It’s more than Halloween
Straddling the divide between autumn and winter Halloween is a time of celebration and superstition. Its origins lie in the period of time when the Celtic nations dominated Europe and people would light bonfires and wear costumes to ward off roaming ghosts. The idea of divide still holds today and perhaps nowhere more prominent than the surface and light world of the everyday internet and the dark, mysterious and sometime malevolent world of the deep web where hackers and cyber criminals have their being and surface to wreak havoc.
Halloween; it’s the time for ghouls, spooks and creeps and that’s just on the internet. Phantom data, sinister spam, and spectral spooks – it’s all heading our way from the dark side of the cyber world. It’s also a good time to take stock of cyber defences, not only because horrible hackers plan malicious deeds by riding on the back of the ghoulish holidays, but these tricks are not treats and they happen all year round too.
Spooky spam
How pervasive is spam? Estimates vary with some sources claiming 4,000 spam mails for each internet user each year and others saying a few years ago three quarters of the world’s internet traffic was spam. Spam is dastardly, can be deadly and right now may well be Halloween themed.
Devilish data breaches
Data breaches are so common it’s a surprise bookmaker haven’t been offering odds on which company will leak out sensitive data next. We can’t even mention the recent Talk Talk breach in which the details of 4 million customers may not have been encrypted, because it’s so lax on the part of Talk Talk it leaves you choking in disbelief. Your data may be secure on your computer but how can we trust organisations that hold our data?
Phantom phishing
According to SANS Institute, 95% of all attacks on enterprise networks gained access via a spear phishing attack. And even security companies are not immune. Just ask RSA. This world renowned security company had its encryption crown jewels lifted following a successful phishing expedition which sneakily targeted a small number of employees. To say it was embarrassing is the mother of all understatements.
Social media spooks
Do you believe everything you hear out in the real word? Thought not. So why should you abandon the natural principle of psychological protection on social media platforms? Why unquestioningly accept friend requests, posts, invites and so on, on social media sites? Not everyone is who they claim to be. Just like real life there are ghoulish figures that stalk the social media world looking for opportunities to scam and fraud.
Deep dark web
Four million customer details lifted from Talk Talk, 40 million credit and debit card details from Target, 21 million individual records from the US Office of Personnel Management; the list goes on and on and on. And where does much of this stolen data end up? A lot of it surfaces on the dark web where there are industrial sized, crime-fuelled operations dedicated to buying and selling stolen data.
Sinister spies
If it’s not hackers trying to skank people, the cyber world is literally crawling with spies. Thanks to Edward Snowden, we now know the true extent of nation state scooping and its staggering; tapping into underwater cables and siphoning off all transatlantic internet traffic in just one instance. And of course social media is a gold mine too for government sanctioned snoopers.
Rattling ransomware
Ghoulish ransomware is enough to give anyone the creeps. It’s been around a while and after various strains are put down, it rises from the grave again in a slightly new version designed to creep past defences. Hence the recent surfacing of CryptoLocker 2 – a heinous piece of malware that does exactly what its predecessor did – terrorize and blackmail.
Evil eye
Public Wi-Fi networks are an open door for ghoulish hackers. The same features that make free Wi-Fi hotspots good for consumers make them good for hackers too because it requires no authentication to establish a network connection. The hacker positions himself between you and the connection you end up sending it to the hacker who relays it to the connection. Everything you send; emails, credit card information and so on falls into the lap of the hacker.
SEO poisoning
Cybercriminals begin their attacks when it’s most opportune and leave them up for as long as they are effective. They follow user habits and look out for trends in searches. So if attackers notice an increase in people searching for costumes and other holiday-related items they’ll pounce and poison your searches on Google, Bing, and Yahoo! to direct people to malware loaded links as soon as they can.
Perilous data
At some level we all worry about whether our data has been stolen without us knowing anything about it. Even many organisations are not sure about what happens to lost files and emails. Under these circumstances private and personal data could slip out of the door like an evil djinn suddenly appearing in the corner of your room.
The Watchword
With this swathe of spectral threats ever present the watchword is be careful when treading into the cyber world because a parallel cyber nether world lies just beneath the surface seething with all manner of misfits, miscreants and malicious hackers.
[su_box title=”About BullGuard” style=”noise” box_color=”#336588″]Launched in 2002, BullGuard is one of the fastest growing internet and mobile security brands in the market today. Its product portfolio includes award-winning antivirus, a premium 24/7 protection suite, and web-based identity and social media protection that works across all devices. As part of its security service, BullGuard also provides customers with data backup for PCs and mobiles. Since its launch, the company’s philosophy has been to combine technical excellence and industry-leading practice with a genuine understanding of consumer needs. This means it creates simple, easy-to-use products that deliver complete protection so customers can effortlessly safeguard their digital footprint.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.