-[image-pixabay]
Once Upon A Time,
There was a strange new portal upon the earth. People spoke of a magical opening through time and space. There had long been a way to hear and see something happening from a distance with the technological marvel television. But now rumors swirled that it was becoming possible to talk back. Could it be that the television was going to start to "look" both ways? Everyone knew what it was like to see the president speak. What if you could talk back?
As clumsy as this portrayal sounds now, this is not far from how the internet was being explained. Check it out in this “Early 1990's Internet Commercial” from Evolution Of The Internet by Green Tea Break.
Excitement, games, talking, shopping, and fun.
-[video-GreenTeaBreak via YouTube.com]
But there a there was a threat lurking in the portal.
Internet Security, Where Did It All Go Wrong?
In the 1990's, home use of computers exploded when the machines, formerly used by governments and businesses for decades, became affordable enough to be sold to working class consumers in the US and abroad. It was the Wild West right in your house, with new discoveries and dangers abundant. At first people didn't really know enough to worry about the risks. But within those early days new personal computer users were instructed of the use of good passwords. Security program functions arrived packaged with new machines and retail internet security programs were born. The history time-line">newmedia.org/history-of-the-internet.html?page=4">time-line of the internet is strange and surprisingly recent. (More on the timeline of the internet- click newmedia.org/history-of-the-internet.html?page=4" target="_blank">History Of The Internet) -[above image-imgur]
-[image-imagur]
While machines dialed into modems connecting to the internet at 14.4k maximum, cathode ray tubes lit up with pop-up ads full of scams. The scams were attempting to retrieve personal information and dangling a digital carrot for the unfortunate who pulled out a credit card. In the early days of internet shopping, customers usually got more than they bargained for. Without a good way to tell which deals were real, and which ones were rip-offs a lot of people lost money and had information stolen. Some of the scammers had big names.
-[image-imgur]
I personally spent months trying to get AOL (America Online) to stop taking money from me when I decided I no longer wanted to purchase their monthly service. Charges continued after I phoned to cancel, and even the bank could not figure out how to stop them. I had to close out my accounts and go to a new bank. I got an early taste of how helpless internet-related theft feels. That experience helped to shape the way I interact online, the way I do business, and the way I view the security of the things I own.
The Game Never Changed
If you browse a sports store for high-end equipment, you'll find the latest advancement in shoes, apparel and sports tech that just might give you the winning edge. Your favorite game, though is still basically the same, even with the new equipment. And in computing, the technology has changed the speed, method and location of our interaction with the internet, but with malicious hacking, the object of the game never changed. Information and money are the goalposts of the cyber invasion field. The security business is booming. But on the other team, the hacks are becoming much more sophisticated.
-[image-screen shot of Yahoo.com help page]
Yahoo Data Breaches
Breaches to Yahoo accounts occurred in 2013 and 2014. It was 2016 when the public finally became aware of damaging hacks into Yahoo databases which exposed encrypted passwords, security questions, and birth dates affecting 1.5 billion users total according to USA Today. Internet cookies may have been a key to the hackers access to accounts.
News organizations lit up with the Yahoo story. On September 23, 2016, ABC news ran a story including #WORLDNEWSTONIGHT broadcast "What Consumers Need to Know About the Yahoo Security Breach". Yahoo customers were instructed to replace their passwords with new, unique and hard to guess ones. They also needed to replace their security questions as instructed by Yahoo directly. In September of 2016, CNN stated that people who no longer use Yahoo accounts and even some people who don't realize they have Yahoo accounts acquired through activities such as fantasy sports were affected. CNN continued to give victims some advice in the spot "Got a hacked Yahoo account? Here's what you should do", (December 16, 2016) to help those victims through what CNN calls...
...likely the largest hack in history.
-Samuel Burke, CNN Money
The question raised with these high profile information thefts was, where is the security and how do I get it?
Let's go right to the source:
"The lesson is clear: No organization is immune to compromise," said Jeff Hill, director of product management for cybersecurity consultant Prevalent
This comes directly from Yahoo.com Tech page in the December 15,2016 Associated Press article, “Yahoo's Mega Breach Shows How Just How Vulnerable Data Is".
"Yahoo users could have had immaculate computer security and still been the victim here," said Will Ackerly, chief technology officer at Virtru, a computer security firm he co-founded after working for eight years at the National Security Agency."
But Wait...There's More...
Bitcoin Heists
The Bitcoin currency, a previous passion here on Bitlanders, and a currency that has made people rich around the world has not escaped the problem of breaches. While the technology generating the currency seems to be holding up, the mechanisms for storing and distributing Bitcoin have proven vulnerable. The Bitcoint Heist is explained in How To Steal Bitcoin In Three Easy Steps by Adrianne Jeffries.
(source: www.theverge.com/2013/12/19/5183356/how-to-steal-bitcoin-in-three-easy-steps
By Adrianne Jeffries )
Ransomware Attacks That Have Shut Down Businesses And Emergency Services
Ransomware attacks, software which takes over the data of the infected computer and denies access until a ransom (usually requested in annonymous Bitcoin currency) is paid. Experts advise against paying, and there is no evidence of data retrieval after payment is made according to BBC News.Cnet explains that businesses and hospitals around the world came to a halt when a 2017 cyberattack called Wannacry (a.k.a Wannacrypt) escaped the NSA and was used by hackers against Windows-based business computers around the globe. This attack was preventable by Windows security updates. But those updates often interfere with software usage on business computers and are commonly neglected.
