In our current digital world that we live in the rising threat of Cyber Gangs is ever increasing. My great grandfather had to deal with the mob extorting protection fees and now my child will have to deal with digital thieves holding his digital information for ransom. What needs to be realized is that things don’t necessarily change, just the way we do them changes. It used to be we could see our attacker face to face, now it’s being done in a basement somewhere and is considered a faceless crime removing ethics from the equation.

As we evolve into the new digital era there are a lot of changes we as a society need to be vigilant in addressing. Because gangs no longer need to use a weapon such as a gun to rob you, but instead can use something as harmless as a computer. It is more important now than ever to focus on digital security and privacy as we operate in the public.

Something to consider when protecting yourself from potential hackers and cyber gangs is the art of social engineering. If you watched the movie “Catch me if you can”, that is a great example of social engineering. Catch me if you can takes place in the late 1960’s and is a true story of one of the most famous counterfeiters in American history. Frank uses his con skills to social engineer his way across the country by impersonating everything from pilots to doctors. He got so good at it that it took the FBI many years to catch him until one day he slipped up.

Another great movie is “Six degrees of separation” staring Will Smith. In this movie Will Smith meets the child of the hosts he exploits for a place to stay for the night. Because the son was open with his personal information Will Smith’s character was able to use that information to social engineer himself into being invited in by the parents. Luckily towards the end of the movie the parents were able to figure out the con, but how many people actually figure out that they’re being conned or social engineered to be exploited by another individual. Although Smith’s character did not intend malice, he shows the vulnerabilities within society to be open about personal information and how easy it is to exploit someone just by mentioning key information that then gets the next person to be open about their confidential information.

Another way that hackers and cyber gangs can exploit individuals is through malware. If an individual were able to infiltrate a business using social engineering, what type of damage can be done to a company and how much customer personal data can be harvested? 60 minutes in Australia talks about how common incidents like this are. Recently one of the largest banks in Australia has this tactic used against them resulting in the bank being held hostage by a cyber gang using something called ransomware. Unfortunately this is more common than we think because most companies in order to avoid the mass exodus of customers keep quiet and pay the ransom, so this means your personal data may already have been stolen and you don’t even know about it.

Fortunately there are some things that an individual can do to protect themselves such as identity theft protection, I’m sure you can think of one major company that offers up to $1 million in insurance if it happens to you. Unfortunately because of fear and lack of transparency something like this is highly important, but it’s also an individual decision and cost.

Another thing that you can do is limit the types of transactions and companies you do transactions with. A lot of companies no longer store your financial information as a way to protect themselves and their customers as best as possible. There are still ways to get this information such as harvesting information off a companies backup tape drive, but that requires a lot more effort than just hacking into a company electronically, it requires someone to be onsite in a lot of instances and remove it physically. Although this may be an inconvenience, isn’t security of your personal information and privacy worth it?

Also, but not lastly, you can secure yourself at the local level by securing your PC or laptop. The operating system that you use can be the difference between being wide open and vulnerable or customizable and more secure. Nothing is 100% secure, but there are things that you can do to configure your machine to be more secure than it was out of the box. Currently I use Linux because of how customizable it is and how hands on I can be about my devices security. It does require some self education unless you want to pay someone to do it, which can be done, but why would you pay for something you can do yourself? The great thing about Linux is that it has a General Public License allowing the knowledge you need to be readily available and easily searchable unlike the paid licensing systems which keep it in-house so that only their technicians know the important things you really need to know.

There are many other things that an individual can do if they really care about securing their data, identity and privacy, but it requires time, effort and education. Is this something that you as an individual are willing to pay or would you rather spend money and hope the guy understands your environment needs like you do or would you rather learn and do it yourself so you can not only save money, but have complete control over your environment? I’ve heard it said “if it is to be, it’s up to me” which is a truism because only you care about your data and privacy, the technician is just doing his job the way the company wants so that the company can make as much money as they can per customer.