“Few think that the threat is real, but it is more likely that your data will be stolen than your home broken into.” – Nathan Neil
On Feburary 10th of this year, the Internal Revenue Service reported that cyber criminals succeeded in using 101,000 social security numbers to electronically file returns. They attempted with almost 500,000 social security numbers.
In 2015, over 300,000 tax payers had their information stolen. Granted most of this is on the IRS side that the attacks are occurring, but the more information the cyber criminals collect on you, the more likely you are to be a victim.
You may think that you are secure and that you have all the proper security in place, but in 2014 it was estimated that about a third of the computers on the web are infected with some form of malicious software, also known as malware. The percentage has be steadily increasing by 4-6% annually. This does not include other types of vulnerabilities such as botnets, spyware, viruses, and trojans.
The Economics of Cyber Crime
In economics we learn about the law of supply and demand. The more of a supply, the less of the demand for that product. To compensate and push supply, prices have to be lowered. Presently in the underground internet a person can purchase USA credit card data for about $1-$4. Essentially, so much of our data is out there that it is worth almost nothing for a criminal to purchase it. Once a hacker has your data, many sell it on the black market. The news source BankRate.com reported that a social security number, date of birth, health insurance information, credit card data, and bank account data for one individual can be purchased on the black market for a little over $1,000. This is nothing compared to the amount of debt a thief can rack up on your accounts and the amount they can take from your savings.
Since our government has been less than great at protecting their servers, social security numbers hold virtually no value. A security expert from Boston reported that you could by 100,000 American social security numbers for a penny each. So getting back to the IRS and their 500,000 attempts to file fraudulent returns, the thieves only paid $5,000 for that information that they made hundreds of thousands from (if not more).
In 2014 the FBI estimated that 18 computers every second become part of a botnet and it has increased annually. That is an alarming statistic. Have you read about big companies having services disrupted by a DDOS attack? A DDOS is a Denial of Service attack, where a black hat hacker uses all of the machines in their botnet to attack a website at the same time. This results in the site going offline as it overloads the system.
Importance for Data Security Policies and Protection
In January 2016, BBC news was hit with the largest DDOS attack in history. The hits are getting larger and bigger each time. Keep in mind, people participating in these botnets are typically unaware that they are involved. These attacks occur daily on various websites and companies both big and small. You may be part of the network of computers that is causing this. This is why I feel that sharing information is so powerful. We can combat this and stop it with a distribution of knowledge attack by sharing information with each other and raising awareness.
Most companies are starting to, I hope, to have policies in place to prevent their systems from being part of this issue, but a home user is left without a guide on how to protect themselves and others. I wrote a great book that helps business achieve this.
Do Not Be Afraid
Once we acknowledge that there is an active threat, growing stronger every day, we can move forward to educate ourselves and employ better practices to keep our devices safe.
Do NOT be afraid. As we learn the threat and what we are up against, we can defend ourselves. The malicious actors out there only have one offensive move, which is our society pretending that the problem does not exist.