Sad yes, but it was going to happen to someone, as the industry has made a “Target Rich Environment” that includes any and all ICT Systems that connect to external communications like the Internet.
Thus somebody’s number was going to come up and it was this guy’s and he’s become in effect a modern day out cast / leper.
Welcome to the modern world where you are to blame for the actions of others, because you are doubly an “easy target”. It more commonly goes by the name of “victim blaming”.
Oh and if you follow the “usual advice” it’s really not going to change anything with respect to your vulnerability.
So what can you do?
First realise that you are in a “Red Queen’s Race” where no matter how hard you try you are eventually going to loose.
Thus as expressed back in the 1983 movie War Game’s the only way to draw or win is,
“A strange game. The only winning move is not to play.”
So think on that carefully then reread the article.
Two things you should see and note,
1, Most security products are to fragile to work reliably.
2, Lack of mitigation by segregation etc enabled the attacker free reign.
But let’s be a bit more blunt,
“Adding junk software won’t noticeably strengthen a badly designed system, in fact it will probably make it break more easily”
Which is the history of most consumer and commercial security products. With even higher security products for “Government Agencies/Entities” failing on a regular basis.
In part because,
“All the consumer and commercial systems are broken by design”.
And it gets worse because,
“Most ‘security tool’ software/Apps and devices since the early AV days back before the 1990’s Internet kicked off were ‘junk’ and still are”.
Because there was and still is little or no incentive to make them otherwise. In fact it’s easy to find reasons why they are kept at junk status by considered design.
You get told you “have to have” AV / FireWall etc etc etc. So you have to “buy it” or as you are told “be at risk”. What they don’t tell you is buying it usually does not really change your “risk profile” except adversely.
So you are in effect a “captured market” that is seen as “something to milk dry” by the producers who have no incentive to do a proper job as that would “kill the profit”.
Have a look at Alphabet/Google and the Android and the Chrome Browser products. They very deliberately stop you having any type of effective security of worth, because they make most of their revenue by selling you as a product… Because you would not be a profitable product if you had effective security.
Some do try, which is why Alphabet/Google have forced not just Identifiers you can not change or stop being broadcast onto your devices, they are yet again changing things to stop effective security products from working,
You can read more on this at,
https://www.theregister.com/2025/03/04/google_android/
So when you actually get down to it you realise the only way to improve your security is by,
“Using effective segregation mitigations”.
Anything else is just not going to work for you, long term, short term, or now…
The only things stopping you getting completely violated are,
1, Your turn has not yet come up.
2, When it does and it will you have ensured there is nothing to steal or ransom.
3, Anything of importance is not connected by communications thus can not be reached by external attackers.
Which unfortunately leaves another issue,
4, Employers acting as inside attackers.
Yup due to lockdown employers forced many employees to install irremovable junk on the employees personal devices as an extension to the ludicrously insecure “Bring Your Own Device”(BYOD) nonsense.
Leave feedback about this