Watching the cyber threat evolve over the last few decades has made it clear to many researchers and cyber analysts: we are all targets. As individuals we need to do what we can to minimize the threats to our personal information. Corporate leaders should do what they can to educate employees on these personal threats. We need to do this for two main reasons: 1.) Because you care about yourself and family and for your employees and want to make them cyber-aware, and 2) Because bad guys target and phish employees at home and work to get to corporate data.
Here is a categorization by fellow cyber sleuth Bob Gourley. Bob is highly respect and wants to provide helpful tips in deciding the best defensive measures to mitigate the impact of modern tech enabled surveillance:
Companies: Firms that make money selling ADs (like Google, Twitter and Facebook, but also the many firms that act as intermediaries that work in the Internet AD ecosystem) devise well thought out systems to gather info on individuals. These companies want to keep getting better at serving ADs that will get clicks so they seek to know more and more about individuals. Other companies, like credit card providers, credit reporting agencies, airlines, media companies, all collect personal info and sell it without a person’s knowledge. And increasingly, those who sell data will often work within the AD provider infrastructure.
Journalists: This is a broad category. The journalists we are referring to here are those that have decided to probe into an individual’s personal life or business. This could include journalists that might be trying to find out the identify of a pseudonymous account that may have been set up by an individual seeking to exercise freedom of speech.
ISPs: These may want to participate in the AD ecosystem by selling information about individuals, but also want to know viewing habits for their own uses.
Mobile Providers: The data your devices exchange with cell phone services can be collected and mined and sold in ways that reveal surprising amounts of information on who you are, where you live, where you are and work and what you do.
Criminals: cyber hackers want to learn more about individuals so they can conduct social media attacks and conduct cyber fraud directly against people, or pose as someone to conduct fraud against others.
Automated “bots”: These worms can self-replicate and get into systems automatically and then signal back to controllers when they find interesting information.
Governments: This can include hostile governments who may see an individual’s computer as a launching pad for attacks against others, including our governments. Hostile governments also fund attacks designed to steal corporate intellectual property. Frequently these attacks will involve targeting individuals.
Employers: In many cases companies have legal rights to watch what employees are doing on their systems and, depending on what was agreed to, may have some surprising rights when it comes to tracking activities elsewhere.
Miscreants and thrill seekers: There are people who get a rush when they can compromise a person’s account and an even bigger rush when they can share embarrassing info online.
Snoops: The bad news is that sometimes we have nosey neighbors, prying office workers, and in some bad situations, family members who spy. Stalking is another horrible threat where spying is frequently a component of the threat. Change and complicate your WiFi password and do not share it with everyone.
Devices: This is really a subset of the corporate spy, since spying done by devices is designed into the architecture. For example, spying done by your phone includes insights into where you are and what apps you use. This can be used by Apple or Google for their ends (in generally, we believe Apple to be best at protecting personal privacy, but still there are threats here to be aware of).
Now, what do you do about these threats? Mitigation of risk starts with awareness, so keep studying the nature of the threat. And update your passwords to something other than you birthday and pet’s name.
Red Sky Alliance has been has analyzing and documenting cyber threats for 8 years and maintains a resource library of malware and cyber actor reports.
The installation, updating and monitoring of firewalls, cyber security and proper employee training are keys to blocking attacks. Please feel free to contact our analyst team for research assistance and Cyber Threat Analysis on your organization.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or firstname.lastname@example.org.