In April on CNBC, cybersecurity entrepreneur and “Shark Tank” celebrity Robert Herjavec opined, “COVID-19 has created the Golden Age for hackers.” He went on to say, “You couldn’t have picked a more perfect time to hack somebody.”
Considering all the hype surrounding COVID-19, I was a bit skeptical. Would the new coronavirus really change the security equation?
“Yes,” said Attila Seress, founder of Honolulu-based internet security company cylanda.com, ”Herjavec is correct. In April the FBI said the number of reports of cybercrime in the U.S. had quadrupled, from a typical 1,000 per day to 3,000-4,000. The rate of cybercrime has only climbed since the onset of the COVID-19 pandemic.”
The bottom line, he says, is that all of us are vulnerable in some way of being exploited by cybercriminals, and they know it.
Will this rise in cybercrime slow down or stop?
Seress reckons that it will not slow down in the short term. The question he suggests you should be asking is, “How can you protect yourself and your business?”
The short answer is to focus on cyberhygiene in your life and business.
He advises by starting with password management.
That means to vary your passwords rather than using the same one for multiple accounts. A recent survey by Google found that 2 in 3 people recycle the same password across multiple accounts.
Google’s survey, said Seress, corresponds with other password studies that have been published over the past year. Those studies indicate that anywhere from 50% to 80% of internet users reuse their passwords across personal and professional accounts.
Why is this a problem?
It’s not until one or more of those online services are breached that it becomes an issue. Hacks of internet sites, even with big companies, occur regularly. Over the past few years there have been stories in this newspaper about breaches with Dunkin’ Donuts, Target, Home Depot, LinkedIn and Facebook.
But don’t think it’s limited to the mainland. In Hawaii big-name entities such as Zippy’s and even the University of Hawaii have experienced security lapses.
What happens when the bad guys break into a big institution’s site?
The breached password databases can conceivably be sold on the Dark Web, which is not a nice place to have your personal information for sale. The Dark Web is a kind of bad guys’ all-purpose social media platform that can be used for communications or internet commerce. Instead of selling coffee or laptops, according to Wikipedia, it’s used by organized crime syndicates, human traffickers, pedophiles, corporate spies and terrorist organizations (such as ISIS) for any number of nefarious activities. This includes the buying and selling of drugs, firearms, identities, etc.
By replicating your password and username, your personally identifiable information (PII) becomes a more valuable sales item if it works in more than one place.
Thus, hackers who work on the breached databases will use robots to test your breached username and password against commonly known sites such as Facebook, Craigslist, Gmail, eTrade, etc. Most of the time there’s a match, and just like that, you may have to deal with identity theft, financial loss and reputation damage.
What can you do?
Seress told me that to combat this, use a paid password manager like LastPass or Keeper. He doesn’t recommend the one built into Chrome or Firefox. “Browsers were not built for this type of security,” he says.
A manager that you pay a fee for will generate a long, unique, complex password for each site and service you use. The passwords are saved and then auto-filled in on the sites you visit. This way, if any of the online services you use is breached, there’s only one password to change, and it will be completely dissimilar to any of your other stored passwords. You can’t stop the breaches, but you can stop the damage from spreading.
Rob Kay, a Honolulu-based writer, covers technology and sustainability for Tech View and is the creator of fijiguide.com. He can be reached at Robertfredkay@gmail.com.
