Story image

Internet hacks on the rise, weak passwords remain a problem

16 Oct 15

Internet users around the world are being hacked at an alarming rate, yet they still aren’t creating strong and unique passwords, according to new research by Kaspersky Lab.

According to the research, in the past 12 months alone one in four internet users had at least one of their accounts hacked, leading to unauthorised messages being sent out in the user’s name, sometimes with a malicious link included, and the loss or theft of personal data.

Furthermore, Kaspersky finds that only 38% of consumers create strong passwords for every account, and more than half (57%) store passwords insecurely - in email, contacts or text.

The kind of accounts targeted by hackers include email (11%), social media networks (11%), and online banking or shopping accounts (7%) - sites that many consumers use on a daily basis and that keep them in touch with work and their friends and family.

The survey found it’s not just bank balances but personal relationships that were targeted by hackers. 

In fact, 35% of those affected by hacking discovered that messages or updates had been sent from or posted on their accounts without their permission; and 29% learned that friends had clicked on a malicious link in a message that apparently came from them.

Personal data and identities are also a top target for hackers, according to the research.

Of those affected, 26% lost personal details and data following a successful hit; and in 26% of cases data was stolen and later used in criminal activity such as unauthorised transactions.

Despite the fact that 36% of respondents had encountered some kind of identity threat in the past year, Kaspersky Lab’s ‘cyber-savvy’ quiz has found that only 38% of users make a point of creating a strong new password for every account they set up.

Furthermore, over half (57%) store their passwords in insecure places. This includes writing them down on paper or saving them in a mobile phone.

Elena Kharchenko, Kaspersky Lab head of consumer product management, says, “Hackers are after your details, contacts and funds, so failing to set strong passwords for the accounts you entrust with such information is a bit like locking the door and then leaving the key in.

“Passwords are the digital ‘you’: and your accounts rely on them to ensure it’s really you they are giving access to.”

Gianpaolo Carraro, Auth0 ANZ and Asia country GM, says, “As consumers, we're constantly told that we need to regularly change our passwords and not use obvious names and dates - and the message is getting old.

“Despite most businesses having rules and processes around password management, forgotten or stolen passwords still remains one of the biggest causes of recent data breaches on personal information.”

“Despite most consumers and businesses being fully aware of password best practices, research is showing time and again how these are not being followed, opening the door to countless security threats and risks.

“You can use password managers and enforce company rules, but what the industry is really calling for is a more simplistic, secure, and user-friendly option for identity management.”

He says, “We’re seeing a shift away from passwords and towards a password-free utilisation of the things people typically carry with them, such as their email, mobile phone for SMS, or a fingerprint.”

Solutions include multifactor authentication and single sign on are also becoming increasingly popular, according to Auth0.

“While recent changes, or lack thereof, in identity and access management do not necessarily demonstrate there is an imminent uprising against passwords, they do show that relying on everyone to have a highly secure and easy-to-remember password for every system they use is not fair or realistic,” Carraro says.

He says, “Multifactor authentication should be a no-brainer for any application, to optimise security and minimise the risk of identity fraud.

“But again, this can be expensive and time-consuming for developers to incorporate, and that’s if there’s no major customisation required.”

He says certain solutions allow users to integrate as many factors of authentication as they want, and are customisable to individual environments and requirements.

IDC: Smartphone shipments ready to stabilise in 2019
IDC expects year-over-year shipment growth of 2.6% in 2019, while the world's largest market is still forecast to be down 8.8% in 2018.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
New app conducts background checks on potential tenants
Landlords and house owners need to obtain a tenant’s full name, date of birth, email address, and mobile number in order to conduct the search. And most importantly, they have to get the tenant’s permission first.
GirlBoss wins 2018 YES Emerging Alumni of the Year Award
The people have spoken – GirlBoss CEO and founder Alexia Hilbertidou has been crowned this year’s Young Enterprise Scheme (YES) Emerging Alumni of the Year.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Meet Rentbot, the chatbot that can help with tenancy law
If you find yourself in a tricky situation  - or if you just want to understand your rights as a landlord or tenant, you can now turn to a chatbot for help.
PlayerUnknown’s Battlegrounds (PUBG) finally releases on PS4
PUBG on PS4 feels like it’s still in Early Access as the graphics look horribly outdated and the game runs poorly too. 
How AI can fundamentally change the business landscape
“This is an extremely interesting if not pivotal time to discuss how AI is being deployed and leveraged, both in business and at home.”