Nothing is Safe
It's been Hack Week apparently, because there have been a number of high profile hacks and breaches revealed, covering just about every base in the tech sector. From NordVPN to Amazon's Alexa, to Samsung, it hasn't mattered what kind of tech was involved-- hacks and breaches were happening. Obviously there's something wrong here, so let's take a moment to break down each data breach, and figure out what to do in the wake of these attacks.
NordVPN revealed this week that it was hacked in March of 2018. Their compromised server didn't reveal any customer data, but it could have potentially allowed activity to be witnessed as it was happening. This is a service that prides itself on protecting customers. That's what a VPN is supposed to do. And yet, the very thing that people use to secure internet privacy was compromised. While the company has cut ties with the host of that defective server, it leaves much to be desired.
Alexa and Google Home
Security researchers disclosed this week that vulnerabilities in smart devices like Amazon's Alexa and Google Home allowed owners to be "eavesdropped on" for potential phishing scams. That's incredibly disconcerting. I'm sure some (myself included) realize that the companies themselves probably can access more audio than they let on, but for third parties to access that kind of an intimate slice of life is downright horrifying. It could listen at any time. Imagine sitting at dinner discussing bills with your spouse, or life insurance of your kids. Alexa could hear that. Horrifying. Smart home devices have become increasingly popular, but that kind of breach will have many product owners unsettled.
Samsung discovered a whole new kind of breach, when it was revealed that "gel-cover style" screen protectors caused the fingerprint activated lock to unlock for anyone. No fingerprint is alike, but it doesn't matter when your security lock doesn't work. While not exactly a hack, it's an exploit that could greatly impact personal security.
What Do We Do?
Each of these companies has moved to address each breach. However, more are certainly on the way, as a new hack pops up every day. This does help companies improve their existing cyber security by patching up holes that they didn't know existed, but that doesn't undo the damage done with each breach. As we've said before, hackers are after your data, and if you don't have an optimized cyber security solution, you could lose that data, and it could cost you dearly. You need to have a proactive IT department that has constant vigilance, and you need to educate your employees often about the dangers of data breaches. Even those who tout data security can be vulnerable, so assume nothing about your organization's capabilities. By staying on top of security, you can avoid the pitfalls that many companies fail to navigate.