Spying Russians and criminals stealing identities have been news headlines for as long as I can remember, way before the Internet or cyber security existed.
But what’s new here, as the details of the methodology behind the Yahoo breach starts to come out, is just how big a haul just four people were able to reel in. It was one of the largest breaches in US history, orchestrated by only a handful of people.
Imagine how many people would have to have been employed to gather personal information about half a billion people using pre-internet methods.
The issue here is that each day we become more and more connected. And the more connected we become, the more likely our information will be leaked or stolen. While individual consumers often don’t have much control over how well protected their data is, we can all decrease the value of stolen data by following some basic operational security steps:
- Never reuse passwords. Get a password manager and use it.
- Familiarise yourself with the telltale signs of phishing emails. Be on guard, even when the email appears to come from someone you know.
- Find out if your email service provider is using state of the art technology to identify and block email borne threats. If they aren’t, change providers.
- Carefully consider whether you really need to identify yourself to the service provider requesting information about you.
As long as these huge troves of personal information exist and remain high in value, attackers will try to find them. Understanding exactly how criminals use stolen information will help you to not only reduce the value of your information to attackers, but reduce cyber criminals’ return on investment when they carry out these types of attacks.