Think you’re too boring to hack? That’s a problem, says Kaspersky

The cybersecurity firm explores the concept (and dangers) of ‘digital comfort zones’ at home.
30 July 2020

It’s all good and well until you launch some ransomware into your company network. Source: Shutterstock

  • The technological boundaries between home and work life are blurring, and internet consumption is increasing
  • Attackers are exploiting a “once in a lifetime opportunity” to compromise exposed endpoints
  • 36% of millennials say that they should be doing more to strengthen their digital security

Our lives, personal and working, are becoming tech-centric. Whether it’s using dating apps, ordering ‘click and collect’ groceries or logging on to Microsoft Teams, we rely on digital services and are ‘online’ in some shape for form, more than ever before.

In the comfort of our homes – bar when we’re deleting the odd, hopeful phishing email – we don’t tend to consider the cybersecurity considerations of this growing reliance on the internet. Many of us might wonder why any attacker would waste their time (and likely considerable talent) trying to crack our networks – it’s not like we’re up to anything interesting?

That mindset is becoming a problem, according to cybersecurity firm Kaspersky, especially given the events of 2020, which have led us to remote working by necessity, and have set the ball rolling for flexible or hybrid working environments going forward.

In its latest report, More Connected Than Ever Before: How We Build Our Digital Comfort Zones, Kaspersky explores how as our homes become tech hubs and workplaces, the cybersecurity culture that enterprises are expected to adopt should permeate into our day-to-day individual usage, as the technological boundaries between work and life are blurred.

“2020 has been a defining year for the digital home. With many of us all over the world in lockdown, the amount we interact with, and rely on, technology has increased dramatically,” said Andrew Winton, Vice President, Marketing at Kaspersky.

Conducted by research agency Sapio, the study fielded responses from 10,081 respondents, but focused on Millennials (25—34), which Kaspersky says will be the real driving force shaping how we use technology in the years to come.

According to the report, millennials are now spending nearly two (1.8) hours extra online everyday compared to the start of the year. That brings daily average use up to 7.1 hours a day.

Half say this increased time online has made them more aware of their digital security. Millennials are spending most of their time on social media, but almost two thirds (61%) say that the rise of online dating from home is a particular concern for their digital security.

And while millennials think they’re “too boring” for cybercriminals, 36% say that they should be doing more to strengthen their digital security.

The findings are ultimately concerning given the prevalence of personal devices being used for business. The same devices that are being used for online dating, or browsing the various rabbit holes of the web, are often the same that are being used to access company emails, communications channels, or enterprise cloud storage solutions.

Speaking to Bloomberg, Rob Lee, chief executive officer at industrial security firm Dragos, said that the pandemic had created “a once in a lifetime opportunity” for hackers to exploit a peak in remote access activity.

Cybercriminals were quick to identify the opportunity in the chaos. Attacks of all kinds have ramped up in the heat of the pandemic, with threat actors targeting public figures on Twitter, healthcare providers, universities, technology companies, among many others, as the rise of remote work creates new access points.

In an example of how cybercriminals leveraged the particular circumstances, actors were found to be exploiting the sudden flurry of Zoom downloads by attempting to conceal cryptocurrency-mining malware inside fake installers.

A spike in downloads for any software is an effective means to distributing the malware far and wide to as many users as possible. With activities shielded in the background, the attacks could go on for months to avoid detection.

According to Kaspersky’s report, almost half (52%) of millennials now say that they only run trustworthy apps on their devices from official stores such as Apple Store and Google Play, and 49% run regular anti-virus scans on each of their devices to protect themselves.

But that still leaves almost half of users vulnerable to providing backdoors to malicious scripts, and while individuals’ data alone may be a little too “boring” to hack, securing compromised access to an enterprise network is certainly worth the effort.

To make sure your devices and personal information remain protected on the internet, Kaspersky advised millennials to:

  • Pay attention to the website’s authenticity. Do not visit websites until you are sure that they are legitimate and start with ‘https’. Try looking for reviews of sites that seem suspicious.
  • Keep a list of your online accounts so you have a full understanding of which services and websites may be storing your personal information.
  • Block the installation of programs from unknown sources in your smartphone’s settings and only install apps from official app stores
  • Start using privacy checker plugins to help make your social media profiles more private. It will make it harder for third parties to find highly personal information