Check Your Security Knowledge Against These Survey Results

Cybersecurity Survey Blumberg CapitalI think we’re all a little too confident in our level of personal security and a little too careless with our personal information. Preston and I want to emphasize the importance of keeping your personal data secure and personal. Don’t allow the bad guys to make an easy mark of you. These survey results are surprising and you should stay vigilant, especially on social networks and on sites where you submit credit card data. Never save the data for later; enter it every time.

When it comes to cybersecurity, Americans are overconfident in their knowledge and skills, a study released today by Blumberg Capital found.

A few interesting highlights from the findings:

  • 63% of Americans rate their knowledge of cybersecurity equal to or higher than the likes of Donald Trump
  • Shockingly, only a mere 7% of Americans are concerned with keeping their nude or racy photos and videos secure
  • Those surveyed find Social Networks and Dating Sites to be the least trustworthy (at 5% each) in keeping customers’ personal information safe
  • While 95% of adults expressed at least some concern about their personal information being hacked on e-Commerce sites, 54% of Americans who shop online trust online marketplaces, like eBay and Amazon, with their financial information
  • 33% of Americans believe they are more secure online if they don’t save their credit card information. Others choose to only use PayPal or other trusted payment services (30%).

You can view the full findings of the survey here: http://cybersecurity.blumbergcapital.com/

Listen to the SecurityNOW podcast, live shows, and watch our videos here at http://securitynow.live.

Interview with Preston Smith (Podcast)

PasswordFebruary 1st is a special day for Preston and me, here at SecurityNOW. I interviewed Preston! That’s right. We returned to the very cool Rose Rock Cafe over on Mingo Road to have the famous Baconator burger and to record Preston’s first SecurityNOW interview, where he’s the interviewee. Find out about Preston’s background and what he thinks the biggest security issues are. Preston also gives you some tips on how to protect yourself in this world of growing cybersecurity threats.

The interview is short and sweet, just like Preston, but you’ll learn a lot from it. Preston discusses good passwords, bad passwords, LastPass, two-factor authentication, and some physical security tips as well. There’s a lot packed into this 15-minutes, so take good notes, there will be a test at the end.*

February is a very special month too. February is SecurityNOW’s month of best practices. We’re going to produce several podcasts that give you real-world advice on how to protect yourself from the bad guys without having to change your entire life. We try to help you make security easy yet effective.

Podcast details:

Length: 15:22 minutes. Format: MP3. Rating: G for all audiences. Background soundtrack: Rose Rock Cafe.

*Not really.

 

Ransom Where? Study shows office not home is a better target

Ransomware InfographicIBM released the results of a study that included complete surveys from 600 businesses and just over 1,000 consumers about their willingness to pay and their paid history with ransomware. The study found that 70 percent of businesses that have experienced ransomware attacks have paid the ransom. In contrast, fewer than 50 percent of consumers hit with ransomware would pay the ransom.

Ransomware extortion is a profitable business. Business executives stated that they would pay between $20,000 and $50,000 to regain access to ransomed data. While smaller businesses are generally better targets because of their lack of training and a general lack of protection, they are less desirable to attack because of their inability to pay large ransoms. Consequently, only 29 percent of the small businesses in the survey had experienced ransomware attacks. Ransomware has grown close to a $1 billion business and there’s no end in sight for the numbers of attacks or the extent to which criminals will go to cash in on victims.

Consumers, who overwhelmingly stated that they would not pay a ransom, changed their minds when asked about paying to regain access to financial data and to their mobile devices. Some consumers would pay $100 or more to the extortionist, however ransoms usually are in the $500 or higher range. 55 percent of parents who have digital pictures of family and children are more willing to pay ransoms to regain access, while only 39 percent of non-parents would pay.

Ransomware is software that locks data using encryption techniques. Once infected, users can’t access the data. The ransomware writers demand a fee paid, usually in bitcoin (a virtually untraceable electronic “currency”), to gain access to the data via a passcode supplied by the extortionist.

Almost 50 percent of the businesses surveyed experienced ransomware attacks and 70 percent of those paid ransoms. Half of those who paid ransoms paid over $10,000 and 20 percent paid over $40,000. Close to 60 percent of the business respondents stated that they would pay a ransom to recover their data.

There are some things you can do to prevent becoming a ransomware victim. IBM’s X-Force experts recommend the following:

  • Be Vigilant: If an email looks too good to be true, it probably is. Be cautious when opening attachments and clicking links.
  • Backup Your Data: Plan and maintain regular backup routines. Ensure that backups are secure, and not constantly connected or mapped to the live network. Test your backups regularly to verify their integrity and usability in case of emergency.
  • Disable Macros: Document macros have been a common infection vector for ransomware in 2016. Macros from email and documents should be disabled by default to avoid infection.
  • Patch and Purge: Maintain regular software updates for all devices, including operating systems and apps. Update any software you use often and delete applications you rarely access.

The three most valuable pieces of advice that we, at SecurityNOW, can offer consumers and businesses is a) Train everyone to delete suspicious emails that manage to make it through your spam detection, b) Keep your computers and devices updated and patched, and c) Use an anti-malware program on every device you own, especially those used by children and less-skilled users.