In continuing from yesterday, let’s examine cyber-crime in a bit more detail. Before we get into the actual mechanics of intrusions and rip-offs, let’s fully understand the true perils inherent in 2013’s modern environment – some important cyber awareness.
Most people think of cyber crime as identity theft, for purpose of stealing money from online accounts, or perhaps in order to pose as someone else online for whatever reason. Cyber bullying comes to many people’s minds That, and outright “hacks” into systems by breaching electronic perimeter defenses, and then exploiting whatever resources are within for the taking.
But there are a number of other nuances. Routine “spam” is bothersome, but spam also incentivizes other cyber-crime. Disseminators of spam aren’t particularly interested in paying for their own processing, broadband, and propagation means and infrastructures – and that’s where you (the individual or organization) comes in. If you’re insecure enough (from a systems and security perspective) to host, automate, and blast spam, then there are plenty of entities out there surveying for you and your associated vulnerabilities.
Credit fraud is big. A simple keystroke monitor can glean your, or an organization’s, credit card number and authenticating credentials – and away they go. Recognize that your SSN, address, bank account numbers, and all manner of other info and online accounts can be breached. Ouch.
There’s also the use of networks and resources for piracy, and the illegal transfer of data and information. You don’t want your company’s resources used for illegally passing music transfers, or other copyrighted material, for example. Nor do you or your organization want to be in the middle of electronic money laundering operations or tax evasion schemes.
Certainly government agencies are aware of cyber-terrorism, which can involve access for theft of secrets, flooding and disabling of critical systems, and breakage of systems through intrusion of malware. Too, false-information can replace legitimate content, confusing those people who rely on these sites for best information, best practices, and thus there is the subsequent hindering of allied cooperation between supporting/reinforcing agencies.
In 2013 and beyond, the stakes are too high to ignore the first step toward best-security postures: Modern Awareness.
For our first take-away in this series, recognize that Everyone with online presence should be a Security Officer of sorts. So, next, we’ll get to an awareness for both individuals and orgs.