Growing Security Threats – It Is About ACCESS and TRUST

Implications: It used to be that you had to watch what you threw out in your trash. Remember those days when you had to tear up and shred any hint of your name on papers that you were throwing out, and tearing up old receipts that had your name on them? Remember the early days of email when AOL and other email services told us not to use your name as part of your email address in order to keep personal information out of the hands of bad guys? The need to be online for personal reasons like shopping or applying for a job and the need to be online for business reasons like myself, has now given the bad guys what they have always wanted - ACCESS.

Analysis:

Protecting personal information has always been a concern for individuals. The old saying is that “we keep our friends closer but we keep our enemies closer” in order to keep an eye on them. This is a really cool sounding saying but the reality is that most people try to keep away from bad guys. We teach our children not to talk to strangers. We teach our children not to speak to adults they do not know. We take these lessons with us into adulthood, which results in a general attitude of limiting our exposure to bad people.

The Internet has increased people’s exposure to the bad people. The Internet is the fabric by which the criminals and pedophiles are looking to exploit us. However, it is through the wireless handsets, desktop computers, laptop computers, plain old telephone, and carefully crafted scams by which criminals and pedophiles seek to speak to us.

The attacks on people’s privacy and personal safety are not that sophisticated. Most people want to give people the benefit of the doubt. Most people look for human contact. Most people want to trust other people. Then there are the people who are looking to make a fast buck; of course illegally. It is all of this that the bad guy seeks to exploit. The technology has become another tool for these bad people.

The Internet has made it easier for the bad guys to find their victims. Unfortunately, unlike the older and less electronic mediums, the Internet has been able to create an atmosphere of trust. The Internet has facilitated electronic social networking; people are very willing to put their bios up on MySpace or Facebook. The result is a dissemination of personal information and increase of personal ACCESS.

Security threats can be broken down into the following broad categories:

    -  Consumer access – resulting in a loss of personal information; aka identity theft via some kind of consumer action, possibly through a retail website or even an email.

    -  Network access – resulting in fraudulent network access; carriers and corporations are the immediate targets with the individual being the ultimate victim.

The Internet is not entirely to blame. There are still the old tried and true methods of credit card thefts, telephone scams, and digging through trash for personal information – yes it still happens. In these cases, the victim discovers their personal information is being used on the Internet to steal their identity.

The bottom line is that this new electronic age is affording the criminal more opportunities to steal or in the case of pedophiles, hurt our children. The world has not gone insane there are just more opportunities for the nuts and bad guys to victimize us. The suggestion to any users of the Internet, wireless devices, credit cards, and computers, don’t trust anyone with any sensitive data. Don’t turn on your laptop in the airplane. Assume someone is watching. Do I sound paranoid? Nope, I sound like I live in the real world.

For those readers old enough to have used calling cards for business calls, when there were payphone everywhere you turned and cell phones were the size of a brick, remember there would be people standing across from you looking at how you punched in your card number? Yes, people were skilled enough to see how you were moving your hand across a pay telephone keypad to determine what your calling card number was. Business people had to learn how to cover the key pad with one hand and punch in the telephone number with the other hand. Oh we had to hold the receiver to our ear with the help of our shoulder. Just because the average business person uses the cell phone today does not mean there are not people out there trying to pull your cell phone information across the air interface (of course this was much easier to do when things were analog).

Corporations often tell their employees not to leave any sensitive on the corporate laptop because the companies are afraid that someone will steal the laptop. Yes even in this day and age, the companies are concerned about the physical theft of property. I used to lock down my laptop to my desk with a stylish but strong cable.

Use spyware, anti-virus programs, take security messages seriously, don’t answer emails from people you don’t know, don’t publicly talk about personal information on a cell phone call, and most importantly check people’s references before you decide to deal with them. Just because they sound pleasant in the chat room or on the email does not mean they are people to trust.

With the growing market of online video sharing in the wired and wireless world, we will see an exponential increase of identity theft. It used to be your name, address, telephone number and sometimes the social security number as well would be enough to steal someone’s identity. Now imagine a thief figuring out how to add your picture to what they are stealing? How many people have passports with photos that don’t look like them at all? The answer is a lot and probably enough for a thief to put someone else’s picture on your passport but they will have the right hair color and ethnicity. The thieves won’t need to exactly match you just match you closely enough to commit the crime once.

Security threats are about “gaining someone’s trust and then taking advantage of that trust”. The proliferation of electronic devices will not eliminate security threats just simply create more security threat opportunities.

Scary.