Tech security expert reveals top 3 security threats for 2015

Share on facebook
Share on twitter
Share on linkedin
Share on email

By Robert JA Basilio

You think you?re smart enough to protect yourself against hackers? Think again.

Or at least consider the opinions of Hugh Thompson, chief security strategist of Blue Coat Systems, a Sunnyvale, California-headquartered security technology company.

On July 22, Thompson and his fellow executives were in Singapore for the RSA Conference 2014 held at the Marina Bay Sands Hotel.

Blue Coat Systems chief security strategist Hugh Thompson
Blue Coat Systems chief security strategist Hugh Thompson

During a lengthy sit-down briefing with reporters from all across Asia, Thompson emphasized that it?s increasingly becoming more complicated for Internet users ? especially those with social media accounts ? to protect themselves and their data online.

?It?s becoming so hard for an intelligent person to make good choices in security,? he said.

However difficult, Internet users can start making smart security choices by checking out the list below:

1.) Rise of attacks against operating systems used by industrial machinery and similar equipment.

The 90s-era film Sneakers, one of the earliest movies that dealt with hacking, involved the retrieval of a ?Black Box.?

Once online, the ?Black Box? could access, alter, and even destroy information stored in any computer ? big and small ? even those running proprietary or closed systems.

The Black Box was deemed so powerful that it could tap into airport flight schedules, access operational data of power plants, and even transfer cash from the United States Federal Reserve.

In the ?90s until today, the Black Box was the stuff of fiction.

But the power it had ? the ability to penetrate any operating system ? may as well be a reality.

?Slowly, connectivity has crept in,? Thompson said. ?A lot of folks have vested interests in going after [facilities] and industrial machinery that were not designed to be connected to a network that an untrusted user can touch.?

Now that?s something to think about next time the city shuts down because a power plant ? controlled by an operating system older than your parents ? has gone offline.

2.) Involuntary sharing of personal information.

Thanks to digitized and searchable public records, anyone can find out virtually anything about anyone — if they have the time, energy, and, of course, patience to do so.

?You can find out so much about a person before can meet them it?s unbelievable,? Thompson said. ?People are now more knowable from a distance than ever have been in the past.?

And he isn?t even talking about data shared on Facebook or LinkedIn yet.

Nowadays, attacks are more advanced socially than technically, he said.

An attacker can log into a social networking platform and using data shared by a target ? say, the sports team he roots for ? ?can be used to craft a targeted email or phone call that it?s impossible to tell between something that?s legitimate and something that?s not,? the Bluecoat exeutive said.

?Tooling is now available to do this at scale and I don?t think the industry has dealt very well with this at this point,? Thompson added.

Maybe it?s about time to think twice about sharing personal information online.

3.) Existence of personal data that shows other people may know more about you than you think they do.

Thompson calls this gateway data, the kind of personal information which indicates other interested parties may know more about you than you think they do.

While these kinds of personal information may not be valuable today, it may become sensitive in the future and/or may lead other people to access more information about you.

Five years ago, the University of Indiana conducted an experiment on several bank customers.

Since they were already used to receiving secure email messages authenticated by referring to the last four digits of their accounts, the researchers reversed it.

Instead of using the last four digits, they used the first four digits of their accounts, which are just the numbers that described their bank.

?[The first four digits] are the same for everyone that has an account,? Thompson said. ?The experiment showed that there was no difference in trust.?

So what do results of the experiment imply?

“That there still is a gap in human knowledge and that a lot of these attacks will continue to happen,? Thompson said.

Facebook Comments

Latest Posts

Archives