Active Stocks
Fri Jul 19 2024 15:43:47
  1. Tata Steel share price
  2. 157.75 -5.17%
  1. NTPC share price
  2. 364.50 -3.51%
  1. Infosys share price
  2. 1,792.85 1.92%
  1. Power Grid Corporation Of India share price
  2. 332.20 -2.58%
  1. ITC share price
  2. 474.30 0.89%
Business News/ Opinion / Is your digital life on sale?
BackBack

Is your digital life on sale?

With more and more businesses adapting to the digital age, the opportunity for security lapses tends to increase

Shyamal Banerjee/MintPremium
Shyamal Banerjee/Mint

Our digital existence revolves around simple words of five to eight characters which give us access to everything. From social circles to bank accounts; communication to job opportunities, all this information resides in our personal devices or on cloud. The convenience offered by technology has made lives simpler but has it also made it safer? In this day and age, we cannot ignore any fraud risks which may be breeding in the ecosystem.

As internet users, we should take cognizance of the fact that an individual’s digital life is their own responsibility. With some safeguards in place, they can minimise sensitive or confidential information being lost to cyber criminals. In fact, researchers have discovered that details of over 117 million accounts were being sold on the internet recently, affecting up to 167 million customers.

A few years back, it was reported that a well-known professional networking site was hacked by cyber criminals and passwords of nearly 6.5 million users were stolen. Apparently, the site did not collect credit card or other financial information of its members. Post the incident, the data was initially said to have been offered on the dark web (part of the internet not indexed by search engine, including peer-to-peer network used by hackers to exchange information) for five bitcoins, which was approximately $2,200, leading to become one of the biggest known security breaches of all times. More recently, news reports stated that Mark Zuckerberg’s social media accounts were hacked and cyber criminals even posted his ‘password’ on one of the platforms. While we cannot say for sure, it is possible that like many of us, Zuckerberg too, was using the same email and password for multiple social accounts. This would mean that if one gets impacted, all others would get compromised in succession. Re-using passwords is a known standard human error, which the average, hard-pressed web user resorts. This is when they are faced with yet another sign-up page and are supposed to use another complex password.

In a similar incident, the account of another social website held by the chief executive officer of a global technology giant was compromised. This serves as a reminder that anyone and everyone is susceptible to cyber vulnerabilities.

The practical question to ask here is ‘when’ the website will be hacked, rather than ‘whether’ it will be hacked. Close analysis conducted through data from hacked websites shows that many users have been following the ‘bad password’ habit for a while now. A user might be unaware but there are hundreds of websites where sensitive information could have been stored, which may have been actually hacked in the past. In such a case, passwords, emails and other confidential data will be readily available for cybercriminals to exploit.

So where does this leave a layman in front of trained cyber criminals? With more and more businesses adapting to the digital age, the opportunity for security lapses tends to increase. For example, companies are not mandated by law to disclose incidents related to hacking or cybercrime. This makes it risky for the general public at large, as they will not be aware of any security breaches in commonly used websites. The danger here could have a far wider impact on users who tend to re-use the same password across multiple emails accounts and social networking sites.

Operation hacking

You may wonder why profit-motivated hackers were interested in stealing data from websites. Another question to ponder over is what type of data they would be most interested in.

Consider this, your entire digital data might be at risk today. As soon as a popular website is hacked, cyber criminals obtain passwords of all users. Then, they start using them on other known websites to identify which username and password is usable. After that, they tag various websites into categories that are mapped to specific fraud schemes. These include email accounts for spamming, phishing and stealing data; cloud services passwords to hack personal computers or mobile phones or tablets; and online accounts to steal credit card data. Needless to say, bank accounts would be the hackers’ top priority.

Cyber criminals also conduct extensive research using automated crawlers, to identify a person’s background to prioritise their efforts. For example, if a person has 1 million followers or is part of the ‘C-suite’ (senior-most executives) in a large organisation, then it automatically jumps up in the chain of priority. Subsequently, advance schemes are devised by hackers to defraud individuals who are caught unaware. Security analysts’ reports say that more than half of all cyber hacks are targeted toward stealing passwords.

How to create a safety wall against cyber criminals

Avoid using the same password on multiple sites or devices

Use complex passwords with minimum 8-10 characters, combination of upper and lower case letters, numbers and special characters

Use password management softwares such as Roboform or Truekey. Even with these, you have to make sure that the master password is strong, with a two factor authentication

Avoid storing passwords in browsers

Look out for important email communication from websites about any hack, especially with a message to change your passwords. In such a case, act immediately

Change passwords of sensitive websites on a regular basis; ideally every 45 days

It is prudent to revamp your digital existence at least twice a year to keep your information safe, without being a stressful exercise.

Amit Jaju, executive director, fraud investigation & dispute services, EY India

3.6 Crore Indians visited in a single day choosing us as India's undisputed platform for General Election Results. Explore the latest updates here!

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Published: 24 Aug 2016, 06:40 PM IST
Next Story footLogo
Recommended For You