No matter how tiring cybersecurity warnings continue to be, the reality of their importance really can’t be understated. The last year or two has been something of a security nightmare with massive breaches across multiple platforms from a variety of sources with no clear end in sight.
It may not be fun, but keeping your data safe is more enjoyable than spending the next several months trying to re-secure information that never should have been lost in the first place.
Recent breaches: Security in hindsight
Generally speaking, cybersecurity tends to pop up when discussing things like phishing scams and brute force password-guessing attacks, but the last several months have shown some disconcerting cleverness on the part of those playing with technology. In fact, there’s a fairly high-profile example of Russian hacking leading to power company infiltration as part of a large-scale effort to probe critical American infrastructure.
The average end user may not have to worry about outside influences taking over their local hometown’s power grid yet it shows that we’re no longer dealing simply in the realm of Nigerian scam emails asking for Western Union transfers to anonymous recipients. Universities are being targeted, and breaches larger than Equifax’s recent blunder are becoming all too common, potentially leaving hundreds of millions of people out in the cold with no obvious sense of recourse.
Not every breach can be easily prevented. Large companies with tempting databases to target are always going to be under scrutiny, but there are steps the average layman can take to ensure their information stays secure up to the point where its storage is up to another individual.
The security responsibilities of the end user
In many cases, the end user will be one of the weakest points of access when it comes to personal security. Passwords are often reused across platforms or wind up comprised of easily guessed information based on one’s personal life, though not every password issue is caused by the strength of a passcode.
Occasionally a weaker password hash algorithm, especially those used in older operating systems or by legacy systems, will suffer an attack facilitated by what is known as a rainbow table. The short explanation is less like having a list of passwords to guess and more like having a list of encryption keys to compare against what a password might look like. 1and1 has more info on rainbow tables and what you should know about their use.
Sometimes all the end user can do is opt not to use a service with a legacy security algorithm, even if that may cause an inconvenience. Chances are that mild inconvenience will beat out on losing valuable personal data.
Yet there still exist situations where alertness and careful digital maneuvering can mitigate most of the average consumer’s risk. Sometimes the simple act of double-checking the URL of a website is enough to catch a phishing attempt, which is why it’s always advisable to ensure security, especially when shopping online. Becoming deeply familiar with the ins and outs of sites that handle critical information, be it an online shopping outlet or a local bank, can help clue a user in on when things aren’t all they seem to be.
Responsibility where responsibility is due
The crux of many of these issues can fall on the shoulders of companies with lax policies on user privacy; Panera Bread had a security loophole that went unnoticed for as long as eight months before being detected, which is but a small example of just how negligent a company can be if it isn’t expressly founded with technological literacy as a core value.
Even the best passwords and the safest browsing habits can’t stand up to the sheer incompetence of a user’s information being left in an open text file on a poorly secured server. Pushing for enhanced security measures across nearly every industry is slow to take hold, and through user authentication through deep learning is on the horizon, it likely won’t be fully implemented any time soon enough.
Security won’t stop being an issue until users and companies alike take their information more seriously. Demanding change is easy, but keeping on top of companies until they comply may not be. Don’t give up yet.