Years ago, Iran’s nuclear program was the target of a huge cyber-attack that included a personal message from the hackers.
The way it worked was that a virus took control of centrifuge controls in facilities across Iran, causing thousands of machines to break.
Some estimates suggest the cyber attack set Iran back years in their development of nuclear weapons.
With that being said, the hackers weren’t content with just crippling the country’s nuclear efforts. They wanted to show their control in another way.
To do that, the hackers hijacked the facilities’ workstations and used them to play AC/DC. And they played it loud.
According to one of the Iranian scientists working that day, “There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was the American band AC-DC Thunderstruck. It was all very strange and happened very quickly.
The ironic part is, under the Iran’s strict censorship laws, only Iranian folk, classical, or pop music are acceptable.
The U.S. did not directly take responsibility for the cyber attack, but considering the attack was focused on disrupting Iran’s nuclear weapons, I’ll let you figure out did it.
Obviously, these days, cyber attacks come in all forms, from all sorts of organizations, whether it’s another government or private hackers looking to steal personal information.
When it comes to cyber attacks, 95% of cyber security breaches are due to human error, most commonly involving a weak password.
To make matters worse, the average cost of a single data breach in the U.S. is more than $8 million.
A report looked at 2,000 confirmed data breaches and found that nearly 30% of those breaches involved the use of stolen log in credentials.
Without a doubt, passwords remain one of the most vulnerable aspects to our online security.
In fact, passwords are such a security liability that many big tech companies including Microsoft, Google, and Apple want you to stop using passwords.
Here are a few examples of why they want you to ditch your passwords and what they want you to do instead.
Passwords are a big headache. The average office employee must keep track of between 20-40 login and password combinations.
In other words, with that much information to remember, most people will use the same password for multiple logins.
Another thing is, the typical 8-character password can be figured out in less than 1 second using certain computer software.
When you have so many passwords to remember, people often pick short, less complicated passwords so they can remember them all.
Another problem is passwords are universal, meaning they can be used by anyone and don’t require any other information to gain access.
Waste of money. Passwords issues are very costly for companies and simply waste money.
Generally speaking, a typical employee contacts an IT help desk somewhere between 6 and 10 times a year on password related issues and the average call costs a company about $50, including wasted employee time.
If you just do the simple multiplication of six to 10 times, times $50 per call, times number of employees in an organization, you’re talking significant amounts of money spent resolving password related issues.
Now, that’s only dealing with employee passwords. If you add in the amount of time resetting customer passwords the numbers would skyrocket even more.
In fact, Microsoft spends nearly $2 million a month, just assisting customers with password related issues.
Biometrics. Biometric authentication uses face, fingerprint or iris scans to quickly confirm a person’s identity.
Basically, when you use Touch ID on an iPhone or similar device, you are using biometrics to log in.
Currently, 90% of Microsoft employees are able to log in to their work computer without using a password, instead using biometrics.
Companies such as Microsoft and Facebook are trying to get rid of passwords completely in the offices, and they hope to convince customers to do the same.
The reality is, the way we login to our devices and online accounts will always be evolving, and in the near future many companies will push for stronger authentication than only passwords.
The challenge will be getting the general public to adjust to new methods of logging in without passwords.