(source-https://www.cnet.com/news/wannacry-wannacrypt-uiwix-ransomware-everything-you-need-to-know/)
Doesn't The National Security Agency Doesn't Prevent This Stuff? Actually, No.
Breaches into high-level databases have happened in enough places already to change the course of history. The ramifications of foreign involvement in US politics started making regular headlines last year and still do today.
DNC Hacks
-[image-CNBC]
Internet breaches and compromised security have been a major focus of the media since the 2016 US presidential campaigns began to heat up. Much of the fire had been stoked by stealing and attempting to steal candidate information. Kindling was provided when publications and individuals were quick to share dirt whether there was any foundation in truth or not. So it became difficult to find the real dirt, and the real truth. There is an ongoing investigation into the possibility that key players in the 2016 election worked with Russian actors to manipulate the outcome of the election through various methods. Now, daily, it becomes more and more clear what happened, but at the time, too few people took these warning signs serious enough.
-[video-CNN via YouTube]This scandal is a demonstration of how difficult it is to track down and solve problems with information security. And it makes clear how the consequences can continue to bubble up for a long time.
What Can I Do?
There are some steps that businesses and consumers can take. Privacy.org is a great source to keep bookmarked for reference while setting up your security stronghold. Software companies offer many free and paid solutions for individuals and businesses hoping to steer clear of security breaches. No one solution can address every concern. But along with basic cyber housekeeping, some products can increase your safety and streamline some tasks, as well. Here is a selection of some of those tools to use and how each one works:
- Password Managers. They are becoming almost indispensable as we all have more to do online and less time to do it. Basic password managers help you store complex, quality passwords without having to write them down. Many are free if you don't choose to sync your devices. A great free open source (and I think less vulnerable in the long run) password manager is KeyPassX.
Don't open e-mail or messages from unknown sources. Don't hit unsubscribe. (see http://www.marketwatch.com/story/the-dirty-little-secrets-consumers-should-know-about-these-industries-2017-03-06)
Off-line Data Storage. Consider fighting the urge to store everything online, just because it is quick. There are many types of personal storage. If you get a reputable brand name device, your choice of off-line storage can be other wise dictated by your personal taste.
Malware and Virus protection. Use the appropriate factory security settings for your operating system and ensure that you get security updates. It is a good idea to add virus protection like the free Avira I also use Malwarbytes anti-malware on multiple devices. Note that some companies annoy you with popups if you choose their free version. Avira has some minimal invasiveness and Malwarebytes is useful and unobtrusive. To help you pick see https://www.tomsguide.com/us/best-antivirus,review-2588-5.html
Robot Detection is familiar to each of us who has used Bitcoin faucets. Capcha works by requiring the user to type in a code that auto logging can't read. This is a tool for the online provider to protect their services and customers from unwanted multiple automated hacking attempts.
Querlo and AI Interface.
Artificial intelligence like the phone systems that screen calls for large companies is encountered by everyone, even if no computer is involved, on a regular basis. Artificial intelligence in an online program is a tool you can consider for business or personal use. Within 10 minutes of arrival on Bitlanders.com (usually less) users meet Querlo, "the chatbox with a heart". According to Francesesco Rulli:
“Querlo, an interactive chat with customizable API that can be implemented on any website, is a mobile app and social media platform, offering an easy-to-use 24/7 interface.”
(source: http://www.bitlanders.com/blogs/experience-sports-consumer-products-mobility-concepts-and-chat-with-querlo/5492801)- Querlo has a potential to allow for interaction between customers and companies, informing people about products in a real-time environment. You can learn about Querlo at Querlo.com.
Let's have a look at a Querlo chat:
I have participated in a number of Querlo chats created by businesses and individuals. I created a Querlo account and constructed a Querlo chat: https://www.querlo.com/chat/5996 for my Bitlanders Blog About Fidget Gadgets. A real time tool designed for websites and apps, its creators see a potential in Querlo to be used in combating data theft and privacy invasion. A consideration for users of Querlo is the information being requested, given out, and stored. Use the tool responsibly. Take care whenever generating data as a business or individual that you know who can access it, and what security measures are taken to secure the transmission and long-term storage of the data. If you are running a business and use a tool like Querlo, ensure the protection of the information you and your customers to and receive a Querlo chat-bot. Ask how Querlo can address your security concerns by contacting info@Querlo.com
It is important to remember that no connected computer is completely safe. Not even the Pentagon.
-[image-imgur]
In 2011 The Washington Post reported,
“The Defense Department lost 24,000 files to “foreign intruders” in the spring in what appears to be one of the most damaging cyberattacks to date on the U.S. military, a top Pentagon official acknowledged...”
And in 2016, after the Pentagon had time to learn from the 2011 attacks, some amazing discoveries were made..
“The "Hack the Pentagon" bug bounty program by the United States Department of Defense (DoD) has been successful with more than 100 vulnerabilities uncovered by white hat hackers in Pentagon infrastructure.”
Don't throw up your hands and give up on security! There are things you can do to limit your risk.
Take some reasonable steps to protect yourself. It can be overwhelming to try to consider every possible obstacle, so a better approach is to building your defense step by step. Consider using some of the tools we've covered. Start with a good password, and add layers of protection one step at a time. And remember to think twice before sharing anything valuable or personal online. Some footsteps last a long time.