Phishing and Data Breaches and Hacking, OH MY!

30 September, 2020 | Jennifer Driscoll | Careers in IT, CompTIA, Hacking, IT Certifications, IT Security

The bigger threats are looming…

It is only fitting that National Cybersecurity Awareness Month happens to be the same month as Halloween. Truth be told, there is nothing more terrifying than the elaborate cyber security threats created daily to wreak havoc on the public. According to the FBI, efforts to monitor trending scams such as Phishing, Data Breaches, and Hacking are at an all time high. In the latest report, the FBI has claimed that cybercrime has reached a total loss of $10.2 billion dollars, in America alone. The projected cost of cybercrime is expected to reach in excess of $6 trillion dollars worldwide, by 2021. For organizations and individuals alike, the costs associated with cybercrime is vast and one of the greatest threats lurking around the corner.

Go Phish

PhishingWith the spread of the pandemic a lot of businesses, as well as individuals, have had to migrate offsite and create a new “work/school” environment becoming almost completely dependent on technology. The extra time spent online has created larger areas for possible exploitation and targeting by cyber criminals. Current trends show that cybercrimes have become increasingly more socially engineered and geared to using human interaction to obtain or compromise information on individuals or organizations.  Phishing is one of the most common attacks and is a form of a socially engineered attack. Phishing typically uses email or malicious websites to gather personal data by presenting itself as a trustworthy source. These attacks typically look legitimate and will pose as a reputable company/person you might be familiar with. Some ways to protect yourself from Phishing include utilizing spam filters but it is always best to add more lines of protection. Some more protective steps include:

  • Protect your cellular data by updating its software automatically
  • Apply multi-factor authentication
  • Utilizing a security software on your computer, and update automatically
  • Backing up all your data

The typical Phishing email contains suspicious sender addresses, generic greetings, spoofed web links, suspicious attachments, and questionable misspellings and inconsistent formats. The easiest way to avoid Phishing attacks, is when in doubt—throw it out.

The Data has been Breached

What does Adobe, eBay, Netflix, and Facebook all have in common? They have all been a part of major data breaches within the 21st century. Data breaches include, either intentionally or unintentionally, the release of private confidential information within an untrusted environment. The most notable data breach involved Equifax releasing the Social Security numbers, birth dates, home addresses, tax ID numbers, and driver’s license information of nearly 150 million people in 2017. Within the last two years there have been over 2.1 billion people affected by data breaches. Some of the most common risks associated with data breaches include:

  • Reputational harm
  • Financial loss
  • Operations shutdown
  • Legal action

Whereas companies are fighting tooth and nail to combat data breaches they cannot keep up with the willpower of the cybercriminals and sometimes the sheer accidental data breach from internal sources. If you suspect that you have been a part of a data breach, there are steps you can take to secure your information as much as possible.

  1. Get confirmation of the breach and if your information was exposed
  2. Find out the type of data that was exposed
  3. Reach out to the company and see what help they can/will provide
  4. Update all login and security information on all sites
  5. After determining what type of data was stolen, reach out to the appropriate companies (example: credit cards) and inform them that your data was compromised
  6. Monitor all activity on accounts and new accounts meticulously
  7. File taxes early

There is no 100% safeguard way to eliminate your exposure to data breaches. However, there are legitimate companies that will monitor all of your data activity and make you alert if there is a potential concern.

The Hack Attack

It is projected that in 2023, 33 billion records would be stolen by cybercriminals.  Annually, Americans are losing $15 billion dollars just from identity theft alone. hackingReports have shown that out of the 4,000 confirmed breaches this year more than half of them were caused by hackers. On average a hacker attack occurs every 39 seconds. We generally assume all hackers are bad, right? Wrong… There are good hackers and bad hackers. This is the “Black Hat vs White Hat” saloon shootout scenario, the Black Hats are the bad guys and the White Hats are the good guys. Certified Ethical Hackers  (White Hat), are the ultimate security professionals in combating and exploiting vulnerabilities and weaknesses throughout various systems before a Black Hat hacker can infiltrate their systems. Some ways to counteract the hacking attempts on your privacy would include:

  • Updating software frequently- this keeps hackers from being able to access your computer through outdated programs which can be easily exploited
  • Keep the most up-to-date security programs, including anti-malware software to protect your data
  • Destroy all personal data on any hardware system you plan on letting go
  • Create difficult passwords and authentication hints
  • Keep sensitive data off the cloud

Companies are painfully aware of the need to create infrastructures that not only protect customers privacy but also are proactive in defending against all incoming future threats. According to reports, worldwide spending for cyber security defenses will reach $170.4 billion by 2022. Companies are seeking highly qualified candidates in various fields of cyber security in order to guard themselves from external and internal threats. Certified Ethical Hackers (CEH) typically make around $105,000 a year and are highly sought after, especially with hacking and phishing making up 85% of cybercrimes. The Certified Information Systems Security Manger (CISSM) certification is the top credential for IT professionals to have in their arsenal to fight cybercriminals. Certified Information Systems Security Managers develop, manage, and oversee information security systems in enterprise-level applications while developing best security practices for organizations to abide by. The typical salary for a CISSM candidate is around $110,000 a year and has no fear of lack of job security. Companies understand that it is easier to prepare for cyber attacks than to repair from cyber attacks. They are investing into their cyber security defenses and now is the time to look into a new job or a new and improved job in cyber security.