One of the increasing kinds of cyberattacks that affect everyday people are cloud breaches, in which personal information and files are accessed by outside parties. The goal of these attacks can be as nefarious as theft or identity theft, blackmail, or simply harvesting basic personal information. These attacks are often performed by people on their own personal computers for their own gain, but increasingly cyber-attacks are being performed by governments and government agencies. Controversial examples include countries violating protected information to steal copyrighted information and technology or strategic data. Just as dangerous and unethical is the undermining of country’s ICT networks and infrastructure using malware and cyberattacks. Although we often imagine cyberattacks as highly-advanced and formidable hackers undermining well-protected systems in an ever increasing arms-war, the vast majority of cyberattacks occur against vulnerable targets and aren’t necessarily especially skilled or technical. In most instances of cyberattacks, some degree of social engineering such as cold-calling, scam emails or phishing target vulnerable communities. Often, cyberattacks are prefaced by obviously scammy language or even typos, as these types of emails self-select for less-educated or vulnerable people who do not have good protocols or knowledge surrounding cyber-security. If an elderly an isolated person does not think to delete an email from the prince of Nigeria, then they probably won’t think to just turn off their computer manually after granting remote access to a scammer. Some scams are more sophisticated, however, so everyone should be vigilant.
More broadly, greater security threats are presented to institutions, companies and governments with the use of specific programs such as ransomware. As individuals and companies move to work-from-home arrangements, it is especially important for individuals to be aware of risks of using non-work devices and networks for sensitive information. Some bodies, such as the public service, require the use of remote-work programs such as Citrix and authenticators that provide a similar degree of security as normal. It is likely that the work of compliance in cyber-security will be assessing and validating new work-from-home arrangements or software rather than on-site technology and hardware. Similarly, increased automation will mean that cybersecurity professionals will have to build more resilient systems.
A threat that faces many more experienced internet-users is the risk of open-source software and tools. This could include computer game modding communities, software and downloads on communities such as Discord
You must log in to post a comment.