I was recently asked, “Is Your Digital Identity Safe?” The short answer is “no”.
Two aspects of the issue
One, take a look at today’s threat environment for businesses. There is a huge discrepancy between the marketing of information technology security and the reality of data breaches.
Two, look at the threat consumers must deal with. Again, a huge discrepancy between the marketing of identity theft protection services and the reality of ID theft Victims.
Unfortunately, cybercriminals are getting better at hacking, and data breaches can happen to anyone, just look at the recent headlines:
- US Treasury, Commerce Depts. Hacked Through SolarWinds Compromise
- FireEye, a Top Security Firm, Says It Was Hacked by a Nation-State
- Spotify Security Vulnerability Exposed Personal-Data
A worldwide hacking campaign with ties to Russia has cybersecurity experts trying to figure out what happened. Further, how much of the United States government may have been affected and how badly it is/was compromised.
The affected government agencies include:
- US Treasury Department,
- US Department of Commerce’s National Telecommunications and Information Administration (NTIA),
- Department of Health’s National Institutes of Health (NIH),
- Cybersecurity and Infrastructure Agency (CISA),
- Department of Homeland Security (DHS),
- US Department of State.
But there is more. Austin, Texas-based SolarWinds (an IT management company) reported a compromise of its servers earlier this year (between March – June 2020). The incident may have affected nearly 18,000 business clients including Fortune 500 companies, healthcare providers, and many other industry verticals.
The is just more proof that cyber-attacks and data breaches can hit any organization and affect any individual anytime, anywhere.
What does this mean for individual consumers?
- It means that hospitals and telehealth companies that are on the front lines of the COVID-19 crisis could be compromised relating to the personal privacy of patients.
- That the personal privacy of employees working from home and students studying remotely could be at a higher risk of identity theft.
- And that the IT managers of the 300,000 clients of SolarWinds are scrambling to understand the impact of the hack.
So to answer the question again, “Is Your Digital Identity Safe?”, again the answer is “no”. Consumers and businesses need to know that data breaches and identity theft are inevitable. ID theft criminals are focused on leveraging social engineering tactics to steal personal and business credentials to gain access to personal and corporate networks/data.
We recommend that both consumers and businesses be more vigilant than ever in the coming year. The bad guys are taking advantage of fear and uncertainty during the COVID-19 crisis but education and protections can lower the risks drastically.
by Mark Pribish and Brian Thompson