Much of the chatter around cyber security has been about malware and ransomware — warning consumers about the looming dangers of random attacks. But people need to be aware of the targeted attacks they may soon face and how to prevent them.
Random attacks earned that name from Online Security Experts because so-called strikes on your computer hardware and mobile devices only happen when you leave yourself wide open for hackers to infiltrate your network.
“Ransomware is just a type of malware that restricts access to the infected computer system. This is typically followed up with an email or other form of communication being sent to the victim company to either comply with a monetary demand or the restrictive software will not be removed. The malware can be in the form of encryption placed on hard drive files that would require a decryption key to unlock, this is provided of course only after a sum of money is paid,” said Gary McCloud, the marketing manager at OpenVPN Technologies, Inc.
We’re waging our bets that if you’re cyber-security literate, you don’t surf unsecured Wi-Fi connections (aka public Wi-Fi, which is a big no-no by the way). And although we drum up the importance of connecting to a virtual private network like Private Tunnel for example, some consumers still don’t hear the VPN trojans. Want to know why? Because it hasn’t happened to you, your friend or family members (yet) — and until it does, the chances of the everyday consumer understanding the importance of a VPN is going to take some time.
But the world is changing — and it’s evolving rapidly with innovative technology shaping the way we live our lives today and in the future. This means it’s only a matter of time before everyone jumps on the VPN bandwagon.
“In this digital age, we are certainly more vulnerable to cyber-attacks. Although we have seen targeted attacks against large corporations — small business and consumers are much easier targets, and, as such, we are seeing increases in these types of attacks against soft targets. A small business is considered a soft target because they frequently don’t have the budget or the network security knowledge to set up effective security defenses,” said McCloud.
In other words, small businesses are an easy target, but boiling beneath the surface in the world of cyber hackers is a more sophisticated strategy — high-end targeted attacks. The most damaging attacks we see today are targeted, and the reward of gaining access through these types of attacks is enticing to the advanced hacker.
“There has been a lot of news generated lately concerning targeted attacks. What we are talking about are cyber attacks aimed at breaching computer systems and networks of specifically targeted entities with the most prominent being: Primera Blue Cross, Anthem, Sony Pictures, Staples, Home Depot, and JPMorgan Chase to name a few,” said McCloud.
By breaching the security measures of specific individuals or organizations, hackers are able to obtain sensitive data and even shut down entire company systems. The companies mentioned are just the tip of the iceberg. More often than not, enterprises have no interest in releasing information to the public about a cybersecurity breach until there is hard ‘factual’ evidence of a breach. The New York Times discovered the Neiman Marcus security breach began in July of 2013, yet the American public didn’t find out until six months later.
The point? You’re not hearing about cyber warfare as much as you should.
“As consumers, we are in the middle of technology transition where the use of credit cards at point of sale locations is giving way to the more convenient single-click purchase concept. This saves us time, money, and gives us more choices but also makes us more vulnerable from a cyber-security perspective. What most people don’t realize is the personal risk and exposure we take when we go to buy that new dress or new pair of shoes online while at a Wi-Fi hotspot found at airports, hotels, or the local Starbucks,” said McCloud.
Here is what is most startling:
- Targeted attacks are more difficult to detect. Why? Because they are targeted. The means the attacks pinpoint a much smaller population.
- Advanced hackers don’t bother with the small stuff. They avoid security researchers, bots and honeypots like the plague. This means uncovering and analyzing targeted attacks makes it much harder.
- They know what they want and when they want it. Their strategy is constructed around the type of data they will exploit or access, so their impact is heavily felt.
Wondering what a targeted attack looks like?
Think cash, political impact and revenge.
So while malware and ransomware attacks are happening every day — let’s face it, they’ve become more of an annoyance than anything else. But targeted attacks? That’s a different story.
It’s going to be much harder for you to detect a masterfully crafted attack because even the most experienced user won’t see what’s coming. Targeted attacks typically come in an email, and here’s where they’ll get you. It’s designed just for YOU. This means they’ve analyzed your habits, the style of emails you’ll typically email and even the topics more likely to catch your attention.
“Consumers and small business need to take a proactive approach in reducing their exposure to cyber-crime. For consumers, I would recommend the following: frequently review credit card statements for unauthorized charges, set up alerts with your bank and credit card companies to make sure you are notified of suspicious activities. Change your logins and passwords often. If you plan to access bank accounts or do online shopping from any unsecured Wi-Fi location, use a VPN. We can’t stress that enough,” said McCloud.