An international study of cyberattacks has discovered discrepancies based on race and gender.
The research by Malwarebytes, Digitunity and the Cybercrime Support Network based on a survey of 5,000 people in the United States, United Kingdom and Germany found that Black people, Indigenous people, and People of Color (BIPOC) are more likely to have their identities stolen than White people, 21 percent compared to 15 percent.
Those minorities are also less likely to avoid the financial impact of a cyberattack, with 47 percent able to skirt the financial consequences of an attack, compared to 59 percent of all respondents participating in the research.
Women, too, suffered, in some ways, more than men from cyberattacks. For example, women whose social media accounts get hacked are more likely than men to have the attack result in someone sending suspicious messages to friends and family, 48 percent compared to 43 percent.
In addition, nearly half the women in the survey (46 percent) noted their social media accounts had been hacked, compared to 37 percent for men.
Not a single person in the survey was able to avoid suspicious online activity, no matter their gender, race, age, income, or education level, the report revealed.
“Though not enough people, overall, believe that the internet is either a safe or private place to spend their time, women, BIPOC, and younger generations showed even lower rates of feeling safe or private online,” the report observed.
Women also feel less secure online, the researchers found. While nearly half the men in the survey (49 percent) felt “somewhat” or “very” safe online, only 37 percent of women felt that way.
“The reasons for this could be many,” the researchers wrote, “but when looking strictly at the data, more women suffered from some types of suspicious online activity than men.”
Money, Access Problems
Money and access to secure services are prime factors contributing to higher rates of identity theft among Black people, Indigenous people, and People of Color, maintained Paul Bischoff, the privacy advocate at Comparitech, a reviews, advice and information website for consumer security products.
“BIPOC tend to make less money and have lower credit scores, so it’s not because they’re more lucrative targets,” he told TechNewsWorld.
“Making less money means you might not be able to take advantage of antivirus, a VPN, credit monitoring, or identity theft protection,” he explained.
“But it’s not just about what protections you can afford. It’s also about the security of services you use,” he noted.
“If the school you attend, place you work, or hospital you visit is strapped for cash, cybersecurity is probably not their top priority,” Bischoff observed.
“It’s also important to note that most identity theft is carried out by people whom the victim knows personally, such as a child, sibling, or caretaker,” he added.
Ron Bradley, vice president of Shared Assessments, of Santa Fe, N.M., a consortium of corporations, IT service providers and assessment firms, agreed that access is an issue in BIPOC communities.
“I believe this comes down to a matter of access to resources and education,” he told TechNewsWorld.
“In general, BIPOC users of technology have less access to quality technical resources,” he said.
“Often times they may have no other option than to use shared or sub-standard computing devices,” he continued. “This, by its very nature, leads to a higher risk of compromise.”
“On the education point, the challenges are similar,” he added. “BIPOC people are not as likely to receive the same type or level of cybersecurity awareness training as others due to the types of jobs they perform and income levels.”
Ignorance of Security Tools
Researchers acknowledged in the report that they were shocked more than two out of five of the survey takers (21 percent) were neither “familiar” or “very familiar” with antivirus tools, including VPNs and password managers.
“Not being familiar with antivirus is a little surprising,” Bischoff said. “I’m not surprised more people haven’t heard of VPNs or password managers, as those are newer technologies.”
“This is not at all surprising,” Bradley declared.
“By nature,” he said, “humans are complacent when it comes to technology.”
“It’s just like driving a car over the speed limit,” he continued. “Computer users want to get to wherever they’re going, as fast as they possibly can, without regard to the checks and balances which keep them safe on the internet highway.”
Archie Agarwal, founder and CEO of ThreatModeler, an automated threat modeling provider in Jersey City, N.J. suggested there may be a connection between lack of knowledge about security tools and fear of the internet.
“Fear often comes from misunderstanding and feeling ill-prepared,” he explained.
“Women and BIPOC respondents feel less safe online and who can blame them?” he asked. “Theyre not only more likely to be on the receiving end of online malicious activity, but the financial implications and overall stress is far higher for them.”
“On top of that they are less familiar with cybersecurity tools and less likely to use them,” he said. “This is a total failure of communication on the part of the cyber security industry.”
“The industry can learn a lot from this survey,” added Heather Paunet, senior vice president at Untangle, of San Jose, Calif., a provider of comprehensive network security for SMBs.
She explained that many security solutions seem targeted to large businesses, or IT professionals, and out of reach for the average user.
“The survey emphasizes that cybersecurity tools need to be consumer friendly, and usable for even beginner users,” she noted.
“While the industry assumes that everyone uses technology daily and is familiar with it,” she continued, “the pandemic pointed out that there still is a large digital divide, and many people are adopting technology for the first time.”
Paunet added that the industry also needs to provide education on cyber threats and solutions, and it needs to target groups with specific messaging to their concerns and use, as well as offer solutions and support.
“Just as using seat belts has become commonplace, cybersecurity tools should be readily available and easy to implement for everyone,” she said.
Feeling uneasy about online privacy and safety may not be a bad thing, added Bradley.
“There are very few online users that haven’t had their information compromised in one form or another,” he said, “so paranoia is a good thing, and everyone should be taking a dose of it with their morning coffee before they touch that screen or keyboard.”