Mark Zuckerberg made news this week when he posted a picture of himself at his desk. The news was supposed to be Instagram's announcement of 500 million active users.
But what made news was the laptop computer in the background, presumably Zuckerberg's, that appeared to show a piece of tape over the built-in camera. Why would Zuckerberg do that, if indeed he did?
Perhaps because of the pervasive and growing presence of malware threats, some of which are capable of taking over a device's camera and microphone. If Zuckerberg taped over his camera, he's not alone. Plenty of high-profile people do – and for good reason.
Hackers are more sophisticated and actively target high profile people. Also this week, Bloomberg News reported that Russian hackers appeared to have targeted the Clinton Foundation computer network, as well as systems operated by the Democratic National Committee.
The news agency says the data breach was first discovered last week. It reported the Clinton Foundation had not been officially notified and had no comment.
The headlines from a single week serve to underscore vulnerabilities of an inter-connected world, from major institutions to a single consumer checking email at home.
These days, computer users large and small fear the threat of ransomware. When a hacker tricks someone into opening an attachment or clicking on a link, this software can take over a computer or network and lock it down.
The only way for the victim to regain use of his or her files is to pay a ransom to the hackers. In recent months, ransomware hackers have targeted hospitals, with some measure of success.
“The threat of ransomware is very real and IT professionals are increasingly realizing traditional solutions are failing,” said Stu Sjouwerman, CEO of KnowBe4. “IT pros agree that end-user security awareness training is one of the most effective security practices to combat these ransomware threats.”
KnowBe4 has just released a study covering two years, measuring awareness and concern of the ransomware threat. It found that 79% of organizations it surveyed are “extremely concerned” about ransomware threats.
What was more eye-opening, the survey found that 38% of the organizations in the survey had already been hit by ransomware.
Older threats still around
Meanwhile, Sophos, a security software firm, says older malware threats are still prevalent and might even been more dangerous than ransomware. Writing in its Naked Security blog, the company notes that when you're hit with ransomware, you know it right away.
But if a hacker tricks you into downloading a keylogger, it might be weeks before you discovered it. Since a keylogger records keystrokes on a computer, a hacker can then get access to log-ins and passwords to bank accounts and other sensitive information.
McAfee, another security software company, reports a rise in a nasty little thing called Pinkslopbot, a backdoor trojan with worm-like abilities that also targets passwords. The company said it believed the malware was defeated in 2013, but that it has returned with a vengeance.
The best defense against these threats might ultimately be some healthy paranoia – the type Zuckerberg may have displayed this week. Be extremely careful about handling attachments – even from known sources.
It's also never a good idea to click on links in emails. If you want to visit a site, it's much safer to navigate to it yourself, either by typing in a url or by using a search engine.