HACKERS ARE EVERYWHERE.... YES REALLY
Hackers are everywhere... Data breach here, a data breach there. There's no escaping it whether it's your smartphone, laptop, smart camera, Amazon Alexa, Google Home. No one is safe. What is the probability of being hacked? According to our media, Online security has exploded because of the pandemic. Statistics show a hacker attacks a computer every 39 seconds, which is an average of 2,244 times a day. We have seen everyone from Facebook to Yahoo, Sony, even our Federal Government with Solarwinds get hacked. So what can the average person do? Well, there's not a simple answer. It used to be that having an antivirus program installed and good passwords were enough. These days, there are so many more attack vectors at a hacker's disposal. There are text messages, mobile apps, your banking passwords, the infotainment system in your car. These are just a fraction of the systems that can and have been compromised by hackers.
WHAT DO THE EXPERTS SAY
There are so-called experts that claim they have the best security protection money can buy and you'll be safe. But what happens when that product is the attack vector and gets compromised. Not that long ago, CCleaner was compromised by hackers because it's a well-known system tool. What about the rise of Sim Swapping where a hacker can call up your cell phone provider and pretend to be you. Then they port your number over to a SIM card they control and worse yet, they can now get your 2FA (Two Factor Authentication).
So what can the average person do to protect against hackers? It's not a simple answer. There are many threats out there including every site you visit, all it takes is one time for a developer to make a mistake and not do proper input validation or fail to do bounds checking on a site. Then your credit card number or worse your identity is at stake. According to recent data, your medical records are worth a few hundred each on the black market. Additionally, phones have become so powerful and the onset of 5G will only complicate matters.
MYTHS about Security
“According to a recent article, Apple products absolutely can get infected and Macs can get some of the worst viruses you’ve ever seen,” explained Chaippone.
Also, although it’s much less common, your phone can get hacked too.
Another myth: hackers only target big companies. Businesses of any size are at risk for security breaches, and anyone with a computer can be a target too.
Recently, the FBI warned consumers about smart TVs and the risk of hacking. Your smart TV now is internet-connected and even the HDMI cable standard carries data. Even if you're doing the right thing Microsoft says that a high-severity Windows zero-day vulnerability patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its telemetry data.
The actively exploited zero-day bug is tracked as 'CVE-2021-1732 - Windows Win32k Elevation of Privilege Vulnerability.'
It allows local attackers to elevate their privileges to the admin level by triggering a use-after-free condition in the win32k.sys core kernel component.
CVE-2021-1732 can be exploited by attackers with basic user privileges in low complexity attacks that don't require user interaction.
领英推荐
Luckily, threat actors are required to have code execution privileges for successful exploitation. However, this can be easily achieved by tricking the target into opening malicious attachments sent via phishing emails.
So what are we to learn from all this? No one is safe. Everyone has a role to play in security and everyone has to learn as much as they can from Cybersecurity Subject Matter Experts (SMEs). Educate yourself and then you can educate others and be an advocate for better Security posture. Remember, there are two kinds of companies out there, those that have been hacked and those that know they've been hacked.
Some resources to help protect yourself:
4. Get a VPN - you can get a free one at ProtonVPN.com
5. Don't login to your computer as an Administrator (create a standard user account and put in the admin password when needed.
6. Reduce your attack surface- if you haven't used the application in months, you probably don't need it installed.