Technology has been progressing at an amazing rate, especially over the past 20 years. Think back to 1994 and you probably couldn't imagine the Smartphone, DVR, Netflix, Wifi, GPS, or Facebook. Despite these amazing innovations, we seem to be going backwards when it comes to digital security. Viruses, malware, spam, and hacking are much bigger problems than ever before, and it seems to be getting worse. How could this be???
A few months ago I wrote about the Target credit card breach, asking how it could happen. In the past few years it’s also happened to Marshalls/TJ Maxx, the California DMV, Michael’s, PF Chang’s, Neiman Marcus, Sally Beauty, and I'm sure many others that didn’t make the headlines. Then there are the thousands of personal PC's containing years of family photos and videos which may have been maliciously destroyed.
Let’s take a closer look at what's really happened in technology over the last 20 years to get us to where we are today. First, microprocessors have gotten exponentially faster, smaller, and more power efficient, which means the iPhone in your pocket is way more powerful than the Pentium II desktop PC you may have owned in 1996.
Second, the software that runs on these devices may have gotten more stable over time, but it's also gotten more complicated under the hood, and not necessarily gotten more secure. Sometimes those bugs simply cause the system to slow down or crash, but sometimes they expose a vulnerability. That's just the way software is.
Third, and by far the biggest, the Internet has become ubiquitous, and just about every computer and smartphone is always connected to the huge worldwide network we call the Internet, which as I've mentioned in previous posts, is like the wild west. It's not nearly as secure as most people think, and there are too many people who take advantage of that.
Finally, it's what we use our computers and smartphones for. In the 1990's, most of us used computers to play games, type reports and letters, chat online, and maybe email the few people we knew who also had email. But that's it - there wasn't much if any valuable data on our computers. Today, needless to say, that's not the case.
So let’s look at what we have now: super fast computers, running imperfect software, always connected to the Internet, and being used to run businesses, store family photos, do online banking, make purchases, and much more. Unfortunately, this is a hackers' paradise.
Twenty years ago, viruses had to find their way around on floppy disks (remember those?), and there was little or no money to be made by writing a virus. Not today. The Internet, the same thing that we love using all day long for almost everything we do, is also the most dangerous weapon that hackers have. Imagine a locksmith who may only be able to open .01% of the locks he tried to pick, but was able to try picking 10,000 locks per hour, 24 hours a day, 7 days a week, at virtually no cost. It would be worth his while. Unfortunately, swap out the locksmith for a determined hacker, and the locks for computers, and that's what we are dealing with.
What's worse, because the data that sits on these computers is so valuable, being a hacker today can be a lucrative (and risky) business. I'm sure the people who were behind the massive retail credit card thefts, the fake anti-virus programs, spam campaigns, and cryptolocker have made tons of money from their efforts, otherwise they wouldn't be doing it! Plain and simple, there is money to be made here.
Of course, this is all clearly illegal, and if these hackers are caught and prosecuted, the penalties can be quite harsh.The crazy thing is that the really good hackers who are prosecuted, once released from prison end up with top paying jobs as security consultants to major companies (see Frank Abagnale Jr. as just one example).
What can you do about all of this? How can you ensure you're not the next victim? I've written most of those tips in my previous blog posts talking about backing up your data, safe computing practices, having the right protection in place, and not falling for common IT mistakes. Feel free to submit a comment below asking about any of this stuff (or contact us) and ensure your business doesn't become the next victim.