Protecting yourself from new online threats such as Log4J is now more important than ever, warns cybersecurity and digital forensic expert and US army veteran, Ricoh Danielson.
Discovered in early December 2021, the threat stems from a vulnerability found in Log4j, “an open-source logging library commonly used by apps and services across the internet.”
“If left unfixed, attackers can break into systems, steal passwords and logins, extract data, and infect networks with malicious software,” the UK’s National Cyber Security Centre says.
Log4j is used worldwide across software applications and online services, and the weakness requires very little expertise to exploit. Scammers could possibly use it to transfer your entire identity including passwords, financial information, nationality, and other biometric information.
Danielson predicts an uptick of threat actors performing cyberattacks over the next 25 years to cause havoc with US and UK businesses including major corporations and financial institutions.
To protect yourself, one solution is to have a proactive, defensive, and robust cyber security mindset. This will empower an individual to implement various technology solutions such as vulnerability management, incident response, patch management, and data loss prevention.
This should be done on a regular basis, however, it’s not enough.
“You also have to be diligent and hyper-vigilant at continuously practicing cyber security hygiene and not putting it off since there’s too much at stake. This includes changing your passwords and implementing a multi-factor authentication.”
As a US Army veteran, Danielson sees online threats as an ongoing battle. Even though we’re inundated with cybersecurity advice, not enough businesses and individuals aren’t paying enough attention.
For the younger generation, cyberattacks are becoming somewhat normalised to the extent that these threats aren’t being taken seriously. The older generation, however, specifically those involved with the government, who have their own business, or are in high-level positions, should understand the risks of cyberattacks.
“The older generation understands the need for cybersecurity from a high level, but many of them don’t understand the full picture and the technology itself. The younger generation understands the technology but may not want to comprehend the need for cybersecurity,” said Danielson.
Threat actors can steal protected health information and other crucial personal information, all mainly for financial gain.
“These malicious threats are like a heart attack. They’ll first steal your mortgage, your identity, and everything in between to give you a financial heart attack when you turn 60,” said Danielson.
Cybersecurity protection is evolving and, one day, Danielson believes authentication will be based on your DNA.
Recently, Danielson worked with a university hospital in San Francisco to de-identify medical records of a million medical charts to keep personal information private so it could be sold to a Google medical project to study commonalities among Alzheimer patients.
“The only way the university could contribute to the study is to respect privacy laws and de-identify data,” said Danielson.
He has also helped financial and healthcare institutions that are most at risk. On numerous occasions, Danielson has negotiated ransomware threats for various clients.
“In the past year, cyber threats have significantly increased, and it will be getting worse in the next five years. Everyone should be proactive to protect themselves. Take it seriously now before it happens to you,” said Danielson.