Russian playwright, Anton Chekhov once wrote that “You must trust and believe in people, or life becomes impossible.” While trust is essential to people’s interpersonal relationships, the possibility of abusing this trust is always present. Thus, as former President, Ronald Reagan said, we must “trust but verify.” When examining the world of hackers and those who have been hacked, it is my opinion that the reason most hackers can hack, and individuals can be hacked begins with the realm of “trust.”
According to Kaspersky Lab’s in Q1 of 2018;
- Kaspersky Lab solutions blocked 796,806,112 attacks launched from online resources located in 194 countries across the globe.
- 282,807,433 unique URLs were recognized as malicious by Web Anti-Virus components.
- Attempted infections by malware designed to steal money via online access to bank accounts were logged on the computers of 204,448 users.
- Ransomware attacks were registered on the computers of 179,934 unique users.
- Our File Anti-Virus logged 187,597,494 unique malicious and potentially unwanted objects.
- Kaspersky Lab products for mobile devices detected:
- 1,322,578 malicious installation packages
- 18,912 installation packages for mobile banking Trojans
- 8,787 installation packages for mobile ransomware Trojans
In this article, I will examine the psychology of “trust” but not “verifying” on the side of the person who has been hacked. It is my contention that there are 4 main reasons that a person is open to being hacked.
Reasons people are hacked:
- They trust too much
According to Statista, 262.68 million computers were shipped in 2017 with another 259.39 in 2018. Furthermore, there are approximately 2 billion computers in use around the world, and these computers are bought by millions of people who just want to plug their computers into the outlet and start working on them. From my own experience, I have noticed that most people come into stores like Best Buy and have no idea what they are looking for or even what a computer can do. This is also true when people emotionally buy on Amazon without first figuring out what they want or need. Once plugged in, these same individuals trust that whatever they purchased is up to date and thereby they aren’t aware of the hacker atmosphere that is all around them, both within programs they download and online as evidenced above. The combination of trusting in what the “salesman” told them and being guided by their inner cognitive trust in what they have been told is a recipe for computer disaster.
The Psychologist, Eric Erickson in his 8 stages of development wrote that trust is part of our psyches from the time of infancy and this continues with us during our adult lives as well. Thus, we trust in what we are being told, thereby opening ourselves to being deceived. Without doubt, our trusting nature is a large reason for hackers being so successful in attacking our personal information and online lives.
- They don’t verify
It is easy to verify information that one receives, yet all too many people don’t do it. We receive emails that look legitimate and we open them, we receive phone calls from the “IRS” and think they are real, and through these methods and many more, identities are stolen, and financial loss is close to follow. Once again, it is our trust that gets in the way of our safety. There are numerous online tools that can help a person verify the information they are receiving is real and legitimate. However, we trust our computers to do this for us, often without even knowing if we have a program that can remotely offer us assistance.
I believe that in this specific case, Blockchain Technology can offer solutions. For it would allow individuals to build identity profiles that are verifiable and immutable. Presently, there are companies such as Evemym out of Utah City and the Illinois Blockchain Initiative that are already working within the field of blockchain identification. Undoubtedly, this trend will continue, however the outcome of these projects will not come to fruition or help against hacking until the individual user starts to verify the information that they receive. It is beyond my comprehension how individuals can spend time making sure a supermarket coupon is still in date, but they can’t check if their own personal security is up to date.
- Lack of Knowledge
According to McAfee and the Center for Strategic and International Studies (CSIS) the likely annual cost to the global economy from cybercrime is $445 billion a year. A large part of that is due to a lack of education when it comes to hacking, cybercrime and identity theft. There is a quote about education that says, “education is not preparation for life, education is life.” (John Dewey) If this is true, and I believe it is, the average computer user is not “living” well, rather they are “living on the edge” of being hacked. Computer education is available at the fingertips of millions through the internet, however all too many people don’t take advantage of this. Thus, instead of using this information to protect themselves, they are opening themselves to being hacked. Once again, it boils down to trusting their environment instead of educating themselves.
The fourth reason why people leave themselves open to being hacked is pure laziness. It is much more interesting to play a game on the computer, watch Netflix or just surf the net, then it is to take time out and learn a new skill. Society has become one where reality television has drawn us into living in a false reality. Thus, the problems of the world and its answers lay within the boundaries of our screens. It takes much less energy to watch the Real Housewives of Atlanta then it does to ensure that one’s own life is safe and protected. There is a French Saying, “Lazy people are always eager to be doing something,” the only problem is that “something” is nothing. This “nothingness” allows hackers to enter an individual’s domain without people even realizing it. Why? Because they are to lazy to care. For they trust that someone else will take care of the problem for them. Often, those who are lazy trusted the computer out of the box and never thought about it again, and thus are often the victims of hackers.
While, it is my contention that human behavior plays a large part in hacking, we must admit that there is also a randomness to being hacked as well. For there are times, when a person has taken all the steps to protect themselves and they are just bystanders in a larger hack. For example, their passwords are stolen on a e-commerce website or a vendor that they have done business with is hacked and they become a third party to that hack. 0Days, or previously undiscovered flaws can also occur, however these sorts of hacks are not what this article is narrowing in on, for issues like those are beyond a persons individual control while the 4 categories above can be fixed through education. Once this occurs, a significant amount of human cause and effect within the hacking hemisphere will disappear.
The above explanations of why people are hacked, is true not only in the private realm. For these same people work in businesses and industries, and when they are lazy with their own security, they are even more so when they are working for someone else. In the end, cyber security companies must learn the psychology of the human being, if they ever want to truly defeat the hackers of the world. For without understanding the human psyche, any security program will always be missing a key component in its arsenal of defense.