(Video) Why the hackers are targeting your smart device!

I’d like to talk to you about why hackers are targeting your computer or your smart device.

We all have some device that connects us to the digital world. We’ve not quite found a way of plugging in our brain like what happens in the matrix. But we’re getting close.

So the simple fact that everyone has a device, and everyone is connected to the digital world makes you a target. So why are they targeting your device?

Well in one case, they’re after your money. Your access to money, how you’re buying stuff, how you’re selling stuff if that’s happening on your device, and credit card details, that sort of stuff. So they’re definitely after your money.

But the other things they’re after is your friends, your acquaintances, your family, your clients, and anything that has anything to do with you. And they target this because they can use email or SMS or chat or an application that then allows them to target all those people that you know.

And the last thing is your intellectual property or your trade secrets. And everybody thinks I haven’t got any intellectual property. Well, yes you have. Your intellectual property is who you are. But if you’re working for a business, your intellectual property is how you do things. Why you have a sales rep that does a certain thing. It may be because you might have a tablet that you work on. That is all intellectual property.

So how does my device get attacked? They’re targeting your device in a number of ways. Those number of ways depend on how the automated systems or the actual bad guys are looking to target you specifically. Everybody is a target. If you’re connected to the digital world, then all of that information that you generate or you do to download from the internet is making you a target, because they are after what you can do.

Their first primary way of doing things is through spam. We’ve all seen spam. You know how sometimes a spam email can look exactly like an email from the post office or your bank or from someone that you least expect. But if you’ve got any idea that its spam, then you need to make sure that it’s not targeting you.

Spam is also used for phishing. And phishing is a specifically targeted email that people are trying to get you just to click on a link. The link may be bait, and that’s why it’s called phishing, because you’re being baited.

There’s an even worse system which is called spear phishing. Spear phishing is when they specifically target a specific person. And they’ve done a lot of research and have gone out to find out what groups he’s joined in LinkedIn. They’ve gone on to his Facebook and seen what it is, because your Facebook security is not very good.

They’ve watched you on Twitter, because you’re filling Twitter with what you do, why you do it, and how you do it. So they actually then have come back and targeted you specifically because of what you do or what you know. Now, that specific target makes you a spear phishing target.

And because you are specifically targeted, you have a better opportunity to open that spam email and click on the link.

But it’s not only spam that causes the problem. One of the other things that people forget is if you visit websites, even the ones that you look for on Google when you do a search, you might be looking for drivers, and the first two will be Driver.com/drivers. Or SoftwareHP.com. And then the third one may be HP.com.

Now, if you’re looking for specific drivers for a specific device, the first one that people automatically go to is the top one, the organic one. Now, the bad guys have done a hell of a lot of work to make sure that their product or their Spyware component will be on that top list.

So you’ll download that, click on it, find out it’s not a driver, mutter to yourself that its not working and then forget about it. And for all you know, you may have downloaded malware, spyware, or in some cases, you may be put up for ransom.

All of these things rely on malicious code. And malicious code is actually what makes the whole system work. Malicious code is produced and makes what we call viruses, Trojans, worms, spyware, and cryptoware. It is all designed to do specific things. Those specific things are to make sure they can access your smart device.

And once they’ve got access to your smart device, it is no longer your smart device.

We know that they are out there targeting your device.

So how do you stop them from doing that?

Well to stop them targeting your device, you need to make sure you have a number of things in place. Those things are,

  • You have some sort of anti-virus. Now, most of us do not understand that malicious malware, or malware and malicious code is a virus of some sort. So your best and first line of defense is to make sure you’ve got an anti-virus and keep it up to date.

And this is for everything that you use. If you’ve got a Windows laptop, you’ve got anti-virus. If you’ve got an Apple Mac, anti-virus. Because they’re not only targeting the operating system that you’re using. They’re targeting things like Java and Adobe.

  • If you’ve got a personal firewall on your device, make sure you use it. If you don’t use it, then when the bad guys get in, one of the reasons they got in is you went to a website and didn’t have the personal firewall on.
  • The next thing to do is make sure you backup. The number of times that we’ve been called into somewhere and they’ve got a laptop that is now broken, and they haven’t backed up since they ever had it. And it had everything about their life. It had all their photos, all their contacts, email. But there was no backup you could go back to.
  • One of the big things that we push: you need to patch everything. If it comes up and says these apps need to be updated, update them. If it comes up and says IOS needs an update, update it. If it comes up and says Windows needs an update, update it.

Because that update may save you from getting the next version of the virus that is released onto the internet. And they are released. They are like letting butterflies go in the normal world. They go everywhere.

And it’s an automated system, so it doesn’t matter whether you don’t want to update your stuff because you can’t be bothered. The bad guys also know this, and they go out of their way to make sure their automated systems out on the internet can target your information.

  • One of the big things that you need to do is use common sense. If you’re on a website and it says, free whoppety-whop, think about it. Use common sense. Going back to the search, for instance, look at what is being said and what the URLs are. If you don’t do that, you’re could be going to a site that is infected with malware, you’ll get malware, and you’ll lose all of your information.
  • And the last thing that you really need to do is be paranoid. Now paranoia in the digital world is not like paranoia in the normal world. Everyone in the normal world is not after you. They’re not out to steal your tricks and secrets. They’re not going out of their way to make sure that information they want is there for you. But what they are after is in the digital world, everybody is after everybody.

And if you’re paranoid about what you’re doing, then you’ve got a good chance you will make sure that nothing gets through your system. And as long as you’ve got all these other things in place, then by being paranoid, you’re just adding that extra layer of protection.

So thank you very much for why hackers are targeting my device and my laptop. If you have any questions, please see the slide at the end of this presentation with all our contact details. Thank you very much.

 

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.