The headlines always like to focus on the sensational when it comes to data breaches. The Target (News - Alert) breach (an estimated 70 million accounts affected) and Nieman Marcus (1.1 million credit and debit cards hacked) are big news. And in just the past few days, the Heartbleed Bug, which has the potential to compromise almost one-third of active sites on the Internet and according to recent reports successfully exploited the Canada Revenue Agency, has cast a pall across the trustworthiness of virtually every place we like to visit online.
Clearly, the bad guys are busy. In fact, regardless of which security company is doing the reporting, we unfortunately are on the upside of a hockey stick regarding not just the frequency but the sophistication of cyberattacks on enterprises, governments and popular web sites.
If that was not disheartening enough, new numbers from the prestigious Pew (News - Alert) Research Center, highlight that hacks of individuals are on the rise as well.
You are in the cross hairs
Below is a graphic from the latest work done by the good folks at Pew Research Center that illustrate the problem.
In terms of some granularity on the definitions associated with the above, of the 18 percent of adults who had important personal information stolen, this included such things as their Social Security Number, credit card, or bank account information. Things are not as bad when it comes to email and social networking accounts, but it is still a significant number.
There are a couple of other interesting numbers from the survey. The first is that despite what one might guess, being a victim seems to be age independent.
If there is a silver lining in the data, and it might be a reach to call this good news, it is that at least the headlines have had a salutary impact. As Pew Research Center Senior Researcher Mary Madden says, “We find that internet users have become more worried about the amount of personal information available about them online—50 percent reported this concern in January 2014, up from 33 percent in 2009.
The challenge of course is turning awareness into acts of prevention. The simple ones are changing passwords frequently, not duplicating passwords (albeit a real pain), and making sure your devices have anti-virus and anti-malware capabilities that are current, and in use.
In fact, taking care of the basics of defense is an issue not just for the individual user, but as reports from security experts who work with enterprise consistently have shown it is almost stunning how many organizations ignore taking care of the basics and thus leave their organization exposed. This is extremely disconcerting given the wide availability of hacking kits on the web, which are inviting to even amateurs looking to take a joy ride at our expense.
Plus there is the issue that because of so-called “fragmentation” problems between Google, device manufacturers and service providers which means the vast majority of Android (News - Alert) smart devices are not running the latest version of the software. This is a shame since it has been significantly more difficult to prevent problems. Updates are not automatic and none of the parties appears to want to shoulder the full responsibility of assuring updating.
Any security pro will tell you no system is failsafe from hackers. The goal is to make an attack on you so difficult and uninviting they look for easier prey. In short, as the Pew numbers demonstrate, we all need to be not just more aware of how exposed we really are, but we need to actively engage
