The second you turn on your computer, power up your phone or your smart devices, you're in danger of being hacked. As long as you are connected to the Internet you have an IP address, so you're in danger from hackers from all over the world.
Of course, this sounds a bit dramatic, and the chances that you'd be personally targeted are low, but not inexistent. The main issue with security threats is that all you need to do to be at risk is to install the wrong app, the wrong browser tool, click the wrong link or open the wrong email.
Risks are left and right and you need to be aware of them if you're going to stay safe, so you know what to avoid. Using the Internet is easy and it's something anyone can do, but you need to be aware of the risks that come with doing this so you don't put yourself, your family, your devices, and your digital identity at risk.
What can happen if you get fall prey to cybercriminals? Well, you may need to disinfect your device with an antivirus at the very least, but you can also lose your device completely due to the worms affecting it. There's also the possibility of money getting stolen from your account, purchases being made in your name, your credit rating sinking, and you are even at risk of having your identity stolen, which can be a complete nightmare.
Over the past year, we've interviewed security experts across the field and we asked a few of them about what they see to be the biggest risks to out cybersecurity. Unsurprisingly, they each had their take on things, with answers going from data breaches, to privacy invasion, to failure to run security patches, and even the companies' failure to invest in people and cybersec.
The Dangers of Email: Spam, Phishing and BEC Attacks
It's true that criminal organizations across the world may be setting up the traps, but you should also be paying attention to where you "step." Steve Durbin, Managing Director for the Information Security Forum, has pointed out that criminal organizations are going to continue to grow, while others will emerge and try to fall in line with the older ones, and they'll all try to get into your devices. Durbin states that email-based attacks such as spam and phishing are most commonly used to obtain an initial foothold on a victim's device.
Shlomi Gian, CybeReady CEO, also told us that phishing emails are one of the biggest threats to organizations, as they're the source that leads to about 90% of all data breaches. "When it comes to phishing emails, the most common attacks people fall for are often the simplest ones. A two-sentence email from a “credible source” (such as Amazon or LinkedIn) prompting an employee to update their password is a common one," Gian said. Another common attack comes from a seemingly familiar sender, such as a colleague or a manager, or even the company HR.
If you're wondering how this can happen, well, it's BEC attacks - Business Email Compromise - where cybercriminals spoof email addresses so you believe the messages are coming from trusted sources from your company. According to Asaf Cidon, VP of Email Security for Barracuda Networks, some of the most successful BEC attacks involves malicious links and wire transfers.
Shady Apps and Browser Extensions Can Hide Malware
Another big issue that you need to be on the lookout for is what you install on your computer. Ransomware continues to be a prevalent threat and you need to be aware of the risks. This type of cryptovirus will brick your device, block your access to your data, and hold it for ransom. Unless you pay for your device to be unlocked, the data will be deleted or posted online. Ransomware decryptors are showing up left and right for the biggest malware families, but it can take a long time before cybersec companies get around to creating one.
"Ransomware is still one of the biggest threats. The ransomware itself is still evolving. Attacks are becoming more sophisticated and done with more stealth than ever before, and, when successful, these attacks are still having devastating effects," said Heather Paunet, VP of Product Management for Untangle.
You must also look into what you install on your browsers. While it may seem like those little browser extensions can't do much damage, that's actually not true, as extensions can gather up your data, infect your computer, and generally spy on your activity to later use for social engineering campaigns. SlashNext CEO Atif Mushtaq pointed out that browser extensions act like web applications, but they aren't always bound by the same-origin policy Chrome enforces which prevents web apps from accessing data from other web apps.
The Risks of Data Breaches
A big threat you can't do much about is data breaches. This segment is directly tied to the companies that hold your data, like Facebook, Google, Amazon, and whatever other company you have created an account with. Whether they get hacked or not is not something you can influence, although you are likely hoping for the best.
What you can do, however, is reset all your passwords once you do hear about a data breach. Bitdefender's Liviu Arsene, Global Cybersecurity Researcher, told us that personal data that's exposed online following a data breach can be used for identity theft, especially as many details like your phone number, address, or email address won't be changed for a long time.
One of the issues that often lead to data breaches is the companies' refusal to properly invest in their staff and technology. "With the advancement of complex cybersecurity threats and skilled adversaries, it is paramount that organizations have the right solutions and people in place to protect their data. Security teams are finding that they do not have the staff to keep up with the constant threats as a result of limited talent, cost of talent, and the sheer overhead of throwing more people at the problem," told us Adam Vincent, ThreatConnect CEO.
For his part, Joseph Carson, Thycotic Chief Security Scientist, says that the failure to take action is also a big threat to our security because companies fail to do a thorough cyber business impact assessment and put strong best-practice security controls in place, which increases the risk for cyber attacks.
There you have it. For the next year, you should be careful about your data and whom you share it with, keep an eye on the apps and the extensions you install, as well as what emails you open. Be vigilant when spending time online, and stay safe!
What do YOU think are the biggest threats when spending time online? Drop us a note in the comments section below the article and tell us all about it! Share the article online with friends and family and follow TechNadu on Facebook and Twitter for more tech news, guides, reviews, and interviews.