With a new year comes new challenges, and few have become as problematic as online or cyber threats.
Martin Giles, San Francisco bureau chief for MIT Technology Review, points out that there are a number of significant cyber threats for consumers this year, including data breaches, artificial intelligence and cyber-attacks as weapons, and and cryptocurrency hacks.
While these threats can affect all of us, there is very little we can do to protect ourselves, since we are at the mercy of the companies holding our data to protect it.
Giles points out that one threat in which we have a great deal of power to control is becoming a growing concern for individuals and businesses: Ransomware.
Ransomware is a malicious online computer program (malware) that blocks access to or steals outright important and private electronic files. Once compromised, the victim is often forced to pay a ransom to retrieve access to their files, typically in the form of cryptocurrency.
As more and more companies move to software as a service (SAAS) in lieu of offering downloadable programs we use and manage on our devices, more and more of our information and data is going into the cloud. And while some argue that data is more secure in the cloud, the fact is that it becomes accessible to anyone with the proper credentials to do so.
Giles points out that there was a "plague of ransomware attacks" last year and suggests that the problem could become worse. He emphasizes that hackers most likely will be targeting the cloud, hacking into our private information being stored on servers all around the world.
And while these services are owned and operated by huge companies, more often than not, hackers exploit areas of vulnerability in accounts, such as using social engineering to determine online credentials, then using simple algorithms to hack a password.
In the past, victims have typically paid the ransom, and for a long time, ransomware hackers policed their community to ensure that "honesty" was adhered to and data was returned. Some hackers even provided "Support Centers" and "customer service."
Things have changed, however, and the practice of ransoming data has become more popular, even birthing off-the-shelf ransomware programs available to those who know where to look. Moreover, victims are finding that paying the ransom does not always assure return of their data. In fact, one survey found that over half of companies that paid the ransom actually had their data returned.
Turns out that the community of thieves has been infected with criminals.
So while we may not be able to control or have an impact on how companies manage our data, we can take personal responsibility in how we protect the data on our end.
1. Protect Your Email
Just like our eyes are the window to our soul, our email is the window to our online soul. We use emails not only to log into important accounts but also to reset our passwords. Once a hacker has access to your email, it is not difficult for them to get into most of your online accounts.
Never share your email credentials and passwords with anyone, and when possible, set up alias emails (if your email service provides them) for unimportant online accounts. It may seem like a lot to manage, but not when you compare it to the hassle of having your information breached.
2. Tighten Your Privacy Settings
We all love to share information online. The problem is that experienced hackers can use social engineering to "backwards integrate" into your accounts. Basically, by viewing your online profiles and activity, most hackers can determine where you live, your hometown, the names of your friends and family, etc. By using this information, they can then attempt act like you to contact important services that you may use to get access.
While this seems like a long shot, it works. Personally, I was a victim of an attempted social engineering. Someone called my bank and got through a number of security checks before being thwarted.
While most of us aren't going to turn off our online activity, the next best thing is to be more strict with our privacy settings, especially on accounts where we share personal information.
3. Covet Thy Passwords
By and large, the easiest way for hackers to get into your accounts is by hacking your password. That is because we all like to use passwords that we can remember, and we use common passwords across accounts. Hackers know this, and by determining a few things about you -- names of streets, kids, pets, universities, etc -- most can use algorithms to determine yours.
When it comes to passwords, take every precaution to maximize this layer of security. And if you think your password is top notch, you may be surprised. Use this Password Strength Test to see how yours measures up.
4. Utilize Two-Factor Authentication
Two-factor authentication is a process through which access to your account is verified even after you have entered your amazingly unique password by sending an additional passcode to a mobile device or email. Most accounts offer this service, and it requires a few minutes to set up.
All of this may seem like a lot of work to protect ourselves, but given the consequence of not doing so, it is worth every minute you spend.
What do you think? How have you protected yourself from cybercrimes? Please share your feedback and experiences with others in the comments below.