This is a reprint of The elusive “P” which appeared in the January 2016 issue of Indian Management.
There is no such thing as a free lunch, truly.
As we increasingly traverse the virtual realm, we are putting at stake a crucial aspect—our much-treasured privacy.
There is not a lot of privacy on the Internet today. Every place you go – websites, social networks, apps – all know your IP address and where you are located, which they can correlate with your demographics, age, gender, and the websites that you visit. Social networks can even tell advertisers what your political leanings are and which religion you practice, and the Internet knows which books you read, which cosmetics you use, and whether or not you are pregnant, getting married or divorced. At the end of the day, search engine companies and Internet Service Providers know everything about you. With the up-rise of the Internet of Things, Internet-connected devices can dig even deeper into our lives. Our cars remember when we drove where, how fast we went, and what music we were listening to, while our smart watch can tell us more about our health than our doctors can. Privacy is a thing of the past.
A trade-off between convenience and privacy
In our day-to-day usage of the Internet, each of us are either making a conscious or unconscious trade-off between convenience and privacy.
One example of this can be seen in Gmail, the hugely popular email service used by nearly one billion people around the world. Most people will, but others might not recognize that they receive advertisements which are somewhat related to the subject of their emails. This is due to the fact that the subjects of a user’s emails are sent to various advertising engines to come up with relevant content to serve back to the Gmail user. For someone who sent an email with ‘vacation’ in the subject line, this may result in the user receiving ads with flight offers during the following days.
After January 12th, only the most current version of Internet Explorer available for a supported operating system will receive technical support and security updates.
People using Internet Explorer 8, 9, and 10 will no longer receive security or technical updates after Tuesday, January 12th. This means that the older versions of Internet Explorer can be exploited by hackers which puts your computer and your data at risk. One last patch will be released January 12th with a reminder to upgrade your browser. If you do not upgrade to Internet Explorer 11, you will begin to receive “End of Life” upgrade notifications urging you to make the switch to Internet Explorer 11. Windows 10 and Windows 8.1 users should upgrade to Internet Explorer 11. Windows 7 users with Internet Explorer 9 or 10 should upgrade to Internet Explorer 11.
Choose a different browser
If you want to stay with a Microsoft product, then you also have the option to switch to Microsoft Edge, their latest, most modern browser, but you must also be using Windows 10.
This is a good opportunity to try another browser like Google Chrome, Firefox, or Opera. We recommend Google Chrome as an alternative to Internet Explorer because of its security features and automatic updates.
There are plenty of alternative browsers to switch to as well; those that specialize in gaming, privacy, media consumption, and other things. Check out this listing of 10 obscure, highly specialized browsers from PCWorld.
The Internet of Things (IoT) join together physical devices that we use every day with information technology.
Using internet-connected devices expands our ability to control and monitor in the real world. The IoT is literally changing our lives.
The Internet of Things has the potential to fundamentally shift the way we interact with our surroundings. The ability to monitor and manage objects in the physical world electronically makes it possible to bring data-driven decision making to new realms of human activity – to optimize the performance of systems and processes, save time for people and businesses, and improve quality of life.” ~ McKinsey Global Institute study
The potential economic impact of the IoT is astounding – as much as $11.1 trillion per year by 2025 for IoT applications, projected by the same study.
But is there a downside?
Your home and the devices in it will be a viable target for cybercrooks in 2016.
Back in the good ol’ days of the early 2000s until just a few years ago, all we had to be concerned about was security on our desktop computers and laptop. In the intervening years, mobile devices have become so ubiquitous that hackers have turned their sights on them, especially Android devices.
But starting in 2015, everyone began to realize just how close to home cybersecurity really is. Home networks are the new gateway, and 2016 will be the year that vulnerabilities in the Internet of Things (IoT) and wearable devices combined with weak home router security will lead to personal attacks.
The weak link is your home router
“The security situation with home routers is actually pretty bad,” Ondrej Vlcek, COO of Avast told Fast Company. “Most of the companies do a relatively good job of . . . patching the vulnerabilities, but the problem is that no one updates the firmware in the routers. The user doesn’t at all, and usually the ISP doesn’t either.” He added that we saw the most attacks on routers by far in 2015.
“Right now, attackers are targeting routers en masse,” said Pavel Sramek, an Avast Virus Lab research analyst. “It’s highly probable that they’ll expand their target list to network-attached storage and “smart” TVs as well, since the security aspect of these devices has been almost completely neglected by their manufacturers so far.”
“Many of the companies and engineers don’t really think about security,” says Vlcek. Data, for example, is often transmitted without any encryption, making it easy to steal or fiddle with.
Since this is the time of year to look forward, I asked several of our Avast Virus Lab research analysts about what to expect in 2016 for home networks, wearable devices, and all the gadgets that make up the Internet of Things.
