How likely are you to be hacked, really?
The idea we have about what it means to be hacked has evolved over the course of the past 20 years, and so did the techniques used to gain unauthorized access to data. With that said, how likely is the average users to be hacked, and how much damage is the average user expected to withstand?
Let’s begin by defining the three primary reasons for hacking to exist in the modern world:
- Financial gain
Those who have come of age from the early beginning of the world wide web, will remember how hacking used to be the only way for young people to learn about technology and how it works. Many great inventions came from hacking, many of them taken for granted today, such as caller ID, remote desktop management, and the peer-to-peer file sharing, which now powers cloud storage services worldwide like Google Drive, Microsoft OneDrive, and DropBox.
Representatives of hacking communities often decide to use their skills to communicate ideals, and even actively disrupt operations perceived as harmful to society, whether that opinion is compatible with society or not. This practice is often regarded as “hacktivism”, and pertains to operations conducted by coalitions of hackers, like Anonymous.
The impact of these individuals varies, from affecting the ability to access websites, to full-scale data breaches, where thousands, and sometimes even millions of users data is compromised, and sometimes even put on public display, to prove a point, such as what happened to Sony Entertainment in 2014, when a group called Guardians Of Peace, leaked what is believed (yet never confirmed) to be over a Terabyte of information, in response to the release of the movie “The Interview”, which prompted worldwide attention, and suspicion (still unconfirmed) of North Korea being behind the cyber attack.
With that said, the likelihood of an anonymous private citizen being hacked by a group of hacktivists, is next to none, unless the person is an employee of a company whose activities are likely to attract the attention of hackers motivated by idealist sentiment.
Ultimately, the only reason for a hacker to attack the average user is no other than financial gain. By this token, how likely is the average user to be hacked directly, and what are the immediate symptoms of being hacked?
The most terrifying clue a user can get after being hacked is a ransomware notice on their screen, telling the user that unless a certain amount of money is paid within a certain amount of time, all files on the affected computer, including everything stored in attached external drives, and even storage drives in the same Wifi network, will remain irreversibly locked using military grade encryption.
Any realistic chance of finding oneself in such predicament depends heavily on the ability to identify and avoid traps designed to trick users into willingly open themselves up to these threats, which falls on the level of computer literacy of a person being confronted by the threat.
There are two methods to test a person’s wits when confronted by a potential attempt to introduce malware in his or her system, may that be a mobile device or a desktop system: active and passive.
Passive methods involve the receipt of email attachments containing malware. While the world wide web may have advanced dramatically in the past 30 years, the technology behind email has not changed much at all, making email one of the most dangerously exploitable forms of communications of the modern world.
The danger comes from the fact that the average user takes approximately between one and three seconds to determine whether an email is legit or not. Such determination comes from a mix of personal experience, Internet literacy levels, and momentary emotional state.
The level of sophistication of these emails can be frightening, with some examples featuring recipient’s names gathered from the user’s own address book. Others rely on the user’s inability to discern an official email from a legitimate company, like a bank or a government branch, from a fake.
Another way used by hackers to gain control of a system for financial gain, is through cold-calling users on the phone, with numbers gathered online, or through automatic dialers.
Hackers running this type of scam, rely on the gullibility of users, in order to convince them to download a piece of software onto their computer. This action lets them take control of that system in what is often regarded as “tech support scam”, where hackers will perform fake “diagnostics” on a remote system, only to pitch expensive “cleanup services”.
The most common method for a private citizen to put oneself at risk, is by visiting websites considered unsafe in the first place. Whether it is an adult website, or a site that lures users with the promise of illegal software downloads, the chance of being hacked when visiting these types of sites, grows exponentially.
With that said, the spread of malware through web surfing is not nearly as effective and destructive, as the one perpetrated using peer-to-peer networks on the fringe, commonly used to share copyrighted material, often “laced” with dangerous malware.
It’s not uncommon for files like PDF documents, Adobe Flash animations, and even video files, to contain code capable of running on a computer and cause all sorts of havoc in the background.
What can you do to protect yourself
In conclusion, the best defense against hacking is knowledge and common sense, as the last line of defense against cyber threats, aside from choosing a robust security software to protect the system when you can’t.
Fortunately, the latest laptops, tablets and devices are quickly following a trend of increased security, and adopting hardware-based countermeasures, like Bitlocker encryption and secure authentication, even when logging into websites or mobile apps. Still, as mentioned above, there are ways for hackers to affect users financially, which is why it’s important to gain more literacy and knowledge about the Internet.