By: Barry Spielman
Cybersecurity threats are on the rise for businesses and individuals alike. The Colonial Pipeline ransomware attack, which struck their networks, is just one recent example of the wide-reaching effects of cyber threats. The source of the hack, which eventually led to oil shortages and increased gas prices, was the leak of a single password. Despite its large-scale impact, the Colonial Pipeline ransomware attack demonstrated that not only the largest corporations are the targets of these attacks, but smaller businesses and even individuals are also vulnerable as well. Why?
If there’s one thing you can rely on regarding cybersecurity, it’s that people will always be the weakest link in their own defense. Whether it’s clicking a suspicious link or giving away passwords and other personal information, people are gullible. By the time a threat reaches the domain of the end user, it is often too late to stop an attack or an infection.
Another common denominator in cybersecurity is that all Internet traffic must first go through the communication service provider (CSP). Therefore, it makes sense that CSPs should protect traffic before it is routed to their customers. This leads to several reasonable questions. How does this work? What can a CSP do? Could a ‘clean’ Internet be the next big differentiator among providers?
There are several factors to consider when evaluating the role that a CSP should play in protecting consumers from cyberattacks. According to a recent survey conducted for Allot by Coleman Parkes Research, a total of 90 percent of consumers believe their CSP should provide security solutions. Additionally, 64 percent of fixed broadband subscribers would pay up to $5 per month for a home security solution. The demand is there, but the question is whether CSPs can meet it.
With some notable examples, today CSPs are largely not involved in protecting their consumer customers from cyber threats. This leaves the responsibility for protection in the hands of the end user. There are several reasons why this is not a successful solution. When it comes to securing their devices and networks, many consumers are guilty of the same crime—default passwords. Most consumers do not use new or unique passwords for their routers and other devices. In fact, experts estimate that 81 percent of data breaches are caused by poor password security.
Additionally, many are unable to determine whether their phone performance has slowed due to software or space considerations, or if their central processing unit (CPU) has been hijacked in a crypto mining or botnet attack. This begs the question: how can they be expected to protect themselves from cyberattacks? Most consumers do not have the expertise or the resources to provide their own cybersecurity protection. This is true for small businesses as well, which often do not have dedicated staff protecting their digital assets. For small businesses, the inability to protect themselves is even more critical as their business assets are more valuable than that of consumers.
Furthermore, children are increasingly vulnerable to attacks on the Internet. With the COVID-19 pandemic and remote work and school the norm, securing the home network has never been more important. When it comes to cyber defense, consumers are on their own. They desperately need the right tools in place to defend their home networks.
If the consumer is the weakest link in the cybersecurity chain, then IoT is the weakest link in the home network. A combination of weak password policies and little to no security on smart devices make the IoT a digital doorway for cyber criminals into connected homes. The number of smart devices available is booming, with billions of connected devices in use.
However, many of these devices were developed seven to 10 years ago, and therefore often lack up-to-date security features by design. This means they’re left vulnerable to