http://www.digitaljournal.com/tech-and-science/technology/q-a-why-are-we-still-at-risk-from-email-hacking/article/538770

Q&A: Why are we still at risk from email hacking? Special

Posted Dec 11, 2018 by Tim Sandle
No one is free from hacking, including world governments. In the technological age we live in how can this still happen? Furthermore, what measures are needed to protect businesses, governments and individuals. A leading expert weighs in.
Sending a short email is estimated to add about four grammes (0.14 ounces) of CO2 equivalent (gCO2e)...
Sending a short email is estimated to add about four grammes (0.14 ounces) of CO2 equivalent (gCO2e) to the atmosphere
Mehdi Fedouach, AFP
Email remains the main communication tool for businesses. If an email account is hacked it can allow the attacker access to the personal, sensitive, or confidential information in the mail storage; as well as allowing them to read new incoming and outgoing email and to send and receive as the legitimate owner.
With advances in medicine to advances in space, why can we not conquer something as simple email security free from hacking? Have we all become numb to hacking and data breaches? What can be done to protect everyone? Is there a real solution?
These questions remain pressing for the modern age and thy have been considered by Boston-based security data expert, Daryl Crockett, CEO of ValidDatum. Crockett provides his thoughts to Digital Journal.
Digital Journal: How extensive is email hacking?
Daryl Crockett: As with all forms of cyberattacks, hackers attack on email accounts are trending upwards. The numbers are staggering; easily exceeding one billion accounts per year. The largest email breach on record occurred only two years ago, as three billion Yahoo user accounts were breached.
DJ: Are some areas more prone to hacking than others?
Crockett: Hospitals and doctor’s practices are high-target areas for email hackers. Healthcare patient data can be sold on the dark web for up to 10 times more than other personal data. It is estimated patient data can return $200-$300 per record while credit card data return $5-$6 per record.
DJ: Why does hacking still occur even though technology advances?
Crockett: The advent of secure email platforms such as Mimecast, Symantech, etc., can reduce the number of phishing and spam email in general. The cost and time to implement can be a constraint for small to mid-size companies, not to mention the administration costs moving forward.
The pure numbers of malicious emails make prevention very difficult considering one in one-hundred emails are in some form of a malicious hack attempt. Data Security has to be right 100 percent of the time to be successful in protecting your data, but a hacker has to be successful only one time to steal you data.
DJ: Are we desensitized to the idea of hacking?
Crockett: Based on the pure number of reported data breaches, society as a whole has to have become desensitized to hackers. It's just so common. The pushback will be more stringent regulatory controls, such as GDPR and the pending California Consumer Protection Act. While people might tune out the news, hopefully our regulatory bodies will continue to look out for our best interests.
DJ: What do hackers expected to gain from their activities?
Crockett: Hacking email can be a very lucrative; from selling personal data on the dark web, to ransomware. The growth of ransomware and malware attacks resulting in payments from victims is alarming. In 2015, $325 million was paid to hackers which grew to $5 billion globally in 2017. And these are estimates only. Many payments go unreported.
DJ: What can be done to address hacking, in terms of technology?
Crockett: Increased use of end-to-encryption email platforms such as ProtonMail and CounterMail are highly useful in terms of protecting personal data and reducing overall risk of email hacks – and many secure email platforms are free and should be used in place of Google or Yahoo. While many benefits exist, adoption will be slower within larger organizations.
DJ: What else can people do to avoid the risk of email being hacked?
Crockett: Use a good anti-virus software. We cannot emphasize this enough. Use anti-virus software and ensure updates are executed automatically. Use a different password for every website – hackers usually get into your email this way: they hack other “soft targets” such as loyalty card accounts and online shopping accounts where they grab your email address and your password. Then they try that password to gain access to your email.
Create a great user password that contains uppercase, lowercase, and numbers. Ensure security answers cannot be guessed or researched. Do not use the names of your loved ones, birthdates, anniversary dates, sports teams, and the dates the Red Sox last won the World Series. Do not share passwords with anyone – not even your loved ones, because you don’t know who has access to their devices. Also, stay abreast of technology changes.