According to the Inquirer, the UK Cabinet Office estimates the cost of cyber crime to be around £27bn every year, and this number is increasing as our society moves toward a situation where everyone is permanently reliant on information. Of course, the figures in the USA are much higher. People have become almost entirely dependent on the constant accuracy, availability, and confidential nature of information and communications technology.
Hack attacks, data breach, and cyber crimes in general are becoming more common. In the last couple of years, cyber crime has even hit major companies.
People who engage in cyber crime are most often motivated by the potential to make a lot of money without physically committing a crime. As technology becomes even more pervasive and criminals are targeting organizations with greater force and efficacy, how can we take more effective security precautions?
The Biggest Risk: Uploading Malware
According to Marcin Kleczynski, CEO of internet security software company Malwarebytes, one of the biggest security threats we will face is malware being uploaded to computers without users even clicking on anything. This will be achieved through online advertisements built into sites.
“There are many vulnerabilities out there that are probably being used for things we don’t even know about; let’s take internet explorer (IE) for example. There’s millions of lines of code, thousands of engineers worked on it and none were perfect,” said Kleczynski in an interview with the Inquirer. “The attacker looks for code that isn’t secure and a lot of these vulnerabilities are in apps that consume content, so IE consumes a webpage and shows you the pretty logos. But if a hacker can find the vulnerability and what content will make it ‘choke’, you can then craft that content and an IE page.”
According to the expert, this is a very creative and popular way of delivering malware. The reason it’s so effective is because the user doesn’t understand what’s going on.
“If there’s an advertisement on a webpage and it is being served by DoubleClick or Yahoo for example – companies that serve billions of ads per day – for them to sanitize billions of these ads [is a big job] and a criminal can just keep uploading malware until one leaks through,” he explained.
Limit Physical Access
The first goal in the process of improving security is to control physical access by limiting it to authorized persons. Security will be enhanced if fewer people get physical and administrative access to server systems or sensitive files. Most applications rely on personal ID numbers, passwords, and keys to access restricted information or classified files.
Cards, passwords, keys, and personal identification numbers can be stolen, forgotten, lost, forged, or given away. What is more, these devices serve primarily to identify the person. They cannot establish or verify that the person really is who they say they are.
The information age is changing the way transactions are completed. The future of Internet security is in biometric technology, which will help achieve fast, accurate, and user-friendly authentication.