With every leap in civilization there comes along with it a new brand of criminal. People adopt new technology to improve their lives, but with new tech comes new vulnerabilities, and it’s up to the individual to keep themselves protected. If you invent guns, you are eventually going to need to invent body armor too.
Now in 2017 we have been dealing with the internet for over 20 years. It’s a field that evolves so fast you could blink and practically be lost in the stone age. In such a rapidly changing environment, it becomes difficult to combat cyber criminals who are so on top of their game.
I spoke with Alex Green, founder of Windsor Security and former U. S. Army Ranger (TSE) on the subject. He said that the most common argument he hears is that, “I won’t get hacked, I’ve got nothing worth stealing!” This couldn’t be further from the truth, but not for reasons that you might expect. He said that, “the vast majority of hacking victims aren’t targeted, the victims generally fall into the adversary’s lap by visiting the wrong website.” And if you think you have nothing of value, you’re probably wrong–if you have a computer or a bank account then you have something of value to these people.
In order to effectively protect yourself, you have to understand today’s adversary. We aren’t dealing with trench coat wearing hackers surrounded by monitors scrolling through code as they hammer away at an unreasonable amount of keyboards. The greatest threats we face are more like multi-tiered organizations that operate a lot like legitimate businesses. Green gave the example: “if an adversary compromises a website, they can set it up to perform drive-by attacks. This, in essence, attacks anyone who visits the site. If you aren’t protected, you become a victim just by visiting the compromised site.”