The massive data breaches of 2014 left many Americans aghast about the importance of cybersecurity and the difference it can make in millions of lives. Whether it is the data breach of a major retailer, leaving consumers’ personal and financial information vulnerable to thieves, or the hacking of an entire movie studio, resulting in the cancellation of an upcoming movie, cybersecurity plays an importanct role in our advancement as a society. However, many misconceptions have been thrown around in recent months as we all struggle to learn just what it all means.
This year, in an effort to help followers of the 21st century’s technological revolution, The Daily Dot offered some tips to help you with your New Year’s resolution to learn the difference between cybersecurity fact and fiction:
- Taking down a site is not the same as hacking a site
Believe it or not, taking down a site or the site’s server does not require near as much as time and skill as actually infiltrating a site’s host. “Hacking” a website, in the traditional sense, means to actually gain access to a site’s information system. In order to take down a site, one must only have a DDoS, or a distributed denial of service, which can be done easily by overloading the site’s server.
In order to perform a DDoS attack, numerous networks of computers must flood a site’s server with data packets to overwhelm the target with more data than the site is designed to handle. Many attacks, such as recent DDoS attacks on PlayStation and Xbox servers, are carried out by black market businesses for money. However, the difference between taking down a site and actually raiding its database are as different as night and day.
- Hacked social media accounts do not equate to hacked computer systems
While having a Facebook or Twitter account hijacked by unknown persons can be frightening and inconvenient for those affected, it merely means that a password was compromised, not that an entire computer system was hacked.
An example of this happening occurred earlier this week to CENTCOM, better known as the Center Command of the Pentagon. Hackers claiming to be along the lines of ISIS took control of CENTCOM’s Twitter and YouTube accounts. Although the disruption caused shockwaves when it was reported on various news outlets, the ruse was a far cry from an actual attack on CENTCOM. However, the hijacking does bring to light the importance of using a password manager and ensuring your password is unique and difficult to crack.
- High-tech software and expertise are not the cornerstones of hacking
While at times it may seem as though technological wizardry is to blame for perpetrators gaining access to your personal accounts, sometimes it only takes a few minutes of research for hackers to make simple assumptions that may result in an infiltrated account.
Do you ever consider the importance of security questions, like those used for the “Forget Password” feature? By answering a simple question about your mother’s maiden name, your high school mascot, or even favorite pet, hackers can gain access to your personal accounts. Needless to say, the feature is incredibly important for anyone with a streak of forgetfulness; however, take into consideration if a few quick Google searches could leave you susceptible to cyber criminals.
Celebrities have it even worse than us in that regard. With all the information about them available online, in magazines and TV interviews, what question could be so personal that only they would know it? It doesn’t take a computer genius to tell you where Britney Spears went to elementary school.
- Hacks against the U.S. are performed in far more countries than China
For whatever reason, China seems to take the blame in the news for cyberespionage against the U.S, but did you know that they are only responsible for 0.5 percent of hacks directed at the U.S. or U.S. companies? Believe it or not, countries in Eastern Europe are the most common location for perpetrators of real hacks against our nation. Russia is responsible for hosting a whopping 8 percent of all hacks against the U.S., while countries like Taiwan represent 3 percent and Germany and the Ukraine represent 2.6 percent and 1.8 percent, respectively.
- Data breaches are not required by law to be publicly disclosed
Many people follow the misconception that if there was a data breach affecting them, they would know about it, but not all companies are eager to reveal they’ve been a victim of a cybercrime.
According to a presentation shown during last year’s Blackhat Convention, a cybersecurity industry convention, smaller companies that can be easily hacked cannot afford to reveal their systems have been breached. In order to save face and valuable profits, they may simply sweep the incident under the rug and continue with business as usual.
“The math does not add up between public disclosure and what is actually going on,” Stephen Boyer, cofounder of Bitsight, told Forbes magazine. “We know that the problem is much worse than is communicated by breach disclosure.”
Learn more about fact and fiction surrounding cybersecurity, hacking and data breaches at The Daily Dot article, “The 7 Biggest Lies You’ve Been Told About Hacking.”
The Daily Dot