I always like to start with the good news. So, according to the findings of the 2013 Norton Report, the number of online adults who have experienced cybercrime has decreased. Time to celebrate? Not quite. Because the average cost per victim has risen by a staggering 50 per cent.
And it’s all down to a change of tactics on the part of the cybercriminals, who are now using far more sophisticated attacks, such as ransomware and spear-phishing, where the financial yield per attack is higher than ever before. As Symantec’s chief technology officer Stephen Trilling rightly points out to the unwary. “With the findings from the Norton Report that 49% of consumers use their personal mobile device for both work and play, this creates entirely new security risks for enterprises, as cybercriminals have the potential to access even more valuable information.”
SLEEPING WITH THE ENEMY?
The report also found that, although nearly half of all smartphone users care enough about their devices to sleep with them, they are not actually protecting them. In fact, some 48 per cent of smartphone and tablet users do not take even the basic precautions, such as using passwords, having security software or backing up files from their mobile devices.
Marian Merritt, Internet Safety Advocate here at Symantec, sums up the implications of such negligence to chilling effect: “While consumers are protecting their computers, there is a general lack of awareness to safeguard their smartphones and tablets. It’s as if they have alarm systems for their homes, but they’re leaving their cars unlocked, with the windows wide open.”
For anyone who reads this and starts to feel uneasy, if not queasy, then the time for a change in attitude has arrived. First, you need to consider the mobile device as a mini PC, and give it the love and protection that you might give to the latter. You are doing that, right? Secondly, you need to be careful with whom you connect to on social networks. You don’t know if they are who they say they are or whether they can be trusted. Yet we all reveal so much about ourselves on line to total strangers – even giving them our credit card and other personal details. No wonder the cybercriminals feel as if they are a school of sharks in the midst of millions of plankton.
Let me give you a personal example of how easy it might be to fall foul of a scam. Recently, I connected to someone on a well known networking site and also joined a group for Singapore Marketing Professionals on the same site. It turns out that neither the group moderator, nor the other connection, was a real identity. Instead, it was a crafted, targeted campaign to lure me into signing up for a trading account. What were they after? My guess is they were out to take cash directly from me via a deposit into their account, steal my financial details or at a minimum discover my password. I picked up on it being a scam as soon as the group moderator introduced me via mail to the individual member (whom I was already in connection with). The email they sent was partially in broken English, yet the picture and name belonged to a western person. These types of things are hard to detect, unless you are alert to, or on the lookout for, them.
The other big issue we all face is the blurring of the lines between our work lives and our home lives. Our personal devices follow us everywhere and we are just not recognizing the huge security threat associated with that. Moreover, we are sharing more and more devices with family members, including our children, increasing our vulnerability and leaving the door open to attacks: such as when clicking on malicious links or ads within apps.
Another thing to be aware of is that no longer do cybercriminals need to target enterprises direct. In fact, Symantec’s Internet Security Threat Report for 2013 highlights that 31% of all targeted attacks are now aimed at businesses with less than 250 employees. By going after consumers – you, that is – cybercriminals have a potential weak link to exploit that will then get them inside an SMB. Once there, they have a backdoor into the big boys with whom the SMBs are doing business. It’s a piggyback strategy that is yielding untold riches.
To give you some scale of the potential threat you might be exposed to, Norton scans over 200 app stores globally and has analyzed over 4 million apps. And while malicious apps certainly exist, the major worry is the growing privacy risk around greyware apps. These capture information about the user, without the user considering the reason as to why that information needs to be captured, how it might be used by the developer or how secure it is.
This is a dark and dangerous place in which to find yourself. What you possess, you must protect, if you are not to find yourself among the victims, but rather in a place of greater safety.
For more information on the latest threats, and how to stay secure, go to: http://bit.ly/1e5Adwm