BLOG

If not properly secured, connected cars threaten to expose sensitive consumer information. With data being passed between so many different connected channels, it’s easier than ever for hackers to get their hands on personally identifiable information. It is very difficult to select a public key or a set of public keys that can be trusted for a long period of time. If the wrong public key is used, a website can be bricked until the server header expires. The wrong key could be provided accidentally or by an attacker. As in many cases, a site can be bricked where the administrator knows nothing about HPKP, or it’s been redirected by an attack.

As hubs of research, academia and culture, colleges have been targets of hackers on more than one occasion in the past few years. In 2014, one university reported a data breach that exposed the personally identifiable information of hundreds of thousands of students and staff, dating back to 1998.

Once again, hackers have reminded Uncle Sam that he is not impervious to cyberattacks. This time the targets were none other than the Department of Homeland Security, and the FBI. 

It's no surprise that banks are a highly lucrative target for cybercriminals. After all, if you're a hacker scoping out your next victim, wouldn't you want to choose something that gives you the most direct access to money? As of November 3, there have been more than five million records breached so far this year within banking/credit/financial organizations, according to data compiled by the Identity Theft Resource Center. While one might think that only big banks are the targets, this is hardly the case. Sure, hacks like the JP Morgan incident — which led to U.S. authorities getting involved and arresting five suspects — are bound to get the most traction in the news. But in fact, hackers are looking to attack banks and credit unions operating at any scale. Here are just a few of the banking-based breach episodes that have already occurred in 2015:

In March, a chart came out comparing the stereotypical computer hacker of 1995 to that of 2015. According to the chart's characterization, the hacker of 20 years ago was in every sense an amateur: often a kid in a basement seeing how much he or she could get away with. By today's standards, the 1995 hackers come off as almost benign. Sure, they would play around with the data on your computer and cause you a hassle here and there, but at the end of the day they were not stealing your identity, making off with your credit cards or trying to take control of the car you're driving. Flash forward 20 years and you have an image of the hacker that is entirely different from its predecessor.

Most of the time, it begins with the click of a button. Or one wrong download. Or one malicious email opened. In the world of cybercrime, hackers prey on the most vulnerable. When Target was hacked, for instance, the attack began with criminals targeting a third-party vendor associated with the retail giant. The vendor was easier to attack and provided a convenient window into Target's network.

These days, a password is a pretty weak barrier between a hacker and your private data. The inherent vulnerability of passwords is highlighted by two recent breaches: an attack on game video streaming service Twitch and a separate incident in which Uber users' passwords were stolen. This blog also discusses alternatives to password authentication. 

Defending your enterprise against a cyberattack today is harder than it has ever been before. These days, hackers operate with a huge degree of sophistication and covert skill. For all you know, your business could be under siege by hackers at this very moment - and you wouldn't know until it is too late. Thoughts like these are scary, but unfortunately, they are also the reality, and this holds true across the globe.

It doesn't matter how big or small your business is, or whether its annual revenue places it on the Fortune 500 list. If you run an enterprise, you are a potential target of cybercrime. It's as simple as that. The problem is that some enterprises don't seem to realize this. Instead of preparing to guard against the multitude of threats out there, they prefer to operate in a mode of futile rationalizing. We're not a big enough business anyway. We don't represent the kind of target that would be lucrative for hackers. These are the types of excuses that organizations fall back on to justify inaction. But this approach is a recipe for disaster. Instead, companies need to stop making excuses and start focusing on coming up with the best cybersecurity plan for them.

From the halls of universities to the Oval Office, the issue of cybersecurity is occupying an increasingly central role in everyday life. The major growth in cybersecurity efforts in organizations of all types is undoubtedly due in large part to the havoc that hackers wreaked in 2014. During last year, we got accustomed to seeing new breach headlines every couple of days it seemed like. Hopefully, though, 2015 will be the year we take significant steps toward keeping those attacks at bay. With the work currently being done by educational and government institutions, it looks like preparedness will be the word in 2015.