West Virginia Executive Branch
New Year – New Privacy Threats
2016 was a rough year for privacy! According to the Identity Theft Resource Center (idtheftcenter.org), there were 980 identified breaches exposing 35,233,317 records as of December 13! Here are some of the issues which are likely to cause problems in 2017.
Ransomware became increasingly rampant in 2016. With ransomware, a malicious program is installed on a computer and blocks the user’s access to the system or certain files. This block is removed when the user pays the creator of the ransomware, usually in Bitcoins.
Although it is predicted that general ransomware will decrease as new technologies are created, mobile ransomware is expected to rise. However, because mobile users generally have their data backed up in the cloud, mobile ransomware will aim to steal users’ bank credentials and take money directly from their accounts.
To avoid becoming a mobile ransomware victim, you should:
- always back up your data
- never click on strange emailed links or attachments
- never download from unofficial app marketplaces
- keep all your apps up-to-date
THE INTERNET OF THINGS (IoT)
The Internet of Things (IoT) is the “internet-working of physical devices, vehicles (also referred to as "connected devices" and "smart devices"), buildings, and other items embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.” (https://en.wikipedia.org/wiki/Internet_of_things)
It’s estimated that Internet of Things (IoT) devices will continue to come under attack from various malware. Many IoT devices also have recording abilities, so they may store audio and video. IoT device makers are in a rush to get the gadgets on the shelves as quickly as possible, but when things are rushed, they can leave huge gaps in security. IoT devices “talk” to each other and share information, so there is a chance that infected devices may infect other devices.
People will always be the weakest link
The biggest privacy/security threat is people. Sometimes they don’t understand the value of the information they have, and fail to protect confidential data and communications. And, there are those who do not “play by the rules”, either on purpose with some criminal intent or through ignorance or carelessness. Privacy and security training should be a priority in every business.
Note: Your agency/bureau/department/division may have specific requirements – always check your policies and procedures. If you have questions, contact your Privacy Officer.
SEE ALL 2017 PRIVACY TIPS