In light of the recent massive online security breach perpetrated by a Russian crime ring, I thought it might be timely for a dialogue on cyber security. If you aren’t familiar with the story, they stole over a billion username and password combinations from across the globe.
Many might say that guarding against hackers is impossible and that we can’t defend ourselves against random chance. How do we stay protected in a world where crimes happen arbitrarily and where hackers can steal our bank account information in just a few hours?
Well, a good place to start would be “busting” common misconceptions about online security. If we believe incorrect information, or are simply unaware of a problem, then it is difficult to resolve the problem.
Misconception Number 1: “I’ve had the same passwords for forever and I’ve never been hacked. They must be secure.”
A hacker, especially a good hacker, will not use intercepted information immediately. In fact, the longer they wait the harder it is to track them down when they finally do leverage accounts and drain money. So, in reality, even if you haven’t noticed anything fishy, your bank account username and password could be sitting in a database with a hacker waiting for just the right moment to use them.
TJ Martineau, Chief Information Officer at ATS Secured, says, “They will sit on troves of information for days, months, even years. All the while,they are chatting with colleagues about their finds and, more times than not, they will compare their information to see what lines up. It’s very easy to piece together information from multiple sources… When they get a complete profile, the money that can be made on the black market is substantially greater than if the profile is incomplete. Basically your entire life is compromised.”
Another thing to consider is that using the same password and username for every account is very dangerous, particularly when they haven’t been changed in a long time. Not only are you putting faith in the fact that your personal account won’t get hacked, but also that that the platform it exists on won’t get hacked. When you have as many as twenty or more profiles in different databases, the odds are not in your favor. If two or more companies have a security breach by the same cyber attacker, they will pick up on the fact that your username and passwords are the same. From there it’s all downhill because they will assume that every single one of your accounts will have matching login credentials.
Misconception Number 2: “I get texts from my bank, prompting me to approve any strange purchases. So even if I am hacked, I am safe.”
The fact that banks have the ability to track odd spending is wonderful. However, what if your cell phone was hacked as well? According to a recent CBN News article this could easily happen because smartphones are constantly connected to networks. When this possible security breach is added to stale passwords that have been used for multiple accounts, as we mentioned above, the results can be disastrous. That text message asking for verification could easily have been copied and sent to someone else. Your phone number could have been cloned without you realizing it so then, if your bank sends a message to the cloned number that is now in the hacker’s hands, they have the ability to authorize whatever purchase they wanted.
Misconception Number 3: “It’s too hard to remember twenty different passwords, especially if they are long and have symbols.”
This doesn’t need to be the case. A trick to help with this problem is to make it personal. If you like Dodge Ram pickups and you have a 2014 Ram 1500 truck, your password could be “20!4R@m1500” which is easy for you to remember, because it’s your favorite model, but is difficult for a hacker to crack because of all the symbols. Another way to do this is to make it a phrase that you want to remember anyway, so, essentially, you are multi-tasking. Do you want to save for a trip to Ireland, but never seem to be able to remember when tempted to buy other things? Your password could be “$av3f0r!r3land.” The Huffington Post wrote about this tactic in the article “How a Password Changed My Life.” This will help cement the goal in your mind, while at the same time making it extremely complicated for cyber attackers to get into your account. The longer your password is, the better.
“Passwords are one of those necessities of a digital life that a lot of people do not like to have complications with,” Martineau says. “It is a hassle when you forget a password; so many people simply make their passwords extremely generic. Then they have their web browser save that password. While convenient, doing this is a huge security risk.” Don’t simply assume that you are safe but, at the same time, don’t give up and say that you can’t defend yourself against random attacks. You might not be able to guarantee online safety, but you can at least take measures to guarantee that it is more secure.
If you like our blogs, sign up for our newsletter to get monthly updates delivered to your inbox!