Cybersafety Part 11: Back door threat actors trump even the strongest security

From the stealing of an important government official’s email account to some random person in cyberspace controlling your baby web cam, it is well understood amongst ICT security circles that almost every significant hack begins with exploiting a weakness on an end-point device.

Despite billions of dollars being spent globally on counter-cyber hacking measures, the strength of any chain of cyber security measures is only as strong as its weakest link, and there is usually no weaker link than the end user, and how they manage their digital device.

Major weaknesses on end-point devices include:

1. Weak passwords and easily guessed passwords. Worse still, using the same credentials across multiple devices.

2. Not keeping the anti-virus software up to date on all home and work network devices (i.e., not just computers, but also security cameras, baby web cams and network printers!).

3. Responding to emails that look legitimate and official, such as from your bank or the ATO, but which direct you to fake websites which ask you to enter your login and password.

4. Visiting pirate software/movies/music or unsecured (ie no HTTPS) websites, which have been infected with malware.

Threat Actors (ie hackers) use malware (malicious software) on infected computers to ‘scrape’ personal data, which they hope to use to gain access to a home, corporation or government network. Once inside the network, they may typically take several months (called ‘living off the land’) surreptitiously snooping around for valuable information, which they can sell on the Dark Web, or use to steal money out of credit card accounts, or use to steal Intellectual Property or other trade secrets in order to gain a competitive advantage.

So please be alert against being the weakest link in the cyber security chain when it comes to sensitive or personally identifiable data.