Weekly Security Roundup #95: Overwhelmed and underwhelmed
When online safety becomes too much for you, try approaching it one step at a time
You’ve felt this too, I’m sure – that cyber security is so technical that it makes your head spin. Even though the news keep blaring about the latest massive data breach, you just can’t find the energy to care.
This sort of fatigue happens to us all. It creeps in when we feel that something is too much to handle. You’re not to blame here, because most Internet users don’t understand the multitude of tech terms being discussed. In fact, they actually need their own dictionary.
So let’s get back to what security really means for each and one of us. Let’s focus on its human side, which may be emotional at times, imperfect and prone to mistakes. Let’s admit that it’s not easy to shed light on Internet safety, without letting this admission stop us in our way to do something about it.
And now let’s move onto this week’s news to spot what could happen next. Keeping your eye on the ball will enable you to be one step ahead!
Security articles of the week
Disruptive, but not destructive. These type of attacks on critical targets could make anyone shudder when contemplating potential consequences. Taking a proactive stance on information security should definitely be a priority in such cases.
The talk about DDoS attacks is ongoing and has been for years, but analyzing their purpose reveals an insidious method. Smaller DDoS attacks could become the norm and be used, more and more frequently, to extract confidential data from the network while IT managers scramble to stop the attack and mitigate the risks.
Financial fraud, scammers, malicious infrastructure offers, stolen credentials, hacked databases – there’s nothing you can’t find on the Darkweb if your intentions are to cause harm.
Many people outside the cyber security industry find it hard to believe that these tools and all this data is just being traded like this, but, as you can see from these examples, it’s all true.
The reason may be “an implementation disconnect”, and, from what we’ve seen, this could be a critical factor in many companies.
Buying a technology doesn’t mean much if it’s not implemented correctly and explored to its full potential.
I’m not a gamer myself, but I’ve observed the intricacies of this field over the years. I’ve seen games come complex and engrossing, to the point where players turned their passion into their profession.
It’s inevitable that a world so complex and emotional would become a playground for cyber criminals as well. That’s why we have a guide which you may find helpful in this case.
Keeping hardware and software up to date is crucial, as we’ve mentioned in countless occasions. In spite of this, companies often postpone replacing end of life devices and software if these still work. In reality, this could become a serious issue in the case of a cyber attack such as this one.
This is going to be all over the news in the coming days (or week). Although we have more important topics to discuss these days, such a subject will catch the public’s eye because you’d expect people who handle sensitive information to be super careful about their online security.
Learn from other people’s mistakes and secure your accounts. You may not be a presidential campaign chief, but you’re still a target.
It can happen to the best and biggest brands out there, and it’s up to you to protect your card data when shopping online. Cyber criminals can’t wait to get their hands on it and empty your account.
With 2 months left, more than 2.2 billion records dumped so far in 2016.
I hope you care enough about your data to do whatever you can to protect it.
It’s an interesting read:
I think my directive to my national security team is, don’t worry as much yet about machines taking over the world. Worry about the capacity of either nonstate actors or hostile actors to penetrate systems, and in that sense it is not conceptually different than a lot of the cybersecurity work we’re doing. It just means that we’re gonna have to be better, because those who might deploy these systems are going to be a lot better now.
Personal data security is something you should handle at your own pace, according to your priorities. A bit of reading and a bit of asking the right questions could help you define those priorities. Once things become clearer, you can start working on building your defenses.
This is a simple way to start coping with the overwhelming feeling that you have to secure everything at once and it’s just too complicated to do it.
Since companies could leave you underwhelmed of their preparedness to deal with cyber attacks, taking responsibility for a part of your Internet safety is something you can’t ignore. But remember you’re not alone and we’re always here to help.