Our lives are continuously being pushed onto the internet. Whether that be through posting on social media, storing your music on streaming services or backing up all your files on the cloud.
While this new way of living and working is making everything infinitely faster and easier, it’s also making sensitive data more vulnerable than ever before, and as more data is stored online, more hackers are attempting to steal it.
Just this week it was revealed Dropbox had been hacked in 2012, and was only now letting over 60 million users know that if their password had not been changed since then they need to do so immediately. Luckily for Dropbox, the way its passwords are stored on its systems meant that the hackers only saw random hashes associated with accounts, rather than the password itself.
But this is just the latest in a long line of big security breaches since the start of the year, coming in many different forms.
Similar to Dropbox, social media hero of yesteryear MySpace came under attack in May, with 427 million accounts, including their passwords accessed. While you might think an attack on MySpace, which hasn’t been popular for almost a decade doesn’t affect you, the value in these passwords for hackers comes in the form of digital laziness.
This is the millions of people who believe that having just the one password for all their accounts is enough. In cases such as this, all it takes is a hacker to try the MySpace email and password combo in other accounts across the web, and any that you do have an account with, they now have access to. Not only was MySpace compromised; LinkedIn, Tumblr, SnapChat and Adobe also fell victim with user account details exposed.
Attacks come in all shapes and forms though, with hackers often trying to target individuals themselves rather than stealing details from big, protected databases.
Also in May this year, millions of Amazon customers were targeted in what’s known as ‘spear phishing’ attack. This is where customers were sent fake emails with a dodgy word document attached masqueraded as delivery advice. Once the victim opened the document it triggered the download of a ransomware.
Ransomware is nasty, and is the biggest trend for hackers at the moment. Once installed, the hacker takes complete control of your computer, and will demand you send them money to unlock it and not delete your files.
You often hear people downplay the need for a decent firewall or security software, but with ransomware rampant at the moment, it has become more important than ever.
And of course, while we’re talking about the biggest attacks of the year, we can’t go past the government’s Census disaster.
This was a completely different attack from the above altogether, and didn’t appear to be an attempt to steal any information, but rather cause havoc. Attackers performed what’s known as a Distributed Denial of Service (or DDOS) attack, which essentially pushes loads of traffic from lots of computers onto a server until the server can’t handle it anymore and crashes.
In the case of the Census night, the attackers took advantage of a website that they knew millions of people would all be looking to go on at once, so it would already have lots of traffic, and then used their computing power to push it over the edge.
So what have we learnt?
Even the biggest online websites and government organisations can’t get security right, so what can we do about it?
- Only signup to services that you “want and need” to use.
- Do not use the same password on another website
- Be caution of all emails that you receive – never send username’s, passwords, or credit card numbers over email
- Do not click, download or open any suspicious file on your computer
- Everything you post online is potentially saved forever
- Make sure you only log onto websites that use SSL – website URL’s will start with a green https://
- Ensure your computer operating system and all software is updated on a regular basis
- If you are a business, invest in a reliable onsite, or cloud based firewall to mitigate DDOS attacks, unwanted malware and prevent intruders
Last modified: September 2, 2016