Back in May, I pulled my new copy of Entertainment Weekly out of the mailbox and flipped through it quickly, as I usually do before sitting down to read the whole thing. An article about an unusual premier of a new TV show called Mr. Robot caught my eye. The cyberthriller’s pilot episode was set to make its debut online and through alternative viewing services like Xfinity On Demand, iTunes, Amazon Instant Video, XBOX, and Google Play almost a month earlier than its USA Network television debut on June 24.
The next Monday morning, I shared the news about the show with my colleagues, and we all vowed to watch the new drama about a cybersecurity expert who joins an underground hacker group, as soon as we could. We hoped it would be a more realistic version of the security issues we face today than CSI: Cyber or any number of Hollywood movies. We even contemplated having a weekly viewing party with Avast Virus Lab researchers and getting their comments live, a la Mystery Science Theater 3000, if the show was good.
A twist in the plot
The very next day after the initial discussion, one of my colleagues, and regular blog writer, Stefanie Smith, received an email from a Mr. Robot production staff member asking if we would be interested in having an Avast antivirus product make an appearance on one of the upcoming episodes. At the time, a few weeks before the pilot episode even aired, this was a difficult call – but our decision to be a part of the show, even for a brief moment, proved to be the right one.
Mr. Robot has consistently been named one of 2015’s best TV shows, and it received Golden Globe nominations for Best Series, Best Actor for Rami Malek, and Best Supporting Actor for Christian Slater.
We didn’t watch it together with the Virus Lab guys, but every week after the show, we got their expert opinions about the hacks depicted on Mr. Robot. Here’s some of our favorite moments from season one:
Merry Christmas! Happy Holidays! Seasons Greetings!
All of us at Avast raise our glass in a toast to all of you, the global community of people who help us keep cyberspace secure. You motivate us everyday, and we wish you the happiest of holidays and a New Year full of joy, peace, and security. Cheers!
Be aware that cybercrooks send “special” offers via fake email campaigns during the holiday season.
The holiday season is a time for decorations, cheerful music, shopping, spending time with loved ones, and unfortunately, for cybercriminals hoping you will fall for phishing scams.
“Cybercriminals use the same tactics they always do, but target people more during the holiday season with “special” offers via fake email campaigns. These fake email campaigns can trick people into downloading malware and/or can trick people into giving attackers their personal information”– Jan Sirmer, senior malware analyst at Avast.
We decided to take a look at a few recent examples of malicious emails, more specifically their email subject lines and the email addresses they were sent from. Our goal was to see how cybercriminals are taking advantage of the holiday season.
Here’s what you should look out for:
The Fake Holiday Offer
Whether it be membership offers or special shopping deals, be cautious of the offers you receive around the holidays by email. Some of them might be too good to be true and are fake or some may come from trustworthy businesses whose email accounts have been hacked. Here is an example:
‘CHRISTMAS OFFERS.docx’ From: “Nicole*” <Nicole@fitfunfitness.co.uk*
This could be a tempting offer, especially if your upcoming New Year’s resolution is to lose weight. The original email address belongs to an actual business owner, lending credence to the scam. Unfortunately, cybercriminals understand this and misuse business email addresses, such as this, to send out phishing emails to customers, because they know customers trust the business and there is a better chance they will fall for the scam.
Not very long ago, in a galaxy not far away, a group of cybercriminals decided to take advantage of the Star Wars effect to spread malware among the most impatient fans.
A lot of people cannot wait to see Star Wars: The Force Awakens, and that’s something cybercrooks know. That’s why a lot of links that theoretically allow the download of the new movie of the popular saga appeared. As many of you can imagine, those links do not include the films, the only thing they include is malware! An idea worthy of Darth Vader!
Internet-connected toys gather data on the user and have weak security compared to other computer products.
Digital devices and toys like cameras, smartwatches, and tablets may be on your child’s Christmas wish list. But more parents are having second thoughts about placing these items under the tree, because Internet-connected toys gather data on the user and have weak security compared to other computer products.
6 million children’s accounts taken by a hacker
This weakness was made very public during the Black Friday shopping bonanza, when a Hong Kong-based digital toy company called VTech lost databases of more than 6 million children and almost 5 million connected parental accounts to a hacker.
By putting the databases together the hacker was able to retrieve personally identifiable information like children’s names, ages, and genders, and even pictures and chat logs were found. Parents’ names, email addresses, secret questions and answers, IP addresses, encrypted passwords, and mailing addresses were also accessed. Supposedly the breach did not include credit card or financial account information exposure.
No one should have to choose between security and the latest technology. At Avast, it’s important to us that we support our valued business customers and create innovative features that keep businesses secure and ahead of the bad guys.
That being so, Avast is happy to announce that our Avast Endpoint Protection and Server Security products are now fully compatible with Windows 10!
How you can get the compatibility update
To get the latest and greatest functionality of these products, you simply need to run the program update. Then, you’re all set to go! After upgrading to the latest version of your program, you can sit back, relax, and enjoy using our award-winning business solutions together with Windows 10.
Visit our website to learn more about Avast business security solutions and the benefits they can bring to your business.