People often complain about violations of their privacy online while at the same time giving permission to thousands of companies to sell their data to the highest bidder.
The truth is it’s difficult to avoid giving up your online privacy these days. And when it comes to a toss-up between privacy and convenience, most people would rather just tick the box that lets them immediately read an article or log in to a service without thinking too much about the consequences. So what if someone has access to your data?
You may think if you have nothing to hide, you have nothing to fear. Think again.
Even things as banal as posting on social media, using search engines, and casually accepting privacy policies without reading them can leave your privacy compromised. Anyone who wants to can find out your name, address, location, interests, and much more with nothing more than a quick search.
If you really dig into the terms and conditions of the hundreds of privacy agreements you have signed up to, most of them have impossibly complex clauses that effectively allow the host to view, own, or sell on your personal data.
The more you give away, the more vulnerable you are to a host of different threats, from personal attacks to more widespread breaches that are no less creepy. Let’s take a look at the biggest threats that you may not have even realized existed, and how to protect yourself and your precious privacy.
Data Privacy Threats — The Bigger They Are The Harder They Fall
The biggest tech companies store the most information about you and as such, they are the most attractive target for hackers looking to steal customer data. When 3 billion Yahoo accounts — that’s every single account — were compromised in 2013, it sent a chill through the industry.
Since then, there’s been no shortage of high-profile data breaches. 150 million Equifax customers were affected by a breach in 2017 and just this month, a major attack on high-profile Twitter accounts made headline news. Those affected included some of the most famous individuals and biggest companies on the planet, including Kanye West and Kim Kardashian West, Joe Biden, Elon Musk, Apple and Uber.
These breaches at the highest level resulted in the leaking of confidential information like credit card numbers, names and addresses, and personal details like gender, age and preferences, location data, and much more. Data that could be used for fraud, identity theft, blackmail…you name it.
These attacks are getting more sophisticated and more underhand as technologies improve and more data goes into the cloud. So be wary of the biggest players as they are the biggest targets.
Giving large companies access to your data comes with another risk which you might not have considered. It’s all well and good when things are going well. But what happens when one of these large companies ticks off an employee who then decides to go rogue.
According to Verizon, 70% of data breaches are caused by outsiders, but that leaves around a third down to employees within organizations.
A disgruntled employee can take customer records, including your personal files and data, and use them as a weapon against their employer. By threatening to release it publicly if their demands aren’t met. Or just by selling it off for their own personal gain. Either way, your data could be compromised.
In 2016, a Snapchat employee leaked records personal information of 700 employees. The same year, a Sage employee stole financial data from around 200 customers. There are many more examples.
This phenomenon is on the rise. And with copycat crimes an ever-present danger, it is likely to continue to increase. Something to bear in mind when considering how much of your privacy to give away in the name of convenience.
SWATting — When Cyber Attacks Get Real
SWATting is when an attacker gathers information from you online and then calls in the police to your address with information that an extremely dangerous situation is taking place. Essentially, they call in a SWAT team to your front door.
This is what happened to Jameson Lopp, who believes a combination of his social media posts along with other data he had put into the cloud, led to his house being raided by armed police.
An unknown person had stalked him online and decided that he would be the target of the attack, hoping to extort money from him. The attacker, posing as Lopp, told the police he had killed a man and was now holding his family hostage. He gave Lopp’s address and said he had rigged the front door with C4. You can read the full story here, but the point is, Lopp believes that had he been home when the police were called in, he may have been killed.
This is of course an extreme example. But it demonstrates the most terrifying real-world consequences of giving up too much online privacy.
How Can You Protect Your Data?
The best way to be sure your data is not being snooped on is to use your own encryption key. This way the host of your data only has access to encrypted data, and even if they are forced to hand over your files to the authorities, or if there is a data breach, all they are able to give out is encrypted nonsense.
The problem though is that by holding your own key and keeping everything encrypted, you lose most of the benefits of cloud storage. It will take longer to upload and download your data as it needs to go through encryption at every stage. You won’t be able to easily share data between devices and users without encrypting it each time. And if you lose your key, you lose access to your data.
If you’re someone who wants a reasonable level of security while still enjoying the benefits of flexibility and easy access which make cloud storage so useful, there is another way.
It comes down to having trust in your cloud storage provider. Treasure is a cloud storage provider built with users’ privacy as the top priority. The platform allows you to aggregate your existing cloud storage data so that you can access all your files from the major providers and your Treasure files from one interface.
It also provides you with the encryption key for your data, so you control exactly who has access to the content of your files. However, the key is also backed up within the system so you don’t have to worry about losing it.
Treasure gives you the access you want to your data while minimizing the risk of your files being seen and weaponized by unwanted third parties.