With every leap in civilization there comes along with it a new brand of criminal. People adopt new technology to improve their lives, but with new tech comes new vulnerabilities, and it’s up to the individual to keep themselves protected. If you invent guns, you are eventually going to need to invent body armor too.
Now in 2017 we have been dealing with the internet for over 20 years. It’s a field that evolves so fast you could blink and practically be lost in the stone age. In such a rapidly changing environment, it becomes difficult to combat cyber criminals who are so on top of their game.
I spoke with Alex Green, founder of Windsor Security and former U. S. Army Ranger (TSE) on the subject. He said that the most common argument he hears is that, “I won’t get hacked, I’ve got nothing worth stealing!” This couldn’t be further from the truth, but not for reasons that you might expect. He said that, “the vast majority of hacking victims aren’t targeted, the victims generally fall into the adversary’s lap by visiting the wrong website.” And if you think you have nothing of value, you’re probably wrong–if you have a computer or a bank account then you have something of value to these people.
This is not the guy you have to worry about – Image courtesy of Wikimedia Commons
In order to effectively protect yourself, you have to understand today’s adversary. We aren’t dealing with trench coat wearing hackers surrounded by monitors scrolling through code as they hammer away at an unreasonable amount of keyboards. The greatest threats we face are more like multi-tiered organizations that operate a lot like legitimate businesses. Green gave the example: “if an adversary compromises a website, they can set it up to perform drive-by attacks. This, in essence, attacks anyone who visits the site. If you aren’t protected, you become a victim just by visiting the compromised site.”
At this point, their multi-tiered business model starts working your computer. Tier 1 looks through the list of victims (you included) and figures out which ones are “juicy targets,” as Green puts it, like a corporate computer in a bank. If not, they can still use your computer for other tasks–using it as a platform to send spam elsewhere, mining cryptocurrency or simply stealing critical, personal information to use at their discretion. If the computer is a “juicy target” then it escalates to their second tier, where you have an actual team continue exploitation. This is where you get the types of data breaches that hit the news.
Like many regular businesses, “these adversaries perform cost-benefit and ROI analyses to determine what to do with individual systems and what larger targets are worth attacking specifically.”
Image courtesy of Pixabay
You also have research-based hacking. They spend time studying and hacking a group, like you have seen with Equifax, Target and Anthem–but there are smaller scale examples that can apply to the average person as well. Let’s say you have a prescription medication. Green says that, “Controlled substances are very well protected at CVS, Walgreens, and other vendors, but what about after the customer picks them up? These attackers look for patient data on who has prescriptions for these drugs, and simply robs them at their home. It is much easier to steal from a home compared to a secured pharmacy.”
His particular service runs under $4 a month, and there are plenty of vendors that run similar rates. It’s an inexpensive service that can protect you from very real threats. “My solution checks every website that your computer talks to, to ensure that none are malicious. If they are malicious, we block the connection and tell you what happened, and how to fix it.”
With every leap in civilization there comes along with it a new brand of criminal. People adopt new technology to improve their lives, but with new tech comes new vulnerabilities, and it’s up to the individual to keep themselves protected. If you invent guns, you are eventually going to need to invent body armor too.
Now in 2017 we have been dealing with the internet for over 20 years. It’s a field that evolves so fast you could blink and practically be lost in the stone age. In such a rapidly changing environment, it becomes difficult to combat cyber criminals who are so on top of their game.
I spoke with Alex Green, founder of Windsor Security and former U. S. Army Ranger (TSE) on the subject. He said that the most common argument he hears is that, “I won’t get hacked, I’ve got nothing worth stealing!” This couldn’t be further from the truth, but not for reasons that you might expect. He said that, “the vast majority of hacking victims aren’t targeted, the victims generally fall into the adversary’s lap by visiting the wrong website.” And if you think you have nothing of value, you’re probably wrong–if you have a computer or a bank account then you have something of value to these people.
This is not the guy you have to worry about – Image courtesy of Wikimedia Commons
In order to effectively protect yourself, you have to understand today’s adversary. We aren’t dealing with trench coat wearing hackers surrounded by monitors scrolling through code as they hammer away at an unreasonable amount of keyboards. The greatest threats we face are more like multi-tiered organizations that operate a lot like legitimate businesses. Green gave the example: “if an adversary compromises a website, they can set it up to perform drive-by attacks. This, in essence, attacks anyone who visits the site. If you aren’t protected, you become a victim just by visiting the compromised site.”
At this point, their multi-tiered business model starts working your computer. Tier 1 looks through the list of victims (you included) and figures out which ones are “juicy targets,” as Green puts it, like a corporate computer in a bank. If not, they can still use your computer for other tasks–using it as a platform to send spam elsewhere, mining cryptocurrency or simply stealing critical, personal information to use at their discretion. If the computer is a “juicy target” then it escalates to their second tier, where you have an actual team continue exploitation. This is where you get the types of data breaches that hit the news.
Like many regular businesses, “these adversaries perform cost-benefit and ROI analyses to determine what to do with individual systems and what larger targets are worth attacking specifically.”
Image courtesy of Pixabay
You also have research-based hacking. They spend time studying and hacking a group, like you have seen with Equifax, Target and Anthem–but there are smaller scale examples that can apply to the average person as well. Let’s say you have a prescription medication. Green says that, “Controlled substances are very well protected at CVS, Walgreens, and other vendors, but what about after the customer picks them up? These attackers look for patient data on who has prescriptions for these drugs, and simply robs them at their home. It is much easier to steal from a home compared to a secured pharmacy.”
His particular service runs under $4 a month, and there are plenty of vendors that run similar rates. It’s an inexpensive service that can protect you from very real threats. “My solution checks every website that your computer talks to, to ensure that none are malicious. If they are malicious, we block the connection and tell you what happened, and how to fix it.”
Barrett is the world leader in long-range, large-caliber, precision rifle design and manufacturing. Barrett products are used by civilians, sport shooters, law enforcement agencies, the United States military, and more than 75 State Department-approved countries around the world.
PO Box 1077 MURFREESBORO, Tennessee 37133 United States
Scrubba Wash Bag
Our ultra-portable washing machine makes your journey easier. This convenient, pocket-sized travel companion allows you to travel lighter while helping you save money, time and water.
Our roots in shooting sports started off back in 1996 with our founder and CEO, Josh Ungier. His love of airguns took hold of our company from day one and we became the first e-commerce retailer dedicated to airguns, optics, ammo, and accessories. Over the next 25 years, customers turned to us for our unmatched product selection, great advice, education, and continued support of the sport and airgun industry.
COMMENTS
There are on this article.
You must become a subscriber or login to view or post comments on this article.