Personal Cybersecurity - Identify Your Digital Self

This is part one of our "Personal Cybersecurity" series of informational articles designed to help people stay safe and secure in their everyday digital lives.

Every time you interact with a company—whether shopping online, signing up for a service, or downloading an app—you trust them with your personal information. Unfortunately, that trust is often tested. Data breaches are on the rise, and the numbers are staggering. In 2023, reported breaches increased by 78% compared to 2022, affecting over 353 million individuals.

But who’s behind these attacks? And why is your data so valuable?

Let’s explore the world of cybercrime and uncover how you can protect yourself in this ever-evolving digital landscape.

Many security breaches are linked to groups called Advanced Persistent Threats or APTs. These are proficient hacking groups, and the term "APT" is appropriate. They are advanced because of their skills and resources, allowing them to target organizations of any size. They are persistent due to their continuous success, leading to intriguing names like Scattered Spider. Their persistence often involves operating from countries without extradition agreements or excelling at avoiding capture. The threat should be quite evident.

While not every breach is perpetrated by an APT, they do represent the top of the food chain - if we ignore state-sponsored and nation-state threats. Which we will, as they don't fit the purpose of this article.

By itself, your data might seem like a small, unremarkable fish in a vast ocean. In nature, swimming in a school provides safety in numbers, but in the digital world, the opposite is true—the bigger the school, the more enticing the target. Your data doesn’t just belong to one school; it likely swims in many. Each electronic account you create joins others in large databases, forming massive schools of data that attract predators. To make matters worse, your data is often replicated and sold, spreading it to even more schools. Each database where your information resides becomes another potential target for attackers, increasing the risk that your data could be caught in the net.

Cybercriminals have perfected the art of monetizing electronic data. Here are the most common methods:

1. Ransomware

   Instead of stealing data outright, attackers encrypt it, making it inaccessible until the victim pays for a decryption key. In many cases, they also copy the data, allowing them to "double dip" by demanding ransom and selling the stolen information.

   
   

2. Selling Data on the Deep Web

   Stolen data is categorized and sold on deep web marketplaces. These hidden corners of the internet allow criminals to trade in everything from Social Security numbers to login credentials, often using cryptocurrency to hide their tracks.

   
   

3. Fraud and Identity Theft

   Buyers of stolen data use it to commit various crimes, including credit fraud, tax fraud, and insurance fraud. Sometimes credentials are bought in an attempt to try and use them for other applications and services. For example, stolen login credentials may be tested on other platforms in the hopes that victims reused passwords. This means that if you get a breach notification for one application or service, you need to consider where your password was used for other things, like your bank or email. More on that below.

Your data is valuable because it can be used to commit fraud. This could be insurance fraud, tax fraud, credit/loan fraud, and a million other ways to use someone's identity to commit crime. With that said, those that pull off the data breach aren't always the ones to take the next step and fraudulently use your data. Sometimes its just easier to sell data in bulk, and let others buy and criminally misuse it.

If you've heard of the deep web, then you can probably imagine deep web marketplaces. The deep web consists of places you can access across the internet that are not indexed, meaning they won't show up on a conventional search, and often don't have a URL. Deep web marketplaces are places where people sell things in secret. This could be drugs, illicit services, and - you guessed it, personal data.

Stolen data is categorized based on its origin, type, or industry relevance and sold using crypto currency to help hide the transactions from scrutiny. If you've seen the movie Emily the Criminal, you've seen a perfect example of credit card information being turned into profit. Social security numbers can be bought for a variety of reasons including opening a bank account, registering for a drivers license, and - well just imagine all the things you do with your social. You get the picture. Credentials, often your email or login along with the password that you used at the time of the breach are also bought and sold. Attackers will attempt to use those credentials for other applications and services to see if they can't continue to breach your data. If they steal your login and password for Facebook, they might attempt to use that combination for your bank account, as an example.

Protect yourself:

• Secure your accounts with strong, unique passwords.

• Use a password manager to keep track of your passwords.

• Enable multi-factor, two-factor authentication, passwordless login where available.

• Be cautious when sharing personal information online.

• If you suspect an account or credentials have been compromised, change your password immediately, and if the password is the same or similar for other logins, change those too.

• Routinely do the things below.

• Always be suspicious of links in your emails, texts, and social media.

Determine if you're data has been breached:

• Use online tools like Have I Been Pwned or DataBreaches.net to search your email or username for compromised data.

• If you have a Gmail account, go to Manage My Account, then the Security tab, and scroll down to the Dark Web Report for similar reports.

• Regularly monitor your financial accounts and credit reports for unusual activity.

• Many applications and online services have security dashboards that show unusual activity and where your account was logged in from, and what time. Use this to determine suspicious activity.