Phishing attacks in your computer email are getting more sophisticated and dangerous. Just ask the folks at Google, where a hack earlier this year exposed information from Cisco, Luis Vitton, Adidas and other big companies.
And as happens every day, the catastrophic data swipes were done using phishing techniques, tricking Google employees into downloading malware that opens the door to the company's data systems.
As the CEO of the data systems company Syntriqs (pronounced SYN-tricks), Damien Fortune, puts it, if all that's needed for data access is the system okaying one employee's entry, "once you have those legitimate credentials, if you don't have things like multi-factor identification turned on, you're kind of giving away the keys to the kingdom."
The hacking group called ShinyHunters was able to trick a Google employee into clicking on an email that resulted in a hacking raid of data from the Salesforce database, releasing information from a number of businesses.
Regular Gmail data was not compromised, Google has said, but the techniques used by the hackers were more sophisticated than most.
As we enter the age of pervasive artificial intelligence, hackers will be using not only more sophisticated ways of getting at data, they're also expected to continue using their old tricks -- overall, that makes it harder to guard sensitive data.
"Always use two-factor identification," Fortune advises, "for any service that's important, whether it's your banking information, your healthcare information, your employment information, things like that."
But why does it seem like the bad guys always manage to stay a step ahead of security arrangements?
Fortune explains it as if it were a metaphor for the eternal fight between good and evil, making it all the more real and true:
"The big thing is they don't have anyone standing in front of them, right? You know we have to deal with regulators and certifications and things like that, whereas the bad guys can keep throwing spaghetti at the wall to see what sticks."