It's been an interesting year for security and users. It all kicked off at the beginning of the year with Facebook and Cambridge Analytica causing people suddenly to think more seriously about their data and what they share on social media. In fact, the threat against personal data has been an important theme for the year. We've seen breaches at companies such as Marriott (in December) and British Airways (September) and Under Armour (March). What's interesting about these is that the criminals seem to be targeting all levels of the stack, from the enterprise backend to the web app to the mobile app on people's phones.
And once data is leaked, it will be put to use. There's been an enormous rise in extortion attempts based on account data allegedly used on "adult sites" and hijacked webcam footage. This brings us inexorably to cryptocurrencies. Besides being the payment method of choice for criminals, cryptocurrency has also suffered this year, with a $13.5 million wallet compromise at Bancor in July. Bitcoin has seen huge peaks and troughs as confidence in the currency has oscillated.
Another story that won't go away is hardware. Bloomberg Businessweek published a much-disputed story suggesting that a Chinese military agency convinced or forced Supermicro to insert tiny chips on motherboards for companies such as Apple and Amazon. Whether the story is true or not, it has opened people's minds to the realisation that we have less control over the supply chain than we thought we did. Alongside that was another realisation: chip-related security issues such as Meltdown and Spectre, which were revealed at the very beginning of January, are likely to be joined by a never-ending set of similar or related vulnerabilities that the average user has little capability to mitigate.
With all that said, we've had numerous articles on Opensource.com to help you secure your passwords, containers, and more.