If governments can have their cybersecurity broken, what chance has the average citizen got?

<?xml encoding=”utf-8″ ?????????>

Almost every day on the news there are stories emerging of government departments or large corporations being hacked by cyber attackers.

The attackers’ motives tend to range from political activism, in order to expose government secrets to the world, or simple financial greed by attempting to extract money from businesses using ransomware and other sophisticated cyber-criminal techniques.

We hear about these security breaches almost daily, perhaps the most ominous being government sponsored attacks on other governments, which could be enough to cause international incidents and even declarations of war.

There’s a modern theory that the next world war will not involve tanks, guns, troops or even nuclear weapons, rather the complete halt of an opponent’s infrastructure by hacking an entire country’s or region’s computer systems. With the IOT (internet of things) allowing people, large companies and governments to control everything from their domestic heating to regulating traffic on motorways or load-balance a National Grid, it’s easy to see how hackers could disrupt whole countries and their economies if they so desired.

But how exactly do these cyber attackers break into computer systems? The short answer is by finding vulnerabilities in computer code that allows external and malicious code to be weaved into the original software. A very simplistic example would be a hacker breaking into a person’s or company’s email account and changing the code so that every email ever sent from that account sent a copy of every message to an address chosen by the hacker. Obviously, this outgoing copy wouldn’t be seen in the victim’s standard e-mail client. Imagine a message sent to a surreptitious lover from a government minister or captain of industry, the potential for blackmail and ending a person’s career are obvious.

How do you know if you’ve been hacked?

Rather like the simple email security breach above, some hacks might lie undetected for months or even years. A government spying on another government isn’t just going to steal a couple of documents and simply stop their activities. Clearly, it’s in their interest to be able to tap into information in the long term without ever being discovered. Large organizations with complex cloud computing systems regularly run checks to see if their security is being compromised, but that’s much more difficult for regular citizens, who perhaps might rely on a VPN extension (a virtual private network installed as a browser extension) and their ISP (internet service provider) for online security, while trusting that either their iCloud, Google account, Office 365 or whatever is secure.

Usually, people or small businesses only find out they’ve been hacked when their bank account is fleeced, or their emails and private documents are widely published on the internet – a process known as ‘doxing’.

The bigger they come, the harder they fall.

Even despite their best intentions, large corporations can suffer data breaches that go on for months. According to a report from IBM, ‘The Cost of a Data Breach in 2022’ – even organizations with high security tools spent an average of 181 days being hacked before they knew about it. Furthermore, some hackers’ malware was so sophisticated that it took an average of 68 days for the victims to patch the security holes.

How to prevent data hacks

Despite that shocking statistic above, the good news is that anonymity is the private individual’s strongest weapon against hackers. In short, if you’re just an Average Joe, why would hackers want to go after you anyway? Social media influencers, prominent political activists and trade unionists might attract the attention of those wishing to invade their privacy, but regular citizens can take simple precautions like using a VPN on their browser (for example Firefox or Chrome) to stay safe online.

It’s true that sophisticated hackers can probably break into any system, VPNs included, but if the VPN provides a completely anonymous encryption barrier, most hackers are just going to look elsewhere for low hanging fruit. It’s a bit like parking a shiny new Mercedes in a car park with a Gucci handbag left visibly on the passenger seat. Some criminal or junkie opportunist is going to smash your window to see if the handbag contains cash or credit cards. But if you have a 20-year-old rusted compact Chevvy in that same car park, with that handbag stuffed invisibly under the back seat, the bad guys probably wouldn’t give the vehicle a second look.

Hiding in plain sight.

A VPN really acts that way, making a flash Mercedes look like an old scrapper. If your internet connection is anonymous, it isn’t going to attract attention. Also, consider the other advantages of a VPN. You can use them to circumvent geographical content restrictions – for example watching Netflix while you’re away on location.

VPNs can help avoid ‘dynamic pricing’ whereby some retailers or service providers charge higher prices if they think you can afford them- if you live in Beverly Hills but a VPN sever of choice puts you as located in Birmingham Alabama, that hotel room, alfresco restaurant table booking or international flight might well be offered at a cheaper rate.

Finally, VPNs can also prevent the practice of ISPs slowing data transfer from certain streaming services or gaming servers, known as ‘throttling’ of your connection speed.

In summary, with the added security, anonymity and helpful benefits of a VPN, it’s foolhardy not to install one at your home and office.