The term cybersecurity has become so widely and frequently used that merely hearing the term brings the average consumer’s alert level into the red zone.
Like a lion crouching before its prey, as a population, we live our lives comparable to a wildebeest who knows that a fatal attack might be just around the corner. At this point, it is a matter of “when,” not “if.” We all fear being a target of the next attack.
From worldwide attacks on major elections to a friend on Facebook contracting a virus, people are scared of the unknown that comes with the dark web. The government is scrambling to strengthen cybersecurity laws and regulations in an attempt to heighten security on various social media platforms.
The problem is that the rate in which these laws are being put into place is considerably slower than the frequency of cybersecurity breaches. Moreover, while the laws will become more aggressive and companies will try protect our data better, there is no protection from the blackmail and fraud that occurs on social media.
On March 22, the city of Atlanta had “one of the most sustained and consequential cyberattacks ever mounted against a major American city,” according to The New York Times. The municipal government was “brought to its knees.” These types of carefully executed attacks bring entire cities to a complete halt, crippling the public from using computers and getting online. Atlanta Mayor Keisha Lance Bottoms accurately described it as a “hostage situation.”
While other American cities such as Baltimore and Denver have had major cyberattacks, this assault on a city of 6 million people was one of much greater sophistication.
The breach allowed the hackers to steal their victims’ files, lock them up and give the city one week to pay $51,000 (Bitcoin accepted) in order to release the stolen files. The consequence for not paying by the deadline was, and usually is, permanent deletion of all files.
Some files hackers typically want to steal are passwords for accounts, credit card data, photos or any information for blackmail, copyright files, blueprints and tax and bank information. Gaining remote access to your computer is another strong desire by hackers.
We live in a society where social media plays a big part in our daily lives; so much so that an actual saying has emerged: “If it’s not on social media, it didn’t happen.” We communicate with our friends, work and relatives using simple and easy-to-use applications and social media platforms.
Facebook, Instagram, Twitter, Snapchat and other social networks have major vulnerabilities, and these are where most of the cyber threats come from. Perhaps our generation became too large to ever be truly secure. As we all remember, 10 years ago Facebook boasted a user base of 20 million, while the number is now well over 2 billion.
We all hear about constant security breaches, data leakages and other cyber-related threats, but what we hear less about is the astronomical costs victims pay for their stolen data. Living in an “I” society, as individuals, we don’t really know what happens once the information gets stolen, nor do we care, yet. If the breach didn’t happen to us, we are safe and we live with hope that it won’t hit us.
As they say, hope is a dangerous thing.
Social media platforms to hackers is like a candy store to a kid. Social media users are vulnerable—often more vulnerable than they would be in person. People feel comfortable and safe to communicate openly and freely (frequently to a fault), and they are eager to spend as much time on social media as possible.
Engagement is the buzz term these days, with businesses focusing mainly on both public and private online conversations with consumers as the primary determining factor for social media success.
While we converse online in what we believe to be a “free” environment, we are being carefully watched by cybersecurity hackers who scour our conversations to monitor behavior. The minute they see a vulnerability, they have found their next victim. Something as seemingly harmless as the click on a bit.ly link or other shortened URL gives hackers instant access to inject viruses into computers or phones. The spyware is installed, and you’ve lost complete control of your online activity without even knowing it (hackers typically wait 100-plus days before making a move).
Human error remains the largest cause for threats.
- Facebook: Phishing is one of the largest and easiest ways to hack someone, and since Facebook is the largest social media network in the world, it is the most common way hackers steal Facebook users’ information. Someone with very little technical hacking knowledge usually starts with phishing seamlessly, which is why it’s so popular. Phishing is the act of creating a duplicate page or site that looks identical to the intended site, such as fakebook.com. The user enters his/her login credentials, and the information gets sent to the hacker instantly.
- Twitter: We all remember that Twitter’s major hack cost it 32 million users, including Facebook CEO Mark Zuckerberg, Drake and late Beatle George Harrison. Hacker J5Z, who hacked the accounts of more than 13 celebrities, accredited his ease of access to LeakedSource.com. This website gives you access to usernames, passwords and email addresses from every major website security breach over the last few years, according to The Daily Beast.
- Instagram: Keyloggers track and record keystrokes in order to record everything you type, all day. Keyloggers are invisible and difficult to notice or track down. These malware programs are installed unknowingly on your computer, and the rest is easy. The hackers read every single letter you type. Another common way to hack into your Instagram account is by first hacking into your Wi-Fi account—which is a very easy thing to do (there are around 300,000 YouTube videos on how to hack a Wi-Fi password using a Wi-Fi sniffers). Once the hackers are in, they can intercept all of the data you communicate over the network.
- Email: Social engineering is the process of learning personal information about someone to then use that data to gain access to their social media accounts. When you’ve forgotten your email password, you typically have to answer a series of personal questions such as your nickname or your third-grade teacher. Anyone can hack into an email account using the forgot password function if they know this personal information. Social engineering is psychological manipulation—tricking people into giving you information by giving them confidence that it’s authentic.
Never have an “it’s not going to happen to me” attitude with cybersecurity. Cyber warfare is happening at a rate so high that the probability of you being a victim of the next attack is much greater than, say, getting hit by a bus or other typical situations of the “it’s not going to happen to me” attitude.
Change your passwords frequently and never use the same one twice. Use a secure password generator. Check your social media accounts to determine which third-party apps have access. And never click on links that don’t look familiar to you.
Konstantine Sukherman is CEO of Cybri, a private network of highly vetted cybersecurity experts.