“Just Because You’re Paranoid Doesn’t Mean Someone Isn’t Trying to Hack You.”
Last year was “perhaps the most active year in memory” with regard to cyberattacks, according to Sunnyvale, California-based cybersecurity technology company CrowdStrike, a respected firm providing cyberattack response services, threat intelligence, and an annual Global Threat Report (paywall) on the state of web security. The world went through hell with Covid in 2020, but for web miscreants, the year was awesome as they preyed on our misery, pretending to offer information, and impersonating important global pandemic responders such as the U.S. Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO). Malicious actors had a phishing field day in 2020 – which, naturally, works best when there an emotional connection. How many times have we heard of someone losing money to fraud after getting an email from a “friend in distress”?
Of course, it’s a good bet that CloudStrike’s 2022 report will list ’21 as the “most active year” since…well, the year before. Moore’s Law and all the fun math of exponentiality doesn’t only apply to things we enjoy such as Apple’s M1 processor, but also to the malware, cyberattacks, and security breaches that come with technological advances. Nearly every, if not every, electronic device that has an internet connection can be hacked; and can often be hacked when it’s either on or offline.
Many are switching to safe browsers such as Firefox Focus or Qustodio Free. Experts, however, are recommending adding even more layers of protection to your digital life by installing a safe browsing app that works with all the big browsers. Safe browsing apps – many of which are free to download – double-check that the site you’re visiting is legit, vet and scan apps and files in real-time, protect your Wi-Fi network, offer anti-phishing protection, and allow you to build a “blacklist” of sites you want blocked – keeping your kids safe from “adult content.” Using a safe browser app is proactive – stopping things before they happen, not catching them after the fact.
So-called “malicious actors” (simply put: bad guys) have and are stepping up their game. CloudStrike’s report noted that in 2020, there was a significant increase in extortion and blackmail techniques all nicely bundled into ransomware operations. The security firm warns that 2021 will likely see more of what it terms, “big game hunting” – e-criminals going after larger firms as the potential return is larger. Also of interest was a note on malicious actors forming alliances; working in tandem to level up and coordinate their attacks.
However, even if you don’t happen to be the CEO of a large corporation with data that would be worth ransoming, cybersecurity gurus are warning anyone with a computer to start realizing that “the good old days” of flying under the radar with half-baked security measures are gone for good – you might not even be the target but could end up being used by identity thieves to cause serious harm to a friend or acquaintance. You don’t need to be “someone” or even have valuable data to be targeted, and to think otherwise is to fundamentally misunderstand how wild the web of the 2020s has become. Think back to the last time a friend of yours told a tale of their account being hacked. Weren’t you somewhat surprised as they aren’t famous or rich? – When was the last time you gave serious thought to the safety of your personal data? If your company hired a “white hat” to stress test your firm’s web security, how well do you think it would hold up? The question ‘Is this website safe?’ is getting harder to answer.
Too many downplay the risks of a data breach. “Why would anyone want my ‘boring’ info?” people ask. Well, there are serious reasons such as identity theft, fraud, or phishing attempts, but there’s also a lot of money to made in collecting information. Harvesting data is big business. They’ll take info on everything from the language you use, your screen resolution, operating system, time zone, active plugins, browser type…you name it. By breaking down you – and the millions of others like you – into data points that can be categorized, you are now a target for precision missile advertising strikes. Being tracked keystroke by keystroke as you shop, bank, email, and enjoy online entertainment isn’t just creepy; it’s potentially dangerous. Predators prey on the weak. Why allow yourself to be a target?
There are some scary stats out there: 300,000 new pieces of malware are reportedly created every day. Cybercrime is more profitable than the illegal drug trade! Over 60 percent of businesses that get hacked say they aren’t sure they’ll ever fully recover. Anti-virus software or firewalls are as effective as a sieve, etc. It’s human nature to overestimate one’s web knowledge. Sure, you don’t click on links that look fishy and, heck, you might have even ponied up for a VPN (Virtual Private Network). A VPN, however, only conceals your location, data-in-transit, and IP address. VPNs are not the fortresses we think they are, however. Via browser fingerprinting (look that term up if you’ve never heard of it) a leak that shows your online identity is still a possibility. You need multiple layers of protection, and you need them now. To paraphrase a famous quote, “You Might Be Paranoid, but that Doesn’t Mean Someone Isn’t Trying to Hack You.”