Close X
Tuesday, November 26, 2024
ADVT 
Tech

Passwords Often A 'Weak Point' For Consumers In Cyber Security

Darpan News Desk The Canadian Press, 29 Jun, 2016 11:15 AM
    TORONTO — This month, the University of Calgary paid $20,000 to regain access to its email system after a so-called ransomware cyber-attack.
     
    A year ago, Ashley Madison, a website that facilitates extra-marital affairs, lost customers' personal information to hackers, who have also recently accessed personal information held by online retailer eBay, Sony and LinkedIn, among others.
     
    Cyber-security experts say businesses of all sizes can be vulnerable to attacks and hackers can manoeuvre their way into any site if the proper controls aren't in place to detect their snooping.
     
    But as cyber-attacks increase in frequency, there are measures consumers can take to protect the information they hand over to companies online.
     
    "Cyber-risk is becoming a huge business problem," said Rocco Galletto, leader of managed security services at Deloitte Canada from the company's Toronto Cyber Intelligence Centre, which helps clients thwart and respond to cyber attacks.
     
    The centre responds to about 1,000 cases annually, he said, though each one isn't necessarily a full-fledged attack, but could be a lower-priority vulnerability being exposed.
     
    "Consumers are concerned. Organizations are concerned," he said.
     
     
    BlackBerry, the Canadian mobile and software company, also entered the cyber-security service business this year, citing a burgeoning industry expected to grow to $23 billion a year by 2019.
     
    There's strong financial incentive for companies to protect their sites from cyber-attacks. An attack can cost an organization heavily in investigative expenses and other response and aftermath costs, as well as lost business opportunities after its reputation takes a negative hit, according to IBM's annual global data breach costs study published this month.
     
    The average cost of a data breach is US$4 million, according to the study. The Ponemon Institute sampled 383 corporations in a dozen countries, including Canada, for the study.
     
    In Canada, the average cost of a data breach is $6.03 million, according to the Canada-specific study in which 24 local companies participated.
     
     
    Hackers constantly scan websites on the Internet, said Rob Moerman, senior manager of the Cyber Intelligence Centre's operations.
     
    "The bad guys are always looking for vulnerable targets out there, jut like burglars cruise a neighbourhood and look for open windows and doors," he said.
     
    In its latest quarterly threats report released this month, McAfee Labs said its products detected malicious or suspicious activity 49.9 billion times a day. That's up 2.4 billion from the previous quarter.
     
    When a hacker finds a vulnerable website, they can expose that crack within minutes to retrieve information like user names, passwords and credit card information, Moerman said.
     
    Just some of that information can lead a determined hacker to more critical data, like a person's online banking or email password, he said.
     
    "You can go down this rabbit hole where one weak link in that entire process can mean that your entire identity is compromised and all of your information is for sale on the Internet," he said.
     
    Credit card numbers, for example, can sell on the black market for as little as $1 per card to as much as $25, he said, depending on how fresh the information is, the limit on the account and the bank it's associated with.
     
    People who rely on the same user name and password combination for all of their online accounts can be especially vulnerable when their information is part of a data breach.
     
    "Whether it's banking, whether I'm shopping online, am I using the same password for both of those accounts?" he said. "That's where it becomes a weak point."
     
    Moerman recommends using complex passwords, changing them frequently and not using the same password each time. He admits this is easier said than done, but suggests password management tools can help people remember all their unique passwords.
     
     
    Consumers should also always question whether the organization asking for their personal information actually needs it, said Galletto.
     
    For example, he says he's comfortable filing his income tax return online with his social insurance number, but would avoid sharing it with other online organizations.
     
    "The message is not necessarily that people should be afraid to give their personal information. Just, you know, do it wisely and be selective around the choices," said Galletto.

    MORE Tech ARTICLES

    Googling Yourself Now Leads To Personal Privacy Controls

    Googling Yourself Now Leads To Personal Privacy Controls
    Now all you need to do is Google yourself if you're wondering how deeply Google has been digging into your digital life.

    Googling Yourself Now Leads To Personal Privacy Controls

    Microsoft Seeks To Empower Every Indian: Satya Nadella

    Microsoft's focus on India is to empower every citizen and organisation so that they can perform better than their potential and achieve more for themselves and the country, the US giant's chief executive Satya Nadella said here on Monday.

    Microsoft Seeks To Empower Every Indian: Satya Nadella

    Sentence In Assault Case Cut By A Day To Avoid Immigration Trouble: Appeal Court

    Sentence In Assault Case Cut By A Day To Avoid Immigration Trouble: Appeal Court
      Court documents show Nigel Frater pleaded guilty last year to assault and two counts of breach of probation and was sentenced to six months in jail, which he had already served while awaiting trial.

    Sentence In Assault Case Cut By A Day To Avoid Immigration Trouble: Appeal Court

    Coming Soon To Twitter: More Room To Tweet

    The social media service said Tuesday that in coming months, photos, videos and other media won't count toward Twitter's 140-character limit.

    Coming Soon To Twitter: More Room To Tweet

    Apps are future of TV: Apple Boss Tim Cook

    Apps are future of TV: Apple Boss Tim Cook
    Cook was speaking at a meeting of tech and other startups in Amsterdam, two months after Apple announced software enhancements for its TV system, Apple TV, and knocked $50 off the price of its smart watch.

    Apps are future of TV: Apple Boss Tim Cook

    LinkedIn Confirms 2012 Hack Exposed 117 Million User Passwords

    LinkedIn Confirms 2012 Hack Exposed 117 Million User Passwords
    NEW YORK — LinkedIn said Wednesday that a 2012 breach resulted in more than 100 million of its users' passwords being compromised — vastly more than previously thought.

    LinkedIn Confirms 2012 Hack Exposed 117 Million User Passwords