Living in the computer age has made life easier in many respects, but it's also made it a lot more dangerous — and you don't have to look far for proof. Stories about identity theft, stolen private nude pictures of celebrities and the hack that compromised 56 million Home Depot credit cards dominate the news and rattle nerves as cybercriminals target individuals, corporations and governments.
With identities, banks and national security at risk, we face bigger threats today from the keyboard than from nuclear weapons. That's the unnerving message "Rise of the Hackers" sends as it presents scary scenarios of code-breaking crime. But as the PBS "Nova" special, which airs on Sept. 24, also portrays, scientists and experts are trying to stay one step ahead of the hackers and protect data by making computers faster and codes more unbreakable.
"As part of 'Nova's' mission to cover important developments in science and technology, we felt it was imperative for us to take this on, looking at the vulnerabilities of our current computer systems and what we can do to protect ourselves and our privacy," said Paula S. Apsell, the series' senior executive producer. "We want our viewers and visitors online to gain a better understanding of just how vulnerable we are to hacking. We cannot assume that what we do online is private and protected. Experts are working on better techniques to secure the system, but in many ways, it is humans who are the weak link. We would never presume to tell people what to do, but we hope by this show to make them more aware of the very significant problem that affects us all."
Sean Paul McGurk, vice president for business development and critical infrastructure protection at cyber-security firm Centripetal Networks, Inc., and featured in the program, analyzed the situation. To stop the threat, "We need to better understand the threat and the threat actors. Then we will be in a better place to address what actors are doing and how they are doing it. The challenge is, in many cases, these are not highly sophisticated threats. Most of the time it is something simple that is overlooked in a configuration or a flaw in the software that can be exploited. The main point we see in Advanced Persistent Threats (APT) is not the 'A' but the 'P'."
Another threat, added McGurk, is that "the attitude of many companies and government agencies that what they did yesterday will work for them today or tomorrow. Persistent threats require persistent protection. You cannot expect to operate your networks with the same technology in the future as the threats evolve. Perimeter defense is part of the solution but not a silver bullet. You need to view the network environment as hostile and everything in it from your laptop or mobile device to the servers as a potential source of compromise. The second challenge we have is the distributed nature of the threats," he continues, explaining that cybercriminals only need a 'bot-net,' not a massive infrastructure, to do major harm.
So what can the individual to do under the circumstances? Ask yourself "[h]ow much information do I make public? And how convenient do I want it to be to access the information?" McGurk said. "Many have stated publicly that if you don't want nude photos to be compromised, don't take them. That may very well be true, but the underlying issue is how safe is your personal data and where do you store it? This applies to retail outlets as well. It may not be convenient to shop in today's environment with cash. However, if you want to minimize the risk, minimize your exposure. Also change passwords early and often. Many people reuse them on multiple sites so once it is compromised the malicious actor has access to a great deal of data. Use basic blocking and firewall practices both at work and at home. Simple things can have a great effect."
As banking and shopping online, "I would not suggest that you stop transacting business with your preferred providers unless of course they are not taking the basic security precautions on their websites. One way to limit the impact is to limit your exposure. If you do want to shop online because it is more convenient or because you have limited choices, then ask your credit card provider to send you a card with a small limit," said McGurk. "That way if it is compromised you limit the risk and the impact. Also be careful about using your debit card. If it is tied to your main account then if it becomes compromised you could lose your entire savings."
But it's not all doomsday scenarios, says McGurk with cautious optimism. "I view the cyber domain as the new frontier. There will be endless opportunities and endless numbers of people trying to take advantage of it for good or evil. I am sure that when steam transport was first introduced, there were a number of sail makers and blacksmiths who not only thought it would never catch on, but probably thought it was dangerous," he pointed out, "The cyber-earth is round and we are all sailing in to unchartered waters. Enjoy the opportunity. Security is a journey, not a destination."
Related on MNN: