Is your data safe online? Whose job is it to secure your cyber security? Is your online data, information like your bank account, card details, address, phone number, ID documents safe with the companies and websites you transact with?
Over the last couple of years many people may have become complacent, believing that governments and businesses have got on top of cyber security.
But now, in 2020 hacking seems to be getting more prevalent, not less. And the hacks are frighteningly sophisticated.
In June, the Internet Crime Complaint Centre at America’s FBI reported daily digital crime reports rose 75% since the start of stay-at-home restrictions. Interpol Secretary General Jürgen Stock said: “Cyber-criminals are developing and boosting their attacks at an alarming pace” during the COVID-19 pandemic.
But that’s just the criminals. What about legitimate businesses, websites, search companies, advertisers, lenders, insurers, pharmaceutical companies? How are they using your data?
The answer is the you are being tracked and your transactions are being monitored. The information is being used to influence your buying, to sell things to you, to influence what you read and the results on your search engine.
“…a world of indiscriminate tracking where institutions are stockpiling data about individuals at an unprecedented pace.”
Most people expect the businesses they transact with or their government is protecting their data according to new research this month from F5.
43% think the business is protecting their data. Another 32% of people think governments are doing that job.
So, 75%, or three quarters of all consumers surveyed think someone is looking after them online. Maybe that’s why most people will happily choose websites with great user experiences (UX) even if it means giving up their information.
The research found that 69% of people surveyed in the Asia Pacific region, including Australia, will choose a better user experience (UX) over greater privacy.
Breaking the numbers down by country show that survey respondents in China (82%), India (79%) and Indonesia (79%) are the least suspicious when it comes to sharing data online.
People in Japan (43%), Australia (50%) and Singapore (58%) are least likely to trade their data for a better experience.
But the website you have just joined may be the people who are now selling your information to another party. The government you trust may be stockpiling your data in ways you don’t understand.
Julia Angwin documents real stories of dating websites selling member information to drug companies, facial recognition identifying the wrong person and tenants being profiled by inaccurate credit reporting agencies.
But legitimate businesses that we transact with are not just misusing our information, they are also being forced to deal with criminals also hungry for our data.
We may not know if our information is in the hands of criminals -like all the owners of Garmin devices and Strava accounts. Because companies often don’t admit to data breaches and some pay off the criminals to keep the matter quiet.
And it’s not just financial and personal and ID data. Have you said something anonymously online that you wouldn’t want your boss, your friends, your family to know about? If you have an anonymous username that doesn’t mean you are actually anonymous to a motivated hacker.
Lots of AFL fans participate in discussion forums on BigFooty.com, a popular app that lost 132GB of sensitive discussion board data in May 2020. Some of that data was private messages, some racist and offensive that could be traced through anonymous usernames back to individual users. Police officers and government employees were involved raising the possibility of blackmail.
We may have been lulled into a false sense of online security. In 2019, online fraud was trending down but seems to have sharply turned in 2020. This chart, issued last week from AusPayNet shows online (card not present) fraud in decline.
But that is last year’s story. 2020 might be the year we all start taking our privacy and information security a lot more seriously. There are more hacking attacks exposing our ID, personal and financial information happening in 2020 than ever before.
16 billion records have been exposed by hackers so far this year reported Security Boulevard in August 2020, up from 4.1 billion in the first half of 2019.
15 July 2020: Twitter accounts of Barack Obama, Elon Musk, Bill Gates, Jeff Bezos, Joe Biden, Apple, Uber, Kanye West, Bill Gates, Kim Kardashian and other high profile people were hacked and tweeted a message offering to double any deposited bitcoins. Kratikal reports the fake tweets offered $2,000 for every $1,000 sent to a Bitcoin address.
31 March 2020 Marriott Hotel lost the personal details of 5.2 million loyalty scheme customers. The criminals obtained the login details of two Marriott employees through ‘credential stuffing’ or ‘phishing.’ They used user information to steal the data of 5.2 million people one month before the breach was discovered. In 2018 Marriott Hotel chain lost the details of 500 million guests.
April 2020: 500,000 Zoom account passwords were stolen and put up for sale on the dark web. Along with login credentials, the criminals also sold personal meeting URLs and HostKeys owned by financial institutions, banks, colleges, and many other organizations..
Digital media under attack: In April 2020, Nintendo said 160,000 user accounts had been hacked and some used to buy digital items. Netflix, Spotify and Disney+ have also suffered recent attacks from hackers. Garmin and Strava lost control of millions of user’s accounts and their data in July.
2020: COVID-19 Netwalker crimewave. In 2020 hackers are using the Netwalker ransomware to take control of an increasing customer databases. Netwalker is thought to have netted $35 million in ransoms in five months. Reported incidents may just be the tip of the iceberg because many companies clearly pay the criminals.
Criminals are just part of the picture when it comes to protecting your information online. Marketing companies, search engines, government agencies, other people all are looking at our information online.
Once only public figures and criminals needed to be concerned about who is watching them.
Who is watching you? Julia Angwin says this question is now relevant to everyone “regardless of his or her fame or criminal persuasion.”
“Any of us can be watched at almost any time, whether it is by a Google Street View car taking a picture of our house, or an advertiser following us as we browse the Web or the National Security Agency logging our phone calls.”
There’s more information about the Australian computer hacks and data breaches and the privacy implications of an increasingly cashless world at CashWelcome.org.
But Cash Welcome has the inside information on why it won’t fly …
When you open a new website or click through to a new web address, you are not the only the one watching.