I admit I make you sometimes uneasy (the word is frequently weak) and provide with solutions (or ways to them).
Should you believe me?
I’d like to 😉
Nothing prevents you for verifying. Ask Google for reports or alerts each time something happens in Information Security… as I do for more than one year now. I find there ideas for articles and… solutions. You can also read specialized magazines (frequently only accessible by ‘experts’).
Today, In invite you to watch TV.
You know the American cops series: CSI, NCIS, Criminal Minds, etc. They are very instructive to imagining crimes and offenses, to watching how experts find us back and how we can escape them.
A new ‘branch’ is open and is currently broadcasted on Belgian television (RTL-TVI, that is often first to show): CSI: Cyber. The 2nd season is already on in the United States.
You find short stories (45 minutes) on crimes and offenses committed thanks to, or with information technology (computers and smartphones).
Everything seems to come up: Internet of Things, Big Data, Viruses, hackers, etc.
If you remember “The NET” with Sandra Bullock (1995), there was already time to worry. Here, it becomes scarring.
- hacking and using pictures taken by the (interconnected, as per current need) babyphone to kidnap and sell a baby ‘on-line’,
- forging free taxi accounts (type ‘Uber’) to kidnap and kill users, just for revenge,
- hacking a smartphone to incriminate an innocent for a murder,
- using a mobile phone to trigger a bomb.
These are only a few examples from the first shown episodes.
Sadly, these are short and quite fast stories. You see what can happen, they give some protection advice (“you all have strong passwords you regularly change, don’t you?”) but this remains too superficial with regards to the action.
You see how experts search and find criminals, rebuild destroyed files, introduce ‘tracking code’ or recognize malware code in programs and applications.
I must recognize, through professional and technical expertise, that these scenarios are real, realistic and realizable. So easy to be launched by ‘script kiddies’ (these young hackers who do that ‘to become famous’) and the ‘nerds’ (the ‘pros’).
It isn’t, however, easy for everyone. But we are all potential targets.
- we are still not sufficiently aware,
- we do not protect ourselves (“I’m not interesting enough”),
- we have no competence to protecting us.
And besides the isolates bad guys, you have the organized (criminal) groups and rogue States (and Agencies).
Our technological world – where “we don’t exist if we aren’t connected” – forces us to have our computer open to the Internet permanently, a smartphone permanently connected to all networks, wear permanently connected objects (watches, camescopes, intrusion detectors, etc.) in which hackers can enter ‘as if they were home’.
It’s forbidden: private property and privacy are protected by our Constitutions. “They” don’t want to respect the law. “They” live ‘outside’ the system.
As long we don’t try to think like the ‘bad guys’ to know what they are looking for and how they build up their strategy to achieve their objectives ‘at the least cost and risk’ we’ll remain exposed.
As long as we’ll limit ourselves to study their tactics, methods and tools we’ll remain two (or three) wars behind them.
Watch & Learn.
Question your local cops, your computer specialist, your politicians (local and national) and ask them: what can we do and what do you do to make our technological world safer?
Harass and pest them. You’ll probably achieve some results.
See you soon, safer with your information