News / Canada

Are you a potential hacking target?

After taking the normal precautions to protect our privacy and digital belongings— measures such as making strong passwords, using firewalls and anti-virus software, keeping computers and other equipment updated and using a VPN at public WiFi sites— people have to weigh how much further they have to go to stay safe.

“We all have to figure out whether or not we’re likely to be a target,” says Scot Wright, a computer security expert who has worked in the field for more than a decade. “If you are not a target, you take the risk, like you take the risk of driving down the street and not getting into an accident.”

But it’s often not as easy a question to answer as most people think it is.

While an individual of modest means might be less likely to be a target for hackers, their employers might be the real objective, says Wright.

“Sometimes hackers use people as stepping stones,” he says. Important intellectual property or fat lines of credit can be very attractive targets for hackers.stock file credit card laptop online banking

Nor should we overlook the threats closest to us.

"When it comes to security in businesses, the person who is going to have the easiest time of things is the person inside your company," says computer security researcher Leigh Honeywell. "People call it the insider threat. And that's where having good hiring practices, having good internal security, paying attention that you are hiring good people— that's what makes the difference there."

She adds that company's should also have layers of checks and balances in place so if someone does go rogue they can be detected and stopped.

But while companies can hire security professionals such as Wright and Honeywell, that’s an expensive prospect for an individual. Home research, trusted friends with computer knowhow and common sense are what most people have to rely on.

Honeywell. Even technology can pose threats to privacy all by itself, she says, pointing to an incident that happened when Google launched its now defunct Buzz social networking platform. Buzz would automatically

Honeywell. Even technology can pose threats to privacy all by itself, she says, pointing to an incident that happened when Google launched its now defunct Buzz social networking platform. Buzz would automatically "friend" all of the people in its user's email contacts — a feature that looked more like a bug for one woman when Buzz friended her abusive ex.

“Anything you post on a website you should consider to be eventually public even though your privacy settings may control who can access it at any given time,” says Wright.

“Do a little bit of research to see if there have been any complaints or breaches,” he says when asked about how to choose a cloud-based service. Many firms either have a mandatory breech disclosure law they have to follow or they abide by a voluntary policy where they commit to informing their users of breaches.

Websites sometimes change their privacy policies. Even those run by people with the best of intentions sometimes get hacked, he says. And there’s the weak link in the whole equation – people.

“If you post too much info on FB and don’t have your privacy set properly —you can go on Facebook and find lots of people who have not put in any privacy restrictions on their information and that makes it really easy for people to target them.”

More on Metronews.ca