Every week (or sometimes even daily) we hear about cyber-attacks from DDoS (distributed denial of service) to exposure of databases. As we all know, newspapers love “sexy” stories relating to crime, guns, terrorism or hacking. Though this is a big concern which cannot be swept under the carpet, other more mundane vulnerabilities do exist and can be more dangerous than cyber-attacks.
Let’s use an analogy: A home has multiple points of entry, including the front door, back door, windows and garage. All these must be secured, perhaps with thick glass, shatter film or metal bars, together with alarms, sensors, CCTV and possibly a safe for valuables. If a burglar manages to break into the house, what is stopping him or her stealing desktop computers, smartphones, laptops, CDs/DVDs, tablets or USB drives? Probably very little.
Naturally, cash and diamond jewellery, as well as important documents may be in a hefty safe which is hidden or bolted to the floor. It will have a cash rating of tens of thousands of pounds. Cash is obviously worth face value and necklaces and rings could be worth thousands. But we forget that a USB stick or computer may be worth from pounds to hundreds of pounds, depending on their contents.
You may ask: “What’s the problem? I’m not bothered if something worth up to a few hundred pounds is taken.” The real problem is the contents. Take Pippa Middleton, for instance: wouldn’t every tabloid in the country love to publish or pay through the nose for her private holiday photos? Future travel plans, addresses, passwords, usernames, documents or emails are of interest to most criminals.
According to Credant Technologies 1,000 laptops are left in taxis in London alone every month. HNWI are frequent travellers and often use planes. Ever turned off your laptop for lunch during a flight, put it in the seat pouch and left without it? In an increasingly mobile world tablets, laptops and USB sticks become cheaper and smaller with ever-more storage - which creates a problem. Anything can be lost or stolen in a flash with dire consequences if someone with criminal intent extracts information from such devices.
“My laptop or tablet has a password on; what is the problem?” There are many ways to reset or crack passwords. One way is to take the hard drive out and put it in another computer. Smartphones may be password-protected, but this doesn’t protect the SD card or storage. USB drives and CDs/DVDs by default have no security, so all you need to do is pop it into a computer to read personal and sensitive data.
So what is the solution? Laptop and desktop locks can only go so far as they can be cut with heavy bolt cutters. The only practical solution is cryptography (encryption) which jumbles up data. This means data can only be extracted with the correct username and/or password and/or hardware token. Cryptography is a vast topic in its own right with many algorithms, vendors and products, from software file encryption to software drive encryption to high end 007-style PIN-protected USB sticks.