It Is More Important for Us to Secure Our Computers These Days Than It Is to Lock Our Doors
It takes years, sometimes more than a decade to recover for an identity theft. One of the easiest days to protect yourself is by using a VPN, it is the best step you can take to secure yourself online. A VPN, a virtual private network, is a means to secure, or encrypt your data to keep it safe and add a layer of privacy to protect your identity. When you access the internet via a VPN, imagine that your connection is routed through the internet via a secure tunnel to a server in another location – sometimes in a different city, sometimes in a different country.
At this point, the server accesses the internet on your behalf. The benefit here is that not only are you keeping your data safe, you’re also masking your location by making the internet think that you’re located where the server is, not your actual home or office. Initially VPNs were developed for corporations that needed to protect their sensitive data being sent over public and private networks, but ever since Wikileaks became a household name, the personal VPN market has rightly grown by leaps and bounds. With a VPN, I can jump on the internet at my favorite coffee shop and be confident that all the passwords I’m typing or the websites I’m visiting can’t be intercepted by a hacker.
Another way to browse the web anonymously is by using Tor, or the Onion Router, is a browsing tool used to surf the web anonymously. In a normal internet connection you are directly connected to the website you’re trying to visit. This website, and any other prying eyes, can see who you are and that you’re trying to access their server using your IP address. The Tor network, however is made up of countless nodes, or relay points, that pass your data song using layers of encryption. Each node that your data through peels off another layer if encryption, showing the previous node’s IP address, as well as where it’s being sent to. The last node that your data passes through is known as the exit node, and it peels off the final layer of encryption and then delivers your data to the intended server. The point of origin, and the intermediary nodes are completely unknown.
Anonymous internet usage can be important for journalists who are reaching out to sources, activists who live in countries that censor or block internet usage, and even law enforcement who use it for undercover operations. While onion routing makes it harder for hackers and spies to track your activities, it doesn’t make it simpossible. There are still ways attackers can view activity on the network and extract data from vulnerable entry and exit points, especially if Tor users are not diligent.
Data is an industry. Our data is a multi billion dollar industry, they don’t call it big data for nothing. Big data is key to unlocking medical mysteries and finding cures that have plagued society for generations. We have all of this data at our finger trips yet we are only able to use a tiny fraction of it. Data is everywhere, whether you’re at the doctor’s office, you’re shopping online or you’re going to the grocery store, we’re all generating data. “The pace and scale of this data farming has undoubtedly accelerated exponentially in recent years thanks to the internet, social media and the gestation of the ‘always online’ society” (Forbes, Sep 7, 2017). The accumulation of this information of billions of people around the world is big data.
To meet this growing demand for personal information, a slew of so-called data brokers have sprung up. Data brokers are simply resellers of information. Companies which collect personal information from a variety of public and non public sources and then sell that information to others. Data brokers collect personal information such as an individual’s purchasing history, estimated salaries, property ownership, family size, race, gender, health concerns, online browsing history, employment and criminal background.
Data brokers collect detailed information on hundreds of millions so they can build profiles on individuals by learning as much as they can about the individual. They provide an individual’s offline behavior information to tailor ads to the specific interests and wants of potential customers. Data brokers are largely unregulated and most consumers are unaware of the existence of data brokers and the role they play in advertising and commerce. It is very difficult to protect yourself from all of this information that is being gathered. There are so many data brokers that all want your information. You can opt out of them individually but there are so many of them it is virtually impossible. One of the best ways to mitigate is to use a VPN and hide your identity entirely from these data brokers.
A popular server cyber attack is known as DDOS (Distributed Denial of Service). I will be exploring the dangers of DDoS as well as discuss some of the largest DDos attack ever recorded. This attack comes in many forms, amplification attacks, nukes, teardrops, smurfs, etc., but most operate in the same manner by utilizing a large number of remote PCs called a botnet to overwhelm another system’s connection or server causing it to deny service to the legitimate traffic its receiving.
DDoS attacks have been used as a weapon of cyberwarfare for a long time. In 2007, the former Soviet Republic of Estonia was taken offline by a major DDoS attack following diplomatic tensions with Russia. A news article stated that “In April and May 2007, hackers unleashed a wave of cyber attacks that crippled dozens of government and corporate sites in Estonia, one of Europe’s most wired countries. Estonian authorities traced the so-called denial of service attacks to Russia, and suggested they had been orchestrated by the Kremlin” (NBC, June 8, 2009). This attack isolated Estonia from the Internet at large.
In January 2008, the hacker group Anonymous launched the first in a series of high profile DDoS attacks when it targeted Scientology over a Tom Cruise video interview. According to an article “The attacks were spurred by the Church’s efforts to remove video of movie star Tom Cruise professing his admiration for the religion, according to an Anonymous video manifesto posted to Youtube” (PC World, January 26, 2008)
In December 2010, PayPal is hit with DDoS attacks by supporters of the Wikileaks website. A variety of other major financial sites and credit card companies are also hit for their role in blocking payments to the Wikileaks site. “Hackers unleashed a complex attack on the internet through common devices like webcams and digital recorders and cut access to some of the world’s best known websites on Friday, a stunning breach of global internet stability” (Reuters, October 21, 2016).
In March 2018, Github became the target of the largest known DDoS attack in history. This attack was designed to bombard the website with enough traffic to put them offline. In this attack, the attackers took over a memory system known as mem caching. This it amplified the volume of data that it was sending to Github. In the end, the platform was getting hit with 1.35 terabits per second during the peak of the attack. Github followed up with a statement, “Between 17:21 and 17:30 UTC on February 28th we identified and mitigated a significant volumetric DDoS attack. The attack originated from over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints. It was an amplification attack using the memcached-based approach described above that peaked at 1.35Tbps via 126.9 million packets per second” (Github Engineering, March 1, 2018)
DDoS attacks have evolved drastically over the years. In little over a decade, DDoS attacks have broken the 1 Tbps barrier which is incredibly terrifying. Protestors are using DDoS attacks as a way of highlighting what they see as social injustices. Criminals are using DDoS as distraction in order to steal information. And even governments are using DDoS attacks as a weapon against political agendas. DDoS attacks are now seen as a major threat by governments as well as large corporations. The US government fears that a major cyber attack could cripple the US. CIA director Leon Panetta stated “The next Pearl Harbor that we confront could very well be a cyber attack that cripples America’s electrical grid and its security and financial systems.” (The Christian Science Monitor, June 09, 2011).
One safeguard against DDoS is ensuring adequate bandwidth. One way to ensure adequate bandwidth is to purchase a dedicated server. A dedicated server can serve as a first defense against such attacks. Another way to mitigate DDoS attacks is by updating software and hardware regularly. When updates are present, be sure to install them. These updates are important to mitigate the latest attack methods.