What will breaches look like going forward?

why your privacy matters more than ever.

· privacy,attacks,phishing,breaches,privid

Where there is data there is a desire to exploit it

That is the underlying issue of breaches, exploiting the data that an organisation holds. Whether that exploitation is in the form of phishing (all it's variations), breach, ransomware and so on. If an organisation has data that is valuable to it there is a strong likelihood that there will be an attempt to access that data for some purpose by an outside source.

Many hacks and breaches are pretty straightforward, and to be honest, rely on the laziness of human behaviour, something we are all guilty of, using the same password on multiple sites, writing down the new password somewhere because "it's too complicated to keep track of all the passwords". Yes, sometimes when it comes to breaches and hacks we are our own worst enemies, and groups know it. It comes down to 'social engineering'. The most troubling trend over the last number of years has been ransomware. 

There is no good outcome

Ransomware is a real problem, whether it's on a home computer, work computer or, more recently on mobile platforms. Why is there no good outcome? Think of it like this, it's basically blackmail to get your data back that has been locked by someone. Historically, if you have given in to blackmail once, what is to say that the blackmailer will not comeback again, and again... and again? They have found your weakness and will continue to exploit it. It will not end. There are solutions, on the computer, they are pretty simple, do not keep data on your internal drive. Keep everything on an external drive. If something happens to the hard drive, wipe it and reinstall the OS, no loss of data. That is pretty standard for a home system, but not so easy on a work system. On a work system the user has to be extra vigilant and do not open suspicious emails. That is the part of social engineering that the exploiters use, our inate curiousity about something. Yes, even with everything we know the biggest point of weakness of any system is the human factor. The infamous acronym "PEBCAK" (Problem Exists Between Chair And Keyboard) of tech support still holds true. We may not like it, but we, are the weakest link in the chain.

Mobile is not any different

With the current trend of relying more and doing more on our mobile platforms the attacks will continue in a similar way. Not necessarily through email, but certianly through text. Where the data on our phone will become the hostage. This will be more challenging since many of us rely heavily on our mobile platform. We do our banking on it, our shopping, our personal information, our contacts, essentially we have our lives on those platforms. There are ways to mitigate that, again, the weakest link is the user. Don't open texts that are suspicious, don't select links in text messages that are suspicious, or links in emails that you receive on your mobile device. Ultimately, it comes down to awareness. 

Like in many things, we rely on devices for our everyday lives, and in so doing we become dependent upon them. Losing access to these devices could be similar to losing a limb. And equally as traumatic. 

Privid solutions

Our solutions are decidedly not the usual we understand that you can only do so much, and likewise, our organisation, and others like us, can only do so much. Why? Because security on the devices, mobile, laptop, desktop, servers they can all be bolstered, but education of the user is critical. Case in point, I received an email that was ostensibly from a major credit card company, and on first look it looked real enough, however, once looking at the preview, I realized that it made not sense, and deleted it. I have no idea what would have happened if I had selected the link  or even opened the email, but it was deleted. This is what it means to be a user in today's society, education, skepticism and a certain level of paranoia around what information you are receiving. Our organisation protects data, and we have a number of solutions, all of which involve a process of decentralising information. That way even is something happens, the data is safe, and we can detect what happened and help. Can we fix the issue in all cases (on your mobile platform, for example), we don't know. But, we can certainly help mitigate issues that may come up. 

No organisation can offer a 100% guaranteed solution, it's impossible. The hackers, exploiters are smart, resourceful and, to some extent, patient. But, if a system is created and put in place that makes if prohibitively expensive for the hackers to go after the data versus the reward they are going to receive, they will, in all likelihood, walk away. That is our goal. Our system works in such a way that it makes it prohibitively expensive, both in time and resources for the exploiters, that they simply walk away and look for another target. 

 

All Posts
×

Almost done…

We just sent you an email. Please click the link in the email to confirm your subscription!

OK