When the "I" is lost in the network
Today it is more and more digital: Be it for end consumers in the form of banking, shopping on the smartphone, or the storage of customer data in companies. Everyone gives highly sensitive information willingly in order to receive something in return - such as attractive social media services like Facebook, Twitter, Instagram & Co., convenient online shopping, and much more. Forgetting, simplification, and negligence in backing up data make it very easy for cybercriminals to steal it.
Is the danger really that great?
"Unfortunately yes. The current BKA cybercrime report shows that the trend is increasing overall. For example, malware variants more than doubled between 2014 and 2017. Digital applications such as the Internet of Things (IoT), cloud computing, Industry 4.0, automotive IT (AIT), or e-commerce offer hackers more and more new attack surfaces, and the development of new codes and programs are extremely fast. According to the police crime statistics (PKS), known damage from cybercrime in 2018 totaled 61.4 million euros. The number of unreported incidents that were not reported and reported is even higher. "
What types of data theft are there?
“For example, there is form jacking. In this type of data theft, cybercriminals install malicious code on websites. Anyone who visits the website and provides personal data there, for example, not only provides this information to the website, but also to the hacker. According to the software developer Symantec, a member of the German Competence Center against Cyber Crime e. V., this form of data theft was observed more and more in November and December 2018 - times when an enormous amount is bought online with Black Friday and the pre-Christmas business. In 2018 alone, the provider recorded more than 3.7 million formjacking attempts that were successfully blocked.
Hackers are also attacking companies' cloud environments more and more often and can thus gain access to a large number of addresses, accounts, names, and information through just one targeted attack. These are sold or used to create fake cloud accounts for new targeted attacks to send phishing messages. These are emails with links or attachments that, when opened, install spyware, Trojans or keyloggers, so-called malware, and thus spy out data, damage systems or crack log-in accounts.
Problem with such so-called data breaches: As a rule, the persons concerned only find out that their data has been stolen if it turns up in a criminal offense or if they are exposed in public. Then the procedure falls into the ranks of white-collar crime in order to specifically damage the image of companies, people, parties, or the like. "
How do you notice data theft?
“Anyone who suddenly gets a lot of suspicious spam e-mails should pay attention. This also applies to mail containing requests for payment or dunning fees for transactions that have not been carried out and conspicuous activities on bank accounts. Personal data can also be used to create inflammatory posts and write messages on social networks on behalf of the data subjects. Anyone who is approached or written to by third parties about strange messages should definitely check this. It is true that in such cases the criminals are often not interested in harming the person concerned personally, but 'simply' in being able to use a different identity. But if there is a complaint, it first goes to the innocent, and that is very annoying. "
What should I do if there is data theft?
“In the event of a data breach, all passwords and e-mail addresses should be changed immediately. Unfortunately, the problem is often that many people no longer even know where they are anywhere in the network with sensitive data. You quickly registered with a certain e-shop because the one product is only sold there, without noting the access data or even the portal. But what you forget over time remains in the network's memory and provides data to cybercriminals. It is also important to inform service providers such as your own banks and insurance companies as well as friends and other contacts and to report them to the police in any case. At the police station, you often don't get very far and the whole thing becomes a paper tiger. Sometimes there is a separate department for cybercrime, to which injured companies can turn. In addition, antivirus software should be used to search for Trojans and viruses. "
How can you protect yourself against this?
“Basically, a combination of technical help and personal awareness is good protection to prevent data theft. Passwords should be changed every quarter, consist of at least eight characters, and contain both upper and lower case letters as well as numbers and special characters. E-mails from unknown senders with impersonal cover letters and spelling errors should be assessed critically and links or attachments should never be opened. However, caution is advised even with known senders, as a compromised e-mail account may have been used.
Virus protection programs, software patches, or firewalls help prevent dangerous websites from installing viruses on PC or smartphones when they are opened. However, users shouldn't blindly trust them either. Even if it takes time, I advise you to always update operating systems, because manufacturers also have the right to protect their customers from cybercrime with the latest software. In addition: Do not use public WLAN hotspots unless it is urgently necessary - there are dangers lurking here that hackers can access data. "
Comments
Post a Comment