Monday, March 24, 2014

Three of the Biggest Threats to Company’s Cyber Security

Phishing, Malicious Political Attacks & Monetary Fraud

Every business needs to address the ever-changing cyber threats that now make their way the Internet. It is not enough to merely install anti-virus software and believe that this will solve all of a business’ problems. Here are three of the biggest threats to company’s cyber security that you should know.

Phishing

Phishing is a practice in which hackers gain access to private consumer data. Frequently, a hacker creates an email to look like it was issued by your company. A customer may then respond to the email and provide his or her personal information. The hacker then preys upon this disclosure and uses it to open credit cards, make unauthorized charges and take advantage of the consumer’s identity. The essence of a phishing crime is that the hacker gains the trust of the customer. They may use sophisticated tactics to learn information about your customers, such as the names of relatives. The hacker then may pretend to be one’s distant relative to ask for financial assistance from the consumer.

Businesses have a duty to protect their customers from phishing attacks. Businesses should realize that information even like consumer names can be private information. If a hacker gains access to consumer names, then he or she may use social networks like Facebook to learn more information about the customer. Businesses need to be aware of these practices and work with cyber security firms to prevent information disclosures.

Malicious Political Attacks

Businesses should also be aware that not every hacker is motivated by profits. Some hackers are residents of foreign nations and discontented with the notion of capitalism in general. These hackers are very sophisticated and using numerous methods to target specific businesses. One example of a recent attack included an attack on a satirical news company by the Syrian Electronic Army. The Syrian Electronic Army was able to hack into the servers for the news company and then make its own postings on the site. One mistake that businesses make is underestimating the abilities and sophistication of enemy nations or politically-motivated hackers.

The best way for businesses to handle attacks from politically-motivated data hackers is to be proactive in preventing attacks. Businesses should not use a reactive method of dealing with politically-motivated data hackers. A reactive method does not solve the actual issues that lead to the hacking of business accounts. A reactive method also does not provide security to a business, because a business may still be attacked by army hackers in the future.

Monetary Fraud Hackers

Unlike the Syrian Electronic Army, some hackers are only motivated by financial gain. These hackers only seek to gain access to checking accounts, savings accounts, trust funds, Social Security information and credit card information. These hackers attempt to gain access to the internal data systems of highly-profitable companies. They are very sophisticated in the tactics that they use to hack corporate accounts.

Businesses need to take preventative measures in protecting internal corporate data systems. Many businesses are realizing this and are now working with sophisticated firms to protect their internal data systems. A company can also be very selective in the access that it provides to internal information systems. If many employees have access to internal data systems, then a company may be jeopardizing the information of its customers.

More than ever, companies need to be proactive in addressing cyber security threats. Cyber threats can cause serious legal issues for companies in the event of a hack or leak. Taking time to improve a company’s data system security is an investment in the future of the company. Cyber threats are only likely to increase in the future years, and businesses must be ready to prevent these attacks.

Friday, March 7, 2014

Internet of Things is Creeping into the Average Lives of Consumers

Internet of Things Gone Wild

Thanks to rapid innovation, our lives are getting easier. But there is a price to be paid. The Internet of Things is creeping into the average lives of consumers in unexpected ways, creating new vulnerabilities even in what was once the safety of our own homes.

There’s the report late last week from California-based security firm Proofpoint uncovering the first proven Internet of Things-based attack that hijacked such smart household equipment as home routers, smart TVs, and even one unsuspecting and apparently innocent refrigerator to generate spam. The attack, which took place between December 23 and January 6, generated over 750,000 “malicious email communications” and involved over 100,000 “everyday consumer gadgets.”

Each of the below developments has been built to automatically collect data about users and send that data to others. The developers insist this data is being used to enhance the consumer experience in some way; but what they don't often reveal is all the ways that data is being used to help them make money or achieve some other objective.

Take a look at these examples and think twice before you volunteer your personal information by purchasing one of these "smart" products.

  • LG markets a fridge that sends a text when the milk runs out, and this article says experts have long warned such a gadget is an attractive "soft target" for hackers. In fact, in one recent attack on 100,000 smart gadgets, 750,000 spam emails were sent to their owners.
  • Google's smart contact lenses check in and report on your health, monitoring things like gluclose levels in your tears. One commenter's question was intended to be sarcastic, but in every joke there is a grain of truth. He asked: Will it send the wearer's glucose levels directly to the NSA or does that only happen after the contact lens syncs with Google's cloud? The fact is, if the lenses can report glucose levels, it is also technically possible to program them to report on many other types of activities, as well as more of your body contents and characteristics.
  • Wearables devices monitor physical activity and connect wirelessly to online services charged with collecting data on the wearer. If insurance companies were able to collect and use this data for their underwriting purposes (which now let employers charge employees different health insurance rates based on whether they exercise, eat right or make healthy choices), these devices could spell disaster for insurance costs... not to mention the potential impacts if employers, potential employers, family members, etc. obtain the data.    
  • Video baby monitors send signals far and wide. To test the vulnerability of these smart gadgets, a Miami TV reporter attached one of these baby-monitor receivers to the dashboard of his car. In just a few minutes, he was able to pick up images of babies and bedrooms. Traditional audio montiors are vulnerable, as well. During the summer of 2013, ABC News reported on a Houston couple who heard cursing and lewd remarks coming from their 2-year-old's baby monitor. It had been hacked.
  • A clip-on camera takes a still image every 30 seconds in an effort to "record your life." How often have you come across a photo of yourself that if taken out of context could cause others to jump to the wrong conclusion (college days, anyone)? Worse, what happens when someone with a clip-on camera enters a public restroom or locker room and takes pictures of people (or children) in various stages of undress?