6 Cyber Threats You Didn’t Have to Worry About 10 Years Ago
The unexpected ways cyber security changed in the course of a decade
The world was very different 10 years ago. It was 2005 and people were still using dumb phones, PDAs (!) and portable DVD players. In 2005 YouTube was launched, and cyber security issues were still a matter of moderate interest. For example, cellphone viruses were just starting to unsettle users.
It doesn’t even seem like that long ago, right?
But the truth is that a lot has changed. I bet that 10 years ago you would’ve never imagined that your fridge could be connected to the Internet, that you could unlock your phone by using a fingerprint or that cyber criminals could hack a moving car from a distance.
You also most likely spent more time offline than online, your professional and personal life were not blended together and spread all over the Internet, and, most probably, your cellphone was not the last thing you looked at before going to sleep.
But “the future is already here — it’s just not very evenly distributed,” as the writer William Gibson famously said. The truth in this statement still holds today and we can even apply it to matters of cyber security.
What a difference 10 years can make
Fast forward a decade later and you’ll see the staggering difference between what cyber threats oriented towards home users used to be and what they are now.
You may not feel the difference or maybe you still think that computer viruses are the biggest information security issue there is, but to believe that would be misguided.
To help paint a more accurate picture, we decided to list the key cyber threats you didn’t have to handle 10 years ago, when life was so much simpler.
Leaving nostalgia aside, equipping ourselves with adequate and necessary cyber security knowledge and tools is what we need today to make sure that our personal and professional lives do not go through turmoil and suffer losses.
6 Cyber Threats You Didn’t Have to Worry About 10 Years Ago
1. The unforeseen expansion of personal digital territory
The number of digital belongings tied to our existence has increased exponentially. We have more passwords, more apps, more sensors, more accounts and we use more software than ever before.
You probably have as difficult a time as any of us in trying to manage this conglomerate of stuff we use, either because we need it, because we want to fit in socially, because we’re curious or because it delights and entertains us.
The more digital stuff we have, the more difficult it is to control it, not to mention to protect it. Your Internet-connected fridge, smart TV and car are all weak points that cyber criminals can use to infiltrate your digital ecosystem. All the apps you use have vulnerabilities and even hardware is delivered flawed, right to your doorstep.
Given this context, you can see that it’s not at all difficult for cyber criminals to find a way in and pursue their malicious goals, be they to “unburden” you of your money, extract confidential information or use your computer’s resources to launch stronger attacks.
2. The blatant infringement of our privacy
Governments have been collecting data for a very, very long time, but never have they had the opportunity to amass such a great deal of information as they have today.
In 2005, MySpace was at its peak, but now the top 10 social networks have millions upon millions of users who naively share everything in their lives, unaware of the consequences.
Wikileaks had not caught the world’s attention in 2005 and Snowden was far from opening users’ eyes. But privacy issues reached new peaks with every new revelation about how governments and companies manipulate and extract data from our accounts and devices, with the declared objective of protecting us. The line between protection and Orwellian oversight had been long blurred.
These backdoors that companies and governments use, neatly listed in the “Terms and Conditions” that no one reads, also allow cyber criminals to infiltrate and deploy their attacks. And all this collected data is also vulnerable to attack and can give immense power to those who capture it.
The victims? All of us, should we choose to keep using the Internet unprotected, dismissing the consequences and thinking that we’re safe because we have nothing to hide.
3. The troubling weakening infrastructure
In a race for economic growth, convenience and increased performance we came face to face with a key issue: the fact that infrastructure is having a difficult time coping with the challenges posed by contemporary software.
Key infrastructure (energy, communications, defense, etc.) is becoming outdated increasingly faster, as software requirements grow constantly. Given the complexity of both elements, vulnerabilities and errors will inevitably appear. And when they do, cyber criminals will already be there to exploit these flaws, because they will have been monitoring them for a long, long time.
The proliferation of consumer technology, be it hardware or software-related, inevitably creates security holes, because users lack know how when it comes to cyber security. And users are not the only ones who aren’t doing enough for their protection: governments and companies have long neglected cyber security as a key area of action and are now suffering the consequences.
The bad news is that the connected future of the Internet of Things will not make it any easier for any of us to be safe online. And we will be online all the time.
