No Wonder There Are More Than One Million Victims Of Cyber Crime Daily

The worry about crime used to be if you had had your wallet stolen; or did you just leave it in a 'safe place' and have forgotten where that 'safe place' was?

You put your valuables in a safe with the local bank, or if you could afford it and wanted to take the risk, within the home.  In many ways this approach has changed over time and in others it has not.

We are still very trusting when it comes to matters financial but if the recent report from Norton is to be believed, perhaps we shouldn't be so blasé.  They surveyed more than 13,000 online adults aged between 18 and 64, from 24 countries.

The results showed that Baby Boomers were less susceptible to cyber-crime than the later Millennials and the highest number of cyber-crime victims were to be found in Russia (85%), China (77%) and South Africa (73%).

Cyber crime victims were more likely to be male (64%) than female(58%) which is probably a reflection of testosterone-fuelled impulses!

Source: 2013 Norton Report

With an estimated $US113 billion of cyber crime taking place over a year, the situation is likely to get worse with an increasing move away from desktops to mobile devices.  The survey revealed that almost half of respondents leave security concerns behind when they hit the street. They don't use basic precautions such as password protection, security software of any kind, or backup their important files.

Here's another sobering revelation; 57% aren't even aware that security solutions for mobile devices even exist!

No wonder then that there are more than one million victims of cyber crime daily. With the lines blurring between home personal life and work there are increased security concerns for business as well. One in five respondents admitted sharing work information with friends and family.  

36% reported that their company had no policy in place when it came to the use of mobile device for work and 27% of all adults admitted they had lost their mobile phones or had them stolen.  So considering these results, how secure is your business data?

Other points of interest to those concerned with online security include:

• 41% of online adults surveyed have been victims of hacking, malware, scams, viruses, fraud and theft in the past year
• Half (50%) have been victims of either cyber crime and/or 'negative situations' over the same period.  This includes being bullied or stalked online, or receiving nude images from perfect strangers.

When it comes to social media people appear to be just as lax, if not more so. 39% didn't bother to log out after a social media session and a quarter actually share their social media log-in details and passwords with others. Somewhat surprisingly then considering the slack attitude portrayed, only 12% of the sample admitted that someone else had hacked into their social media account and pretended to be them.

We've grown very attached to our mobile devices but have largely forgotten the Internet security risks and the security protocols that we rigorously applied to our desk top systems.  

Given all of the above, perhaps it is now time to think far more seriously about how we can personally fight cyber crime by being more diligent; especially if we are wedded to our smartphone or tablet.

Related articles

• Cyber crimes costs UK businesses average of £3m per year

As Strong As Your Weakest Link

As the old saying goes "You are only as strong as your weakest link".  Interestingly, in the recent rash of data disclosures from Edward Snowden and his predecessors, the weakest link could well turn out to be of America's own making.

Outsourcing key data activity to contractors rather than keeping it in-house means your online security is only as good as their employees are; in keeping mum about what they discover about your operations in the course of their daily duties.

Consider the fact, expounded by James Sensenbrenner in a recent editorial, that there are some 500,000 employees of private firms with access to the government's most sensitive secrets.  And this is just the States.  There are surely more in other countries contracted to undertake similar surveillance.

Some regard the actions of Manning, Assange and Snowden as heroic and others consider them heinous, but which ever side of the the ethical debate you sit on, the fact remains that confidential data was accessed and shared with those it wasn't intended for.

It is a sobering realisation (or maybe reconfirmation) that it is the low level IT guy who poses your greatest threat. These techs seem to be able to rummage through systems and make discoveries that evade all of the so-called safeguards that the governments throw at them.

Consider for a moment what you might have accessed online or sent to others via email in the past year.  I would suggest that many people who would feel less than comfortable in having a total disclosure of their online habits revealed to the world without their permission.

But is there anything you can do to mitigate the risk that others can and do spy on what you do?

Part of the answer could well have been given by NSA whistle-blower Snowden.  In reply to an online discussion set up by the Guardian newspaper he said that:

"Encryption (of email) works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it".

So there you go.  Even encrypting your email can only assure safe passage between systems and if the systems themselves have a weakness an IT tech on a mission can crack it or share it. Not the most comforting of thoughts and if the technician in question has a thumb-drive (as Snowden is reported to have by Senator Saxby Chambliss of Georgia), then your data could be shared and leaked well beyond the boundaries of your network.

Am I alone in thinking that these revelations could well have profound implications for the future of the Cloud? The 'contracting out' of data storage from your own servers to a third party based in another country could well have become a far more difficult decision for businesses to make.

And if you wish to mitigate some of the damage your email might cause you could always try using encryption yourself.  Here is one suggestion: GNU Privacy Guard for Windows which is free software.  Mind you I cannot guarantee that a low-level tech at the NSA hasn't already cracked it.

Related articles

• NSA Leaks Show Low-Level IT Worker as Secrecy's Weak Link - Bloomberg
• NSA-proof encryption exists. Why doesn't anyone use it?
• NSA leaker: No chance of fair trial
• Encrypting Your Email Works, Says NSA Whistleblower Edward Snowden
• Establishment Assertions that Snowden is a Chinese Spy are "Predictable Smears" (+video)