During the month of October, awareness about cybersecurity is promoted worldwide. Although consumers and businesses have become more aware of tactics such as phishing or malware, there are still other less known methods and devices widely used by cybercriminals. In a period where there is a drastic increase in the number of attacks and people are using smart devices more and more in their daily lives, it is essential for both companies and users to give due importance to security.
With this in mind, Palo Alto Networks, a leading cybersecurity company dedicated to protecting organizations and consumers against digital threats, has selected the main recent findings on attacks on smart devices to warn about the dangers that can affect anyone.
According to Marcos Oliveira, Country Manager of Palo Alto Networks in Brazil, despite the unprecedented increase in cyberattacks, users still believe that incidents are unrelated to them. “Unfortunately, in the current threat landscape, everyone is vulnerable, and the consequences of cybercrime can be incredibly severe for companies and consumers,” states the executive.
The potential for consumers to become victims of cybercrimes has skyrocketed as the speed of attacks also advances. In almost 45% of the cybersecurity cases recorded by Palo Alto Networks this year, criminals exfiltrated data within less than a day after the attack, which means actions to stop them must occur within a few hours before the information is compromised.
For users, the avenues of cybercrime are rapidly diversifying. Although Palo Alto Networks recorded a 17% decrease in phishing attacks in 2023, many new routes have opened up through smart devices hitting the market.
New types of attacks detected
There are still various types of attacks that consumers need to be aware of, from fake Wi-Fi networks to smart speakers, according to Palo Alto Networks researchers, who have compiled the top user guidelines to protect and keep personal devices safer, in the definitive guide to follow:
- Evil twin attacks: consist of setting up a fake Wi-Fi network in public places, such as restaurants or airports, tricking users into connecting to it. This allows intercepting data such as passwords, emails, and banking information.
- Juice jacking: attackers access public charging stations, such as those found in airports or cafes, to steal data. When users connect their devices to these power stations, malicious software can be injected into the devices.
- Cryptojacking: is the hijacking of users’ devices to mine cryptocurrencies without their knowledge. This unauthorized activity can lead to increased electricity costs, decreased device performance, and possible hardware damage.
- Smart devices: Cybercriminals can target consumers on devices beyond just phones or computers. Refrigerators, coffee makers, and other connected appliances can be entry points to access more vulnerable systems.
- Wearable devices: Fitness gadgets and other wearable electronics like watches can expose personal and health data, leading to consumer or company data breaches.
- Automotive systems: Cars with Internet-connected entertainment systems can also be targets for hackers. Hackers can access the user’s personal data, track their location, or even interfere with system functions.
In 2023, according to the Identity Theft Resource Center, there was a 72% increase in data breaches compared to 2021, maintaining the historical record. With attackers becoming more creative in targeting individuals and a 49% year-over-year increase in victims posted on ransomware breach sites, it has become increasingly important for consumers and businesses to take effective cybersecurity measures.
“While the number of attacks, the level of sophistication, and the methods used are evolving rapidly, the good news from a consumer perspective is that the chances of being hacked can be significantly reduced by following some general best practices,” Oliveira concludes.
To protect personal data, consumers should always ensure that their devices have the latest security updates, use strong and unique passwords, and enable two-factor authentication whenever possible. Additionally, it is essential to be cautious about what they download or click on, and always prioritize the use of antivirus software for an additional layer of protection.
