Features Editor
My family didn’t get its first computer until I was well into middle school, and until that point the concept of a computer virus was something alien to me. I actually remember teachers talking about computer viruses, but I never knew what the heck they were referencing. A software program that would move from computer to computer and cause damage? Why would someone waste resources to develop such a thing? Did these computer viruses spontaneously develop on their own, like a secret living-machine out of Terminator? Could it infect the floppy disks I keep near my computer? Could it infect me?
It was a scary, unknown concept to my younger self. Back then I didn’t know the difference between malicious programs or understand how they worked, but they fascinated me. It wasn’t long before I was charging family and friends to “vaccinate”their computers against viral infections and remove any offending worms they picked up while exploring the Wild West that was the internet of the early 2000s.
Needless to say, it is with a certain level of deep-rooted fascination that I watch the evolution of cybercrime. Like many of you, I have taken an interest in the ransomware stories that have been in the headlines – hospitals and health systems held hostage by computer programs launched by elite cybercriminals. The landscape has certainly changed since I was a kid, removing Klez from my mom’s computer, unable to answer the question, “What does the person who created the worm gain from doing this?”
Things are different now. Evildoers do have something substantial to gain from their efforts. Malware is engineered by people with creativity and skill, and the programs they make know exactly what to target – your identity, passwords, credit card numbers, encryption keys, and more. The war has changed because the enemy has changed; cybercrime has been given a true fi nancial incentive. As our defenses against malware and viruses strengthened, the software became more effective.
It wasn’t until reading the recent Symantec 2016 Internet Security Threat Report1 that I realized how much the landscape of cybercrime had changed. The report paints a picture of organizations that have made cybercrime their business, intelligently designing software to more effectively cripple their targets and undermine defenses.
You can read more about them in HMT’s feature on ransomware. I think some of the details will surprise you – I know they did me.
It’s clear that cybersecurity is becoming an increasingly diffi cult challenge, as the invasive enemies on both the state and black market side – and even in the legitimate private sector, which seems determined to weaken defenses in order to make data mining simple – seem to be one step ahead at all times.
I often wonder what the solution is to keep our privacy and data secure. After years of contemplation, I can only conclude it will take a full paradigm shift – one where the market demands security from products and, in turn, the corporate sector conforms to demand by creating truly secure products, with features that include simple strong-encryption solutions that every consumer can use.
As long as consumers are satisfied with trusting vendors and manufacturers with their privacy, I’m not sure any amount of security software and firewalls will keep us safe. Whether you’re a large hospital system or an individual with a smartphone, the fact is you’re probably using software right now that undermines your privacy and data security by design.
What you do is profitable, but what you keep private is hard to monetize. This notion that we can have both software with built-in vulnerabilities to exploit user habits and robust security is a myth the bad guys hope tech giants worldwide continue to perpetuate. If you’re wondering why a simple software program is able to hold huge organizations hostage, you can start by looking at the action’s of the legitimate business first. Until true security is their priority, your personal privacy and computer networks are always in jeopardy.
REFERENCE
- https://www.symantec.com/security-center/threat-report