Cyber attacks were on the rise last year. In 2019, you could be a target
How will you protect yourself against vulnerabilities in technology?
Technology is described in one word: connection.
Credit cards are connected to Apple Wallet and banking services such as Cash App or Venmo; Facebook, Gmail and Twitter can be used to log into almost any application; emails are required for website accounts; phone numbers are required to activate calling services such as Skype and Google Call; artificial intelligence gadgets collect personal data through interpersonal interaction; social media platforms locate people through geotags and location sharing; cell phones connect to vehicles via Bluetooth and users connect to each other through each and any of these outlets.
Technology is interwoven into each user’s private corners. Unfortunately, anyone who utilizes today’s services online whether gaming, working, socializing, entertaining or browsing, are at risk of their personal information being stolen by cyber criminals.
“As people continue to connect every part of their life, each connection adds another point that can be exploited by an attacker,” a cybersecurity employee, AJ Jones, said.
“However, with recalls such as this, not every car is returned,” Jones continued. “The same can be said of the end user with computer updates.”
Five years ago, Jeep was forced to recall over a million vehicles that were left vulnerable to attackers, permitting hackers to take complete control of the car remotely.
The scope of cyber attacks varies and depends on the user and what server they are using. Celebrities, for example, most commonly become victims of sexual exploitation. Hackers will override cell phone security systems, leading them to any information available on the device. Miley Cyrus, Vanessa Hudgens, Chris Brown and Scarlett Johansson are a few who had their private photographs posted on pornographic sites by hackers in recent years.
Gamers who compete with other players online through live services, or massively multiplayer online role-playing games (MMORPG) are subject to a fairly new trending cyber attack called “SWATTing.” SWATTing is when “cybercriminals call in a serious crime—such as a hostage situation or shooter on the loose—in the hopes of unleashing a SWAT team on an unsuspecting person,” according to Business Insider. Players who stream live on Twitch are most susceptible to these attacks because they can go viral. Just last year, a SWATTing incident led to an innocent third party’s death as the result of an online feud in Call of Duty. The gamer who made the hoax call to the victim’s home in Kansas was a 25-year-old located in California.
Another common trend among hackers are distributed denial of service (DDoS) attacks, which is an “attempt to make an online service unavailable by overwhelming it with traffic from multiple sources,” according to Digital Attack Map.
Major League Gaming (MLG) player and SoaR Gaming team captain Justin “Hunter Jjx” Joseph has had his share of run-ins with players on Xbox Live who have catapulted DDoS attacks early on in his gaming career. As a competitor with over a decade of experience, Joseph has competed in over 30 MLG tournaments across the nation. With this much playing time, Joseph only plays with people that he knows and trusts, “as well as setting [his] privacy settings to make it challenging to get into [his] circle of trust.”
“They were some of the most frustrating experiences I’ve ever had,” Joseph said of DDoS attacks. “The internet would go down for the entire house and I’d have no access unless I gave in to the demands of whoever it was sending the attacks; often times they’d ask for money or even play time with me.”
Businesses, whether big business-owned or federal-owned are no exception to holes in security. For example, black hat hacking groups (a malicious form of hacking focused on personal financial gain) such as Lizard Squad, Anonymous, LulzSec and Xbox Underground have committed serious crimes against well-known companies.
Lizard Squad brought down Playstation and Xbox services in 2014 with overwhelming amounts of DDoS attacks. In 2016, Anonymous claimed responsibility for hacking Donald Trump and obtaining personal information, such as his Social Security number and cell phone number. LulzSec, a sect born out of Anonymous, hacked into Fox.com in 2011 and Sony’s Playstation Network. The most recent news of a major hacking group, Xbox Underground, was reported in Wired magazine with the tagline, “A gang of teen hackers snatched the keys to Microsoft’s videogame empire. Then they went too far,” on Tuesday, April 17.
In 2014, Pew Research interviewed 1,642 respondents and asked them if they thought by 2025 a major cyber attack will cause widespread harm to a nation’s security and capacity to defend itself and its people. 61 percent of the ruespondents said “yes,” that a major attack causing widespread harm would occur by 2025 and 39 percent said “no.” However, cybersecurity’s focal point remains on detection of an attack rather than prevention, CEO of Bromium, Gregory Webb said Monday, April 23 in an interview with Information Security Media Group.
“Most opinion polls only measure perception, not reality,” Steven Smith, an Information and Media Technology (IMT) employee at Azusa Pacific University said Wednesday. “The majority of people that would take a poll online are usually uninformed on the topic. However, perception is still something to take note of.”
Perception also factors into how people will respond to cyber attacks. Each attack varies based on a multitude of components, and the future of hacker culture remains uncertain.
“You probably don’t even need to look into the future,” Smith said. “It’s already a mess now––something like 90 percent of people have had their information stolen.”
According to Hackmegeddon.com, March has had a slight increase in cyber attacks, as “malware confirms its leadership of the Attack Vectors chart with 39.8%, showing a slight increase from 31.8% recorded in February.” Targeted attacks increased 2.1 percent from February, with a steady 16.3 percent confirmed, the data showed.
“Many users will forego updating their phone and apps … for whatever reason,” Jones said. “Many of these updates are designed to patch vulnerabilities in the software. There are an estimated 500 million devices that are affected by a Botnet attack.”
Botnet is a piece of malware that allows some control of the users computer by an attacker. These devices are then utilized to launch DDoS attacks, that can flood a website, server or other internet service, with useless data and requests.
Additionally, the other main attack vector that falls upon the end user, is compromised credentials.
“This can be a re-used password, that was used on a site that was compromised, or even as simple as someone leaving a computer logged in when they walk away,” Jones said.
These credentials can be used to log into privileged systems and grant access to whatever the user had.
“They are two fairly basic things that can be easily managed by everyone,” Jones said. “However, they both continue to be the biggest threats.”
Junior computer information systems major at Azusa Pacific University, Tyler Murphy, believes there are a wealth of different precautions one can take to protect against unwarranted and dangerous compromise of personal information.
“Things as simple as having a strong password that’s a mix of both numbers, characters and a few symbols thrown in, that’s a good step,” Murphy said. “Also just knowing whether or not the website that you are putting these sensitive information on is a secure site, so definitely look for an https certification in the URL.”
When people create accounts on websites, often times platforms will require the user to enter personal information. However, Murphy suggested one should only enter the bare minimum into these fields.
“Do I really need to be putting my full name in there, and do I really want to be putting payment information, or things that could really come back to harm me?” Murphy said. “There are ways to get your accounts back, but it’s not fun––it’s something that I’ve experienced personally, so it’s definitely something to be careful about.”
Other ways to obtain extra protection against malicious hacking groups are the use of firewalls. Some users may go further and blacklist their devices completely.
“It’s nice to have that extra security,” Murphy said. “There are just malicious people out there who enjoy ruining other people’s day, and it could also be a variety of different things. It really is unfortunate, and it definitely is not fun being on the receiving end of it.”
As technology continues to advance, hackers become more sophisticated. Even with firewalls and additional security layers, there is still a chance hackers can bypass these measures. Extra precautionary steps can be diligently taken by each user with the right tools. With entertainment segments shedding light on the rising issue, such as the episode “Shut Up and Dance” from the Netflix original series Black Mirror, hackers seem to be here to stay.