You may well ask why everything related to computing is being hacked? The simple answer is that it’s where the money is. However, if you asked ‘Script’, prolific hacker and founder of ‘Carder Planet’ in Belarus, he would give you a typical hacker’s response: ‘It’s a lot less shameful than robbery’ and perhaps more worryingly so, easier to do. With a reported 35% rise in Android base malware since 2012 and 16% increase in suspicious URLS, there has never been more of an unsafe time for our net worth.
In fact, almost all of us have our net worth accessible by the click of a browser, username and password. Our whole lives are up for grabs somewhere on the web -our personal details, job information and pictures being susceptible to online fraud. This modern style of thievery will continue to flourish and it is therefore not exactly a surprise that online is where the criminal underworld is moving. Hacks will become increasingly more imaginative as hackers try to stay one step ahead of IT security experts.
This summer, Karsten Nohl, the founder of Security Research Labs in Berlin was able to send a virus to a Sim card through a text message, then subsequently eavesdrop on calls and make purchases through the phones. He did this all in less than two minutes with a normal, every- day PC at his disposal. Nohl said that his research suggested about an eighth of all Sim cards were susceptible to the hack - representing between 500 million to 750 million devices. The scale of this hack again highlights the innovative ways people or businesses can be attacked.
5 ways to stay safe online
Although, it’s not all doom and gloom. There are a number of simple and effective measures that can be taken to stay ahead of the hackers- or at least, make their lives more difficult:
1 Password Management
The greatest deterrent to electronic break- ins and theft is robust password management. So, it’s rather surprising that companies and consumers alike continue to not take it seriously enough. We are all probably guilty of not changing our password often enough, making them far too simplistic or using the same password for all our sign ins. Password management which automates the process is the simple and effective key.
2 Two-factor authentication
A further level of protection can be achieved through utilising two-factor authentication (TFA). TFA requires a second level of authentication beyond a password like a random passcode that must be entered as well as a password when logging into an app. Well-known applications like Twitter and Gmail have started offering TFA with their services- something that is definitely worth looking in to.
3 Mobile Device Management (MDM)
With the Bring Your Own Device (BYOD) trend, personal and corporate data now reside together. While making our working lives considerably easier, BYOD does raise a whole host of security questions. Despite BYOD being around for a while now, companies have only just started waking up to the fact that their employees’ devices invite intruders to access not only personal, but corporate data. Mobile Device Management (MDM) software is the most effective way to control access to mobile devices. Most MDM solutions allow you to configure the profiles of all devices accessing the corporate network.
Regardless of whether a hacker breaches a PC or mobile device, it’s fundamental that the data on these devices is encrypted. This is the last line of defence if a hacker manages to sneak through. There are many software applications that that can encrypt company data for computers and mobile devices.
5 Common sense strategies
Common sense is a security tactic that is often hugely underrated. However, it is a very simple way of securing devices. Only ever put sensitive data online if it is absolutely imperative and never save it in plain text. Additionally, purge archive data from your device that is no longer needed and never keep personal files in your inbox.
These are the easy yet effective ways to safeguard against the known vulnerabilities that hacker’s target. Whether it’s a webcam or SIM card attack, always assume that anything containing valuable information will be targeted. Our online net worth has never been so vulnerable and therefore, in turn, these security strategies have never been so important.
Author Raj Sabhlok is the President of Zoho Corp (ManageEngine is a division of Zoho Corp). Raj has particular interest in IT infrastructure software having spent nearly 20 years at Companies like Embarcadero Technologies, BMC Software and The Santa Cruz Operation (SCO). In his career, Raj has held technical, marketing, sales and executive management positions. Raj holds a bachelors degree in mathematics and a masters in business administration.