4. Convenience vs. protection – a biased decision
We’ve been inoculated to want to easiest, most effective and simplest way to achieve anything. It’s not shameful to admit it, because we all experience these effects to a certain extent. We simply don’t have the time to go in depth about a subject or another, and cyber security is not at all an appealing subject.
What we want is 10 steps to accomplish anything and we want to be able to apply them in 5 minutes or less (and get results too!). So it’s almost certain that cyber protection will always lose the battle against convenience. And that is a serious problem.
Remember when we only bought products from companies we trusted, that we carefully evaluated before investing our trust and money in them?
Now we adopt new software in the blink of an eye, we create new accounts without thinking twice about the legitimacy of the company that we surrender our data to without reservation. We share, tweet, post and engage in heated discussions with strangers, but never have the time to install software updates.
We choose to spend money on apps we know we’re going to stop using in 3 days’ time, but we neglect to buy a cyber protection tool because it sounds expensive. We basically address cyber security the same way we treat our health: we ignore it until we’re faced with a serious problem (illness – cyber attack) that needs remediation fast!
It’s not until that moment that we realize that it would’ve been less expensive and smarter to protect than to repair, especially if we end up losing something inestimable, that money can’t buy.
5. Blurring the lines between personal and professional
Ten years ago, bringing your laptop to work was almost unheard of. Except for a few work places and SMBs, bringing your own device to work was something unlikely to happen. In 2015, it’s commonplace.
You work on the same laptop where you also keep pictures of your loved ones, your favorite music, downloaded torrents and your Internet banking details. If your job doesn’t have security requirements, you probably won’t be compelled to install a good antivirus solution and an anti-malware product. In the end, all management cares about is that you deliver as promised and on time.
But for lack of a BYOD policy, your computer can become a gateway for cyber criminal actions of all kind. And the opposite situation can happen as well: an attack targeting your company could damage your personal data stored on that device.
What’s more, attackers can now use personal data to extort you, threatening to hurt your career, just like they can use mistakes you may have done as part of your job to harm your personal life. It’s all tangled and the consequences cannot be compartmentalized. This is not entirely new, but attackers have certainly found new ways to exploit fear of losing face, money or other things that people deem valuable.
6. Cyber crime as a business
In 2005, advanced persistent attacks hadn’t even been given that name and ransomware was just starting to rear its ugly head. Big companies were the main targets for cyber criminals back then, because that’s where the money was.
“Cyber fraud was the most common type of cyber theft, having been detected by 5% of the businesses responding to the survey,” according to a report by the U.S. Department of Justice.
The costs were in a completely different range as well:
“The monetary loss for these businesses totaled $867 million in 2005,” according to a report by the U.S. Department of Justice.
Plus, you could still rely on your antivirus to protect you from cyber attacks.
This year, things are entirely different.
New research from Grant Thornton reveals that cyber attacks are taking a serious toll on business, with the total cost of attacks globally estimated to be at least US$315 billion* over the past 12 months.
Cyber crime is now big business! Malware creators, black hat hackers and all types of characters that populate the dark web are trying their hand at making easy money by taking from those who have or appear to have more than they need.
Cyber criminals are deft and fast, they adapt their tools and attacks to counteract security protocols and cyber security software, and they employ developers to make sure they stay profitable.
The tools they use are automated, relatively cheap and come prepacked. They don’t even need to be extremely tech savvy to launch attacks. Also, they don’t have anything personal against home users – they’re just easy targets, because they lack adequate protection. They go for the low hanging fruit first and you’re it.
It’s just become easier to be a bad guy and there are plenty out there who chose this path.
We’ve gone too far to even think we could return to a simpler way of doing things. And we shouldn’t look for solutions in our past, but rather do better planning for the future.
These 6 cyber threats that didn’t exist 10 years ago are just the tip of the iceberg and their implications will amplify as the years go by, as sensors become embedded in virtually everything and the Internet of Things takes over.
In 10 years’ time, should we choose to do nothing now, 2015’s cyber security challenges will probably seem trivial. We could also assume that we could get blamed for having had the chance to do something and not having done it.
Or we could be the ones that changed the tide and managed to help users understand the importance of protecting their assets, minimizing exposure, mitigating risks and helping create a stronger infrastructure, capable of better withstanding cyber attacks.
We have the knowledge and the tools – we just need to teach ourselves to use them properly.
That doesn’t sound that difficult, now does it?