Most people are enamored with the internet, and the ability we have to connect to limitless data and each other. The benefit is so great, in fact, that most people are also willing to accept the risk that comes with joining a network of five billion devices (expected to reach 20 billion by 2020). Each device has the capability to connect to another for any purpose intended by its user – good or evil. So even if only one percent were controlled by someone with malicious intent, 50 million devices would be in the hands of criminals.
Let’s explore why an evildoer would want to get control over millions of devices. This landscape has changed over the years, but today it’s about financial gain. An assailant’s ability to control scads of devices capable of executing code gives him an enormous amount of processing power – which can then be used to dismantle security measures, disable companies, and ultimately steal information. For which he gets a pretty penny on the black market.
Some attacks are strategically targeted, such as the one executed on Target stores in late 2013. This attack, according to Reuters, left 40 million customers’ credit card numbers exposed. It was precise, too, hitting the 19 busiest shopping days of the holiday season. More recently, cyber criminals have upped their game, attacking smaller companies by encrypting and holding their data for ransom- a class of attack generically called “ransomware”. If the victim doesn’t pay for a decryption key within a given time, the key is deleted and the data will never be decrypted. Most are left with no choice but to pay. What’s worse, these cyber-thugs are selling the code, proliferating this sort of attack on a grander scale.
There are many levels of protection that will be discussed in future blogs, but, surprisingly, the most effective single thing you can do is actually very basic: Stay current with your applications and operating systems. As companies such as Microsoft, Apple or Google release software, vulnerabilities become exposed. That’s normal, and they ultimately are addressed by the vendor via software updates called patches, services packs and new releases. But, of course, not everyone upgrades and that leaves many devices with easily exploited vulnerabilities. You don’t need to have the most secure system in the world, just more secure than the laggards, because they’ll be targeted first. PCs running Windows XP are targeted because they are easier to exploit than PCs running Windows 8.1. The same goes for your mobile OS. If you are running an older version of Android or iOS on your phone or tablet, you are the easy target compared to ones running the latest releases.
We all want to get a few extra miles out of our technology, but your risk increases exponentially as everyone around you upgrades. Running an old and un-patched OS on any device leaves you exposed. Much like a wounded zebra falling behind when their herd is being pursued by lions, you are more likely to fall victim to an attack. So stay current and enjoy a little more peace of mind.