Everyone needs to protect themselves when using the digital world. This is a basic rule—we could call it common sense, but I have found that there is nothing common about it. 99.9% of all users of this wonderful digital world expect “someone else” to do the protecting. We look for the easiest way to do something, we use the simplest of passwords and reuse them everywhere we go, we install the easiest and cheapest anti-virus, and we fail to update our applications and operating systems because it takes time. We all know no one has time for that.
After all, there’s so much else to do. There’s an ever-increasing desire to know about the latest “happening” in the online world. A World Cup score, an erupting volcano, the top ten celebrity fails, the latest “You Won’t Believe What Happens” viral video, the new episode of Game of Thrones—or just GIFs from all of the above. We all have something we need to see right now.
The bad guys know this. They are out there, targeting the uneducated and ill-informed that use the digital highway. Like anyone else looking to make a quick profit, the criminals will go after the lowest hanging fruit. The targets that have done the least to protect themselves are always going to get burned.
Recently I was working on a client’s home computer. Their teenage son is a mighty gamer, someone who regularly gets into the top 100 of most online games that he plays. The problem was the huge amount of malicious software that had been installed on the computer from cheats, mods, game hacks and other downloaded content.
The family didn’t know why their computer wouldn’t run faster. With all that malicious code, it was not going to happen. The son had also disabled the anti-virus and had not updated the operating system in months.
In our endeavors to show what was happening, we installed a temporary Cisco router. We then set it up like a normal home router and showed the amount of traffic that was leaving the home via the internet connection. It was surprising, and the impact on the parents was quite interesting. We clocked the outgoing traffic at 90% of their allowable connection speed for hours on end.
Once again, the bad guys had targeted the lowest hanging fruit. This young man’s desire to win games outpaced everything else. “I want to play the game, so I will download all of the updates and mods for it, but in doing that I will go to web sites that are full of malicious code and installable applications. In that process I will not protect myself because I WANT IT.” This attitude is everywhere.
This is what the Bad Guys target. They focus on bait and switch. The bait is the game, and the switch is redirecting you to a website where the executable code is. They are 90% secure in the knowledge that once they get you there, you will download their app, mod or cheat.
If only one percent of the gaming population is doing this, there are hundreds of thousands of infected computers connected to the internet. These computers are used in botnets which then target others in the digital world. In addition to this, these “zombie” computers are also connected to command and control systems run by the digital criminal organisations that collect information about the users.
So, what can they get from you? Digital criminals are not necessarily after your bank and credit card information, although they will take it if it is available. More likely, they will farm all of your personal identification information (PII); from that they will take out bank loans and damage your real-time credit rating.
Gaming is just one example. If you’re looking for free movies or music to download, you’re in the same boat. To prevent all of this happening, there are a number of things you can do.
- Be paranoid. If you remember that someone is always after your information, you will be more careful.
- Always update operating systems, applications and anti-virus.
- Use common sense. If it looks too good to be true, it probably is.
- Don’t use pirated software, applications, games, music or videos. This is where the bad guys find new victims.
- Use complicated, unique passwords on anything that needs to be protected – that is, practically everything in the digital world.
These are simple, common-sense tips—but if you follow them, chances are you won’t be the next cybercrime victim.