, poorly designed passwords can be cracked and used by the hackers.

Target was also the victim of a hack when customer names, credit and debit card numbers, expiration dates and CVVs were involved in the information theft. Forty million credit card numbers were reported stolen from the company’s 1,797 U.S. stores. Security experts believe that hackers had access to the point-of-sale data, which means they either accessed the terminals where customers swiped credit cards, or that they collected the data as it moved from Target to credit card processors.

Are hackers getting smarter?

Hackers are not necessarily getting smarter but with the vast amounts of data that can be stolen, they are becoming more organized and sophisticated. In the last year, hackers have developed more advanced approaches to steal valuable information and leave users completely oblivious. Hackers have managed to effectively manipulate certain online platforms to mimic popular websites enticing consumers to enter their data. Hackers have also developed new bugs to infiltrate data centers and take precious user information.

Are users more vulnerable?

Today, online users are more vulnerable than ever before because there is a lack of awareness. Consumers take reasonable precautions to protect their information, but sometimes these measures are not good enough. With the growth of numerous online channels for shopping, banking and communications, consumers’ sensitive data is an easy target for hackers when a company is hacked. Increased use of social media and displaying important personal information also puts consumers at risk as it allows hackers to learn more about the targets’ lives.

With the growth of new mobile platforms, mobile data traffic is up 81 percent from 2008 to 2013. These platforms often save sensitive data and, through cloud synchronization, this data is available on multiple devices. If one device is lost or stolen, this can open the door for hackers to access personal accounts – or worse – steal the users’ identity.

Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //