Tuesday 21 November 2017

Humans are the greatest strength – and weakness – to the rise of cyber attacks

Good practice is the most effective weapon against cyber crime

While we can expect more massive Distributed-Denial-of-Service (DDoS) attacks such as those that happened to Dyn that caused outages at some of the web’s biggest sites such as Netflix and Twitter, the reality is, many of these can be stopped by simple human practice.

The thousands of Internet-of-Things (IoT) CCTV devices that were compromised in the Dyn attack were accessed because so many users had just not changed the default user name and password.

As a result, the malware was easily able to take over the web cameras enabling the DDoS attack.

“Computer viruses have been around for decades,” explains cybersecurity expert, Brian Honan.  “But the sophistication and intent has changed greatly.  At first, viruses were developed as a mean of hackers gaining fame and they wanted their programme to be noticed.”

“Nowadays however, the aim of the malware that infects computers is to remain undetected.  From there it can either encrypt your data and demand a ransom for decrypting and releasing the it (known as ransomware), or it can take over your computer and use it, such as the Dyn attack, as part of a concerted effort to take down parts of the web.”

“The sophistication of hackers from a cybercrime perspective, and their ability to work from regions that have little cybercrime enforcement capability or where governments  are hostile to the West, means they can pretty much work unimpeded.”

But, while humans are and can be the greatest weakness, they can also be the greatest strength in using technology and by following simple steps on a regular basis,  90% of cyber attacks can be stopped says Honan.

These include:

· Regular updating of virus software

· Ensuring a proper firewall is in place

· Updating the firewall software when required

· Changing passwords frequently

· Not using the same password on different websites

· Not using common phrases, words or associated names for your passwords

· Using a mix of upper and lower case letters as well as numbers and symbols

· To make it easier to remember, think of a long phrase you know or use and have that mixed with different letter cases, numbers and symbols

Using these practical tips as part of one’s common online habits will ensure that most cyber attacks can at least be fended off.

What is coming next though?  The rise of the Internet-of-Things with devices conncted to the cloud, measuring everything from our home heating to our car journeys, the data being collected by multi-national digital corporations is being used to monitor and provide constant feedback on our habits and daily lives.

On the one hand we’re all for improving and making our daily lives more efficient and easier to multi-task; but on the other, what are we giving over in the process and in the name of efficiency?

What if the data or the devices fall into the wrong hands through malicious hacking?  What then?  For most cybersecurity experts it’s a case not of if, but rather when, the next DDoS attack comes, except this time it will be even bigger than the one on Dyn.

Will internet attacks, invasions of privacy and web outages become a more common feature and disruption into our daily lives?  Only if we don’t decide to fix it and address it ourselves, starting with our own passwords and digital housekeeping.  The ball is very much in our own court in cyberspace.

Dublin Info Sec 2016 is Ireland’s leading cybersecurity conference being held at the RDS on November 15th.

To buy tickets, click here, and for more information on the speakers and agenda, go to: independent.ie/infosec2016



Sponsored by: Infosec

Most Read

Independent.ie on Twitter