Hacking always seems to be a current topic; it’s never far from the headlines. This week has seen plenty of coverage relating to the ignominious Yahoo! security disaster – the incident widely dubbed as ‘the biggest hack in history’ that saw over 500 million accounts compromised.
Plus, the story of autistic British man, Laurie Love, has been widely publicized. Accused of stealing data from various US government sites, he faces extradition to America and a possible 99-year prison sentence. Then there’s the ominous commentary relating to the potential for some kind of terrifying cyberwar between the US and Russia.
All the major, high-profile hacks that have come to light this year (the Yahoo! debacle, the 164 million LinkedIn users involved in a breach and the 360 million MySpace customers who found that their data was compromised) were the result of weak passwords that were cracked by hackers.
These incidents have resulted in a surge of information, published on the net, designed to help companies and individuals encrypt their online activities with effective passwords.
Insurance specialists Hiscox posted this handy password test, Financial Times published a ‘safe password quiz’ (which is based on this research paper) and Yahoo! Tech – rather ironically – provided us with this guide. Pretty useful stuff to separate your weak passwords (example: ‘p@ssword’) from your strong (jelly22fi$h***g4635) ones.
To get a wider perspective on why having a quality password is so important, we reached out to security expert, Ken Munro, a partner at security company Pen Test Partners, and a public speaker on the topic of cybersecurity.
Munro told Mobile Marketing Watch this week:
“I’ll start by saying this: I think that it is good that hacking is being covered in the mainstream media.
“Awareness of security issues is always a good thing.”
We asked Munro what sort of implications exist for the customers of businesses who do not use suitable passwords.
“In terms of the end user,” he says, “the implications are massive: becoming victims of direct fraud, having identities stolen or getting credit cards details pinched.”
“Also, collateral damage – when people use the same password for several websites. One account gets breached and then they all do.”
So, given the repercussions of a cyber attack, why don’t all businesses have this sort of thing covered? According to Munro, tackling the finer details of cyber security can put some businesses off implementing it altogether.
“We have to be careful not to make [online security] appear too complicated or too clever to businesses,” Munro told us. “Otherwise, they might think, ‘I’ll never be able to get my head around this so I won’t bother’.
“If they don’t take steps to secure themselves, they are just waiting for a denial-of-service attack or to be used as part of a botnet.”
Munro makes it clear that cyber safety is major issue for businesses, but what are the immediate steps for individuals worried about online security? According to this feature, published by BT, as long as you stick to a few basic rules when creating a password, you should be alright. Avoiding obvious words or combinations (like your name, home town or date of birth), and using at least 12 characters including a variety of letters, numbers and symbols, is a good start. And, as Hiscox succinctly outline in their password test, don’t give it away yourself.