Monday 23 April 2018

Public leaking trail of data that is a hacker's delight

Security can be attacked via apps, social media and our mobile devices

Brian Honan
Adrian Weckler

Adrian Weckler

THE average Irish person is "leaking information" at an unprecedented rate, giving hackers and scammers multiple leads on where and how to attack.

And even if you were to take huge measures to protect your own privacy, your friends are likely giving away information about you too.

According to the country's top security experts, our everyday activities provide invaluable material for those seeking to take over personal accounts or steal money.

"Your friends might leak a lot of information about you," said Brian Honan, a Dublin-based IT security expert.

"I can get your birthday through the profile of one of your friends. I can get other information about you just looking at things that your friends post about you online."

Mr Honan said that many social media activities leave detailed trails, that can unearth information considered useful for IT security attacks.

"Your mobile devices and your apps often have geo-tagging switched on as you post things," he said.

"As a potential criminal, I can quickly find out where you are or who you're with. The same goes for posting pictures online, where data can expose a lot about where you are.

"That kind of data can also sometimes tell me what kind of phone you're using, which means I can then prepare an attack based on that."

Even careful people are at risk from potentially damaging data-mining activities, said Dave Clarke, chief data scientist at Limerick-based Asystec.

"In business, individual customers are profiled because it's the best way to predict their behaviour to sell to them," he said.

"It's the same with criminals. They are using easily-available online data to get insertion points into accounts or into organisations."

Mr Clarke said that once an attacker has succeeded with one account, it becomes easier to predict the behaviour of others.

"People react the same way," he said. "So if you have found a successful way to attack an organisation or a person through a search strategy, it might work with another person."

Mr Clarke said that the best way to protect against such vulnerability is to restrict the amount of personal information shared online.

Surveys show that one-in-two Irish companies suffered a data breach in 2013, causing thousands of records to slip into unintended hands.

Irish Independent

Today's news headlines, directly to your inbox every morning.

Editor's Choice

Also in Irish News