Close X
Friday, November 22, 2024
ADVT 
Tech

Passwords Often A 'Weak Point' For Consumers In Cyber Security

Darpan News Desk The Canadian Press, 29 Jun, 2016 11:15 AM
    TORONTO — This month, the University of Calgary paid $20,000 to regain access to its email system after a so-called ransomware cyber-attack.
     
    A year ago, Ashley Madison, a website that facilitates extra-marital affairs, lost customers' personal information to hackers, who have also recently accessed personal information held by online retailer eBay, Sony and LinkedIn, among others.
     
    Cyber-security experts say businesses of all sizes can be vulnerable to attacks and hackers can manoeuvre their way into any site if the proper controls aren't in place to detect their snooping.
     
    But as cyber-attacks increase in frequency, there are measures consumers can take to protect the information they hand over to companies online.
     
    "Cyber-risk is becoming a huge business problem," said Rocco Galletto, leader of managed security services at Deloitte Canada from the company's Toronto Cyber Intelligence Centre, which helps clients thwart and respond to cyber attacks.
     
    The centre responds to about 1,000 cases annually, he said, though each one isn't necessarily a full-fledged attack, but could be a lower-priority vulnerability being exposed.
     
    "Consumers are concerned. Organizations are concerned," he said.
     
     
    BlackBerry, the Canadian mobile and software company, also entered the cyber-security service business this year, citing a burgeoning industry expected to grow to $23 billion a year by 2019.
     
    There's strong financial incentive for companies to protect their sites from cyber-attacks. An attack can cost an organization heavily in investigative expenses and other response and aftermath costs, as well as lost business opportunities after its reputation takes a negative hit, according to IBM's annual global data breach costs study published this month.
     
    The average cost of a data breach is US$4 million, according to the study. The Ponemon Institute sampled 383 corporations in a dozen countries, including Canada, for the study.
     
    In Canada, the average cost of a data breach is $6.03 million, according to the Canada-specific study in which 24 local companies participated.
     
     
    Hackers constantly scan websites on the Internet, said Rob Moerman, senior manager of the Cyber Intelligence Centre's operations.
     
    "The bad guys are always looking for vulnerable targets out there, jut like burglars cruise a neighbourhood and look for open windows and doors," he said.
     
    In its latest quarterly threats report released this month, McAfee Labs said its products detected malicious or suspicious activity 49.9 billion times a day. That's up 2.4 billion from the previous quarter.
     
    When a hacker finds a vulnerable website, they can expose that crack within minutes to retrieve information like user names, passwords and credit card information, Moerman said.
     
    Just some of that information can lead a determined hacker to more critical data, like a person's online banking or email password, he said.
     
    "You can go down this rabbit hole where one weak link in that entire process can mean that your entire identity is compromised and all of your information is for sale on the Internet," he said.
     
    Credit card numbers, for example, can sell on the black market for as little as $1 per card to as much as $25, he said, depending on how fresh the information is, the limit on the account and the bank it's associated with.
     
    People who rely on the same user name and password combination for all of their online accounts can be especially vulnerable when their information is part of a data breach.
     
    "Whether it's banking, whether I'm shopping online, am I using the same password for both of those accounts?" he said. "That's where it becomes a weak point."
     
    Moerman recommends using complex passwords, changing them frequently and not using the same password each time. He admits this is easier said than done, but suggests password management tools can help people remember all their unique passwords.
     
     
    Consumers should also always question whether the organization asking for their personal information actually needs it, said Galletto.
     
    For example, he says he's comfortable filing his income tax return online with his social insurance number, but would avoid sharing it with other online organizations.
     
    "The message is not necessarily that people should be afraid to give their personal information. Just, you know, do it wisely and be selective around the choices," said Galletto.

    MORE Tech ARTICLES

    After Fire Flop, Amazon Unveils Phones With Its Apps, Ads

    After Fire Flop, Amazon Unveils Phones With Its Apps, Ads
    NEW YORK — Amazon is back in the phone business — sort of.

    After Fire Flop, Amazon Unveils Phones With Its Apps, Ads

    Microsoft Readies Windows 10 Update, Answers Critics

    Microsoft Readies Windows 10 Update, Answers Critics
    SAN FRANCISCO — Microsoft has a birthday present for Windows 10 users: more capabilities for its Cortana digital assistant and new ways to ditch passwords.

    Microsoft Readies Windows 10 Update, Answers Critics

    Is Facebook Stalking You To Suggest New Friends?

    Is Facebook Stalking You To Suggest New Friends?
    The accuracy that this feature shows has surprised as well as disturbed Facebook users for some time now. 

    Is Facebook Stalking You To Suggest New Friends?

    Toronto's MintChip Launches Digital Cash App As It Prepares For Shift To Cashless Society

    Toronto's MintChip Launches Digital Cash App As It Prepares For Shift To Cashless Society
    All Canadians are now able to download and use the MintChip app to send and receive digital cash between family and friends for free.

    Toronto's MintChip Launches Digital Cash App As It Prepares For Shift To Cashless Society

    Indian-Origin MIT Researcher Develops Phone-based Eye-Tracking System

    Indian-Origin MIT Researcher Develops Phone-based Eye-Tracking System
    In addition to making existing applications of eye-tracking technology more accessible, the system could enable new computer interfaces or help detect signs of incipient neurological disease or mental illness.

    Indian-Origin MIT Researcher Develops Phone-based Eye-Tracking System

    Microsoft Acquires US-based Messaging App Start-Up Founded By An Indian

    Microsoft Acquires US-based Messaging App Start-Up Founded By An Indian
    Wand Labs, which builds messaging technology for apps, was brought to life by an IIT-Delhi alumnus Vishal Sharma in 2013. 

    Microsoft Acquires US-based Messaging App Start-Up Founded By An Indian

    PrevNext