Creating opportunity
Death, Taxes, and Data Theft – You Can Only Protect Yourself From One
Takara Small | February 9, 2016

Online hacking isn’t new. People have been hacking computers and handheld devices for years—either with aims to improve what exists, or with more nefarious goals like identity theft. Recently, however, it seems like the number of malintended digital attacks have increased not only in frequency — but also in intensity.

Last year, security officials disclosed that hackers stole financial records and fingerprints for millions of federal employees during what is described as one of the biggest government data breaches in history. Meanwhile, on the other side, consumers have seen more and more breaches for everyday gadgets ranging from baby toys to smartphones.

So, what can consumers and businesses do in response?

“There are a lot of things [they] can do to protect their security,” says William Budington (@legind), a software engineer at the Electronic Frontier Foundation (EFF).

“Using encryption is a big part of that — well vetted end-to-end encryption systems ensure that even if there is a data breach of your provider, the contents of your communications are protected.”

Budington’s advice couldn’t come at a better time. Last year, the U.S. saw a near-record number of data breaches, according to the Identity Theft Resource Center, a national nonprofit that identifies and tracks U.S. data attacks. Additionally, there were 338 incidents that involved Social Security Numbers, which affected 164.4 million records.

Not surprisingly, in the same report the organization described current-day data theft as a “third certainty in life” (after death and taxes).

The good news is that these days encryption software is much more affordable and can be purchased electronically or in-person from a variety of providers. According to EFF, some free alternatives include software by Pretty Good Privacy and Secure CRT.

Although data theft disrupts the lives of both consumers and businesses, it has helped boost the bottom line for the already lucrative cybersecurity industry. Cybersecurity startup Pindrop is one company that is benefitting from an increased interest in combating identity threats. Their unique software fights fraud by using a voice technology system called phone printing.

“Think of it as a fingerprint, but it gives a unique acoustic signature to each and every phone number in the world,” says Ken Shuman (@sanphrancisco), head of the company’s global communications department. The company’s decision to build the software can be traced back to today’s simplistic identification methods employed by many companies around the world. Most firms, Shuman explains, ask basic questions concerning maiden names and credit card account numbers that are easy for scammers to find online.

Hackers are creating a “book of information” from multiple data breaches involving millions of accounts from different companies, such as Ashley Madison and Home Depot, he says. “There are people who are collecting all of this information and then they start to piece it all together and build full profiles on people. It gives them a pretty robust book of black market information,” says Shuman.

Meanwhile, our increasingly connected lives may be opening up more opportunities for attacks. “The more interconnected our systems become, the more vectors for exploitation there are,” says Budington. “This is why some software projects and pieces of Internet infrastructure dealing with security are often adopting Air gaps [some type of separation between networks], or completely disconnected systems into their systems layout.”

To the casual observer, it may seem like there are more data breaches than ever before, but it’s not all bad news. “What we have seen is an increased security awareness from the news media and the general public,” he adds. “People are more aware of practical ways to secure their accounts, and are beginning to take measures to protect their data and media outlets are finding the stories about data breaches more salient, bringing it to the spotlight when they happen.”

The most important thing for consumers and businesses to remember, says Budington, is to enable two-factor authentication and start using password management software, which allows users to only have to remember one password. “This overcomes the most-cited nightmare of users — having to remember a plethora of passwords — while improving their security.”