The annual RSA conference wrapped up last week and once again the efficacy of privacy, trust and – of course – password management percolates to the forefront. We read with regularity how consumer information is available for sale on the “dark web.” But, how often does it affect us, individually?  How much do we care? Who do you trust?

Don’t trust social media!

According to a new survey from Malwarebytes, there is room for improvement in how we use social networks, applications and protect our own privacy.  Here are some of the statements drawn from the report:

  • “I skim through or do not read End User License Agreements or other consent forms.” (66%)
  • “I use the same password across multiple platforms.” (29%)
  • “I don’t know which permissions my apps have access to on my mobile device.” (26%)
  • “I don’t verify the security of websites before making a purchase. (e.g. I don’t look for “https” or the green padlock on sites.)” (10%)

The report went on to highlight how there is universal distrust of social networks as a whole:

  • There is a near equal percentage of people who trust (39%) and distrust (34%) search engines across all generations.
  • Across the board, there is a universal distrust of social media (95%). We can then safely assume that respondents are more likely to trust search engines to protect their data than social media.

Many are nodding their heads and saying, rightly so.

Convenience seems to always trump security and who in their right mind would trust search engines or social networks to keep your information private? Every user should be searching those EULAs and Privacy statements for how their information is shared, with whom and in what manner. Don’t know how? Start with the keywords “share” and “used.”

Facebook’s CEO Mark Zuckerburg recently announced that Facebook was going to take privacy and security more seriously in 2019 and is focused on raising their bar. Most users of Facebook will readily acknowledge that the bar is low, and any improvement is both desired and warranted.

Self-inflicted cybersecurity wounds

Then there are the self-inflicted wounds caused by lack of cyber hygiene. In a late-2018 piece from Tech Republic, the cybersecurity research firm Watchguard Technologies tested 355,023 LinkedIn profiles of individuals who were associated with government or military – yours might have been among them.

The results?

“WatchGuard Technologies was able to crack 178,580 in less than two days, said the release. The most common passwords included “123456,” “password,” “linkedin,” “sunshine,” and “111111.””

Really?

Basic cyber hygiene 101 is one password, one account and –  most importantly –  avail yourself to any multi-factor authentication available from the provider to thwart brute force attacks.

Splashdata in their 8th annual survey of compromise passwords provided the top ten passwords being used based on compromised accounts:

  1. 123456
  2. password
  3. 123456789
  4. 12345678
  5. 12345
  6. 111111
  7. 1234567
  8. sunshine
  9. qwerty
  10. iloveyou

What’s your password?

Who do you trust?

How’s your cyber hygiene?

Related News

Christopher Burgess (@burgessct) is an author and speaker on the topic of security strategy. Christopher, served 30+ years within the Central Intelligence Agency. He lived and worked in South Asia, Southeast Asia, the Middle East, Central Europe, and Latin America. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century” (Syngress, March 2008).