Digital Safety
Cybersecurity Consciousness Month attracts to a detailed and Halloween is simply across the nook, so here’s a bunch of spine-tingling figures about some very actual methods and threats lurking on-line
30 Oct 2023
•
,
4 min. learn
October is Cybersecurity Consciousness Month (CSAM) within the US and Canada and European Cybersecurity Month (ECMS) on the opposite aspect of the pond. These campaigns symbolize an awesome alternative to share finest observe and enhance consciousness of all issues cybersecurity amongst companies and shoppers alike.
However October can also be the scariest month of the 12 months. So with Halloween simply across the nook, it appeared like a good suggestion to mix the 2 occasions, and share 20 prime info and figures to scare the wits out of anybody who values their safety. Why 20? As a result of 2023 marks 20 years of CSAM.
This 12 months’s CSAM has a quite simple four-pronged message for enhancing your safety:
- Use robust passwords and a password supervisor
- Activate multi-factor authentication (MFA)
- Acknowledge and report phishing
- Replace your software program
Our prime 20 spooky safety info that can hang-out you
With the above in thoughts, listed below are 20 terrifying safety info to maintain these suggestions prime of thoughts:
- Phishing was the commonest type of cybercrime towards companies and shoppers final 12 months, in response to incidents reported to the FBI. There have been 300,000 in complete reported in 2022, though even this probably represents simply the tip of the iceberg.
- Phishing assaults use many lures. The commonest within the first half of 2023 was social media-themed lures, in response to ESET Risk Report H1 2023. These accounted for 37.5% of all phishing web sites.
- Username/password combos are in excessive demand, as a result of they will grant hackers entry to your on-line private and banking accounts. One 2022 report discovered greater than 24 billion such combos on the darkish internet, up from 15 billion in 2020.
- Software program updates are important to repair newly found vulnerabilities which cybercriminals can in any other case exploit. Final 12 months, a file quantity of those vulnerabilities had been found and printed: 25,096.
- Some 80% of vulnerabilities reported in 2022 had been both medium or excessive severity, with 16% deemed important. Nonetheless, even non-critical vulnerabilities might be exploited by cybercriminals to damaging impact.
- Phishing continues to be a giant money-maker for cybercriminals. In 2022 alone it value shoppers and companies over $52 million, in response to the FBI.
- MFA is a good way to mitigate the specter of phishing and safe your on-line accounts. But 44% of People are solely “considerably acquainted” or haven’t heard of it in any respect, in response to one research.
- It’s not notably shocking then that solely 2.6% of X (previously Twitter) customers have MFA switched on to guard their account from phishing. Social media is a well-liked goal for cybercriminals, so you need to guard your accounts from unlawful takeover.
- Not all forms of MFA are created equal, as a result of hackers can intercept codes despatched over textual content with relative ease. But SMS continues to be the most well-liked type of MFA. On Twitter (now X), it accounted for 74% of MFA in 2021, adopted by the safer choices of authentication apps (29%) and safety keys (1%).
- It’s essential to make use of distinctive, hard-to-guess credentials for your entire accounts. A 2022 research by Digital Shadows discovered that 40 of the highest 50 most typical passwords might be cracked in underneath a second.
- Based on the identical research, practically one in each 200 passwords is “123456,” which might be simply guessed by cybercriminals.
- It’s essential to alter your passwords if they’ve been concerned in an information breach. But in response to one 2021 research, lower than half (48%) of breach victims change the passwords on the breached account.
- Password reuse is harmful as it may well allow hackers to open lots of your accounts with a single stolen credential. But simply 15% of shoppers use a singular password on every account.
- Stolen credentials can have a important influence in your digital life and funds. Over half (55%) of identification crimes stemmed from compromised passwords final 12 months.
- Identification fraud stemming from stolen passwords may even trigger emotional and psychological issues. Almost a fifth (16%) of US victims reported ideas of suicide when interviewed this 12 months.
- When cybercriminals pay money for your passwords, they will hijack your social, banking and different accounts. Over a fifth (22%) of US adults have been a sufferer of account takeover (ATO), in response to one 2021 research.
- Account takeover can value victims pricey: the typical monetary loss from monetary ATO assaults is practically $12,000.
- As consciousness grows, issues over cybersecurity are additionally growing. Almost half (46%) of People really feel assured in regards to the safety of their on-line accounts and 56% are extra involved about their on-line security than ever earlier than, in response to Google.
- Password resets are essential if you happen to’re involved your account might have been breached, or a company you do enterprise with notifies you of a breach. A fifth (21%) of People reset their passwords day-after-day or a number of instances every week, which can suggest that they rely an excessive amount of on reminiscence.
- Password managers are a good way to retailer lengthy, robust and distinctive passwords for each app and web site. But, in response to the identical survey, solely 44% of People presently use one.
Keep in mind: good cybersecurity is for all 12 months spherical, not only for Halloween. So replace your software program when prompted, select robust and distinctive passwords or passphrases and retailer them in a password supervisor, swap on MFA on all accounts that supply it, and get aware of tell-tale phishing ways. Keep protected.
This video can even assist put you heading in the right direction to raised password safety:
