These days most people complete many tasks online and almost everything you do can be accomplished with the internet. You receive bank statements and bills with on a pdf file. Payments can be made using credit cards or other online bill payment systems. We connect with each other on Facebook, Instagram, and other social media networks. Our music playlists can be shared on Spotify and SoundCloud. Sites like Dropbox and Google Drive allow us to share documents and other files with each other. While all of this has transformed the way we do business and interact with other people, greatly simplifying tasks that used to be much more difficult, it also creates many new problems.
With everything online we are experiencing a growing risk of cyber attacks. Many people may seem overly paranoid about the possibility of downloading viruses or getting hacked, but their paranoia may not be unfounded. Consider this: In 2015 the the British Insurance company Lloyd’s estimated that cyber attacks cost businesses up to $400 billion per year. This includes direct losses along with the recovery that takes after a security breach.
Although many businesses are losing big time because of hacking, the cybersecurity market is growing rapidly as their services become more valuable. The increase in cyber security threats is fueling the growth, and according to the business Cybersecurity Ventures global cybersecurity spending will surpass $1 Trillion dollars in 2021. With alll the stories we hear about businesses being hacked, its no surprise this market is growing so quickly.
You may remember the story back in 2013 about the massive breach within Target’s customer database where over 40 million customers potentially had their personal information such as addresses, credit cards, and phone numbers exposed to fraud. No one seems to know exactly whose data was compromised, so Target suggested everyone who ever shopped at the store within a given time frame close their credit cards and change passwords.
For all the stories we hear about security breaches with businesses, many will go unreported because the business does not want to reveal they were hacked, exposing them to further liability, loss of customer confidence and further regulatory scrutiny. So as large of a problem as cyber security seems to be, it may actually be much bigger when you consider all the security breaches that never get reported.
It’s not just data that’s at risk either. Two years ago a cybergang called Carbanak pulled off the biggest and most sophisticated online heist ever. By sending malicious emails embedded with malware to banker’s they stole customer data and initiated a series of online transfers that targeted accounts at 100 different banks. Additionally they modified the programming of ATMs to automatically dispense cash at predetermined times. This resulted in major losses for the banks, estimated at over $1 billion, who are required by laws to insure the deposits of their customers. No one has been arrested for these crimes, and certainly people will try to replicate them or devise new methods of attacks in the future.
Furthermore, these are not dangers unique to businesses and financial institutions. Individual people may expose their accounts to theft and fraudulent use every time they access the internet. The most common method of hacking is to send malicious emails with embedded trojans or malware like the technique used in the previously mentioned Carbanak heist. When you download this type of software it can log the keystrokes you type in, revealing account login and passwords, or delete or encrypt all the data on your device. In addition to emails, sometimes opening a link to certain websites can trigger these same type of attacks.
Remember that its not just browsing with a laptop that puts you at risk. Using your iPhone, android, or windows phone may also expose you to risk. Because you cannot trace the IP address of a phone connecting to cellular networks like 4G, the phone may be safer unless you connect to a public wifi network at an airport or coffee shop. Additionally, the apps you download may be embedded with malware, although this is a slightly bigger problem with non-Apple phones because of the way Apple must approve your app through the Store. The more apps you download onto your phone, the greater risk you expose yourself to.
Due to the increasing risk of hacking and cyber attacks, many businesses choose to enroll in a cyber insurance policy. This will often reimburse the expense of investigating attacks, business losses in the form of lost time and revenue, breach notifications to customers with compromised accounts, and lawsuits resulting from the attack. Of course, like health insurance, you do not stop taking care of yourself because you are covered. It is still important to take all necessary precautions to avoid a breach in the first place.
With so much at stake cyber insurance companies are also rapidly expanding, a business many people may not even know exists. Many businesses will invest more in these insurance policies, but they are no substitute for an experienced cybersecurity team to protect your business data. Although the insurance company will reimburse businesses for money lost due to hacking, they cannot restore customer confidence or prevent intense regulatory scrutiny for many years to come.
Remember that the biggest targets for cyber attacks are still large businesses and governmental organizations, but even smaller businesses and individuals may be targeted. Follow these simple tips to reduce your exposure to risk:
–Change your passwords often and avoid using the same password for every site. The best password is a random combination of letters, numbers, and symbols, although this does make it harder to remember.
–Never open an email attachment from a sender you don’t know. Even if you do know the sender, always exercise caution because they could be sending you a virus after being infected themselves.
–Be careful about the links you click on because sometimes even just opening a website can install Trojans or other malware on your system.
–Reduce the number of apps you download onto your phone. Always ask yourself, “Do I really need this?”
–Avoid using public wireless networks if possible, and do not use them to access sensitive information like your bank accounts.
–Avoid filling out the popular surveys on social media that ask questions like where you were born, what school you went to, first car etc. These same questions are often used ask security measures in case you lost your password. By filling these out you could potentially give people access to your online accounts without even knowing it.
–For businesses, consider investing in a cybersecurity team and a cyber insurance policy.