Identity Theft in 2013: The Battle for Your Data

Dec. 23, 2012 — -- In 2013, we'll have to make a choice: Either we acknowledge we're at war and push back hard, or we keep pretending nothing's wrong -- and pay the price.

In the coming weeks, as we've seen every year for the past six, there will be endless reports detailing the digital dangers and identity threats lurking in every corner of our highly networked universe. But to what end?

Despite considerable coverage and legislative initiatives, identity theft, cyber warfare, and the death of privacy at the hands of hackers and hyper-marketers are barely on the public radar. People say they care about identity theft but they don't really understand it. Except for industry players, technocrats, and a handful of politicians and consumer advocates, few seemed moved to action.

Frankly, this situation is insane. Practically every day, someone flags risks and makes dire predictions -- all deadly accurate, by the way -- but unless there's a class action suit pending, or an entire grid in darkness, no one seems to give a damn. Check your credit report? Only one out of five really do. Encrypt your database? "Encryption is hard." Friends, the barbarians are no longer at the gate, they're in our homes eating off our best china -- yet we can't be bothered to deal with them. The signs of things to come are everywhere -- but like a man crossing a highway blindfolded, we refuse to see what's coming.

This year the situation must change. For the next few minutes, I invite you to take off the blindfold and look reality right in the eye.

A war is being waged both here and abroad against our people, our economy, our institutions, indeed, our way of life. But until we take that seriously and respond strategically, we're in for a serious can of whoop-ass. Even a fool can see where the enemy is headed, but for some reason the cavalry doesn't seem up to the task of heading them off. As with all things in Washington and corporate America, folks are talking the talk, but few are walking the walk.

Here are a number of battlegrounds where the fighting will be fiercest in 2013:

Mobile devices. That smartphone in your pocket is one mother of a data storage device, and it's like a bull's-eye on your back. We use them to communicate our most intimate (and sometimes highly inappropriate) thoughts, figure out where we are, telegraph our next move, as well as check bank balances, deposit checks, even file taxes. There's a gold mine behind that touch screen. Users may not realize how exposed their data is (I dare say most don't use password-protection or remote data wiping in case of loss), but criminals know the weak spots, and they're making mobile exploits a high priority.

One scenario to watch for: a malicious programmer sneaks a malware-bearing app past smartphone gatekeepers and millions of users realize the honeymoon is over.

Note that Europe already suffered the first large-scale attack on financial accounts via mobile phones: Eurograbber, a mobile SMS keylogger scam that pumped 36 million euros out of 30,000 European bank accounts. Make no mistake, we're next.