Quote of TRUTH: “Security is always excessive until it’s not” – Robbie Sinclair
There was this really cool conference kind of meeting that happened on September 19, 2018, at the University of La Verne. Its main purpose was to teach small business on how to develop themselves. There were plenty of things that they taught like about trade, foreign investment, government contracts, and more. BUT, in this blog, we will be talking about cyber threats.
Ikr sounds super mind-boggling but its OKAY because I shall explain more.
Also before we continue I just need to point out that the speaker for this part of the conference was an FBI Special Agent. super. duper. cool. I know.
OKAY, let’s actually start this.
So, what is the meaning of cyber you may ask? It is of, relating to, or involving computers or computer networks ( as the internet ).
We use devices all the time nowadays don’t we? And, the problem is that every individual with a smartphone are targets for potential hackers.
We can break down Cyber threats into these five categories: (this will be from least problematic to more problematic, but they are all still a problem)
So we have good news and we have bad news…..
I’ll tell you both, starting with the good news:
Down for 2018, so far:
- Government Leaks
- Major outages
- Global ransomware attacks
However for the bad news:
Up in 2018:
- Corporate data breaches
- Critical infrastructure failures
- State-sponsored hackers
- Internet of Things Attacks
- Business Email Compromise
Okay, so the cons may be, slightly, a bit outweighing the pros but I have gathered information on what can be done to level the playing field. If that makes sense.
Some of the big hacks would include the 2014 Sony Hack. Imagine this being a billion dollar company and all their files were hacked and stolen. This was very stressful for them. Another one would be how hackers got into a Hollywood Hospital and took control of their systems and blackmailed them to give them $17,000 in bitcoin if they wanted them back. In case you were wondering, the bad guys got away with their money as they were paid what they wanted.
These are examples of Ransomware.
RANSOMWARE? I’ll explain. It is 1) a very big threat and 2) kinda really scary when it happens. In other words, this is a type of malware that would ask you for a ransom if you want your files or computer access back. And, if you don’t give the money then there’s a big chance you won’t be getting your stuff back. How is this a very big deal? Well, okay, imagine this. You are driving in your all new and improved-futuristic-technology-filled tesla car when suddenly the iPad on the computer starts to malfunction. A message then pops up and it reads “If you want to have access to your brakes, pay up $120,000 now”. You freak out and hit the brakes but nothing happens and your speed starts to accelerate. Fortunately, you just had the biggest paycheck ever and you were able to make a wire transfer of $120,000 to the encrypted bank account number they’ve given. And, your car then goes back to normal and you safely drive back home. But what happens when you don’t have the money or you’re just stuck in your car because of someone who hacked your car. Very scary and dangerous thing indeed.
Another kind of hacking that seems to regularly occur would be the business email compromise (a.k.a B.E.C). This happens when a hacker gets into your email and tricks you into paying your house, bills, or other things and instead the money gets sent to them. This happens all the time because the email received looks very legit. Especially in real estate. So much money gets lost.
Hackers hijack emails in 4 easy steps:
- They use an email extractor which you can easily access
- Hacker sends a fishing email out to thousands of emails
- They research everything about like how you and the person you are negotiating with speak with each other and the deals made
- The hacker uses the information they found to send the homebuyer a message telling them to reroute their bank account.
Imagine this is how simple it is for them. And yet in the process, there are families out there that lose their life savings because of these evil deeds. YOU need to make sure to ALWAYS check for authenticity. Example of this would be to call up the person you’re making a deal with and double check to see if they’re the ones who sent you an email.
Did you know that the average B.E.C loss is $130,000?
You can actually even buy legit emails for just $11.00 just by looking it up on google. All the hacker needs to do is to buy a piece of software or malware which is just up to $25 dollars to do all this damage. There are tons of people who get victimized as they are unaware of fishing emails sent to them. 91% of cyber attacks and resulting data breaches happen with email.
HACKER: Mistah X
- Victims- mostly women
- Uses the person’s computer camera to record just whatever they do and uses it to blackmail them
- He uses a software
- He was put in jail but was recently released, that means he is out there
HACKER: Christopher Chaney
- Targeted: celebrities
- He had no programming experience whatsoever
Christopher Chaney would use a notepad to list down all the details of a celebrity and open up their emails. Then, he would go to the forget password part and answer the “secret” questions that they give. Since celebrities nearly give all their information to the world it wasn’t that difficult for him to hack into their emails with what he got.
HACKER: Emeka Ndukwu
- Used spoofed domains “typo-squatting”
- Stole about $1 M
- He only had minimal hacking skills
See how these people barely required to have extensive hacking skills yet they’ve done all these? It’s so easy to get hacked which is why cybersecurity is very important. Small business is the target of 58% of all malware attacks which is shown in the Verizon insights report statistics of 2018.
Now, what can we do about this?:
- Have a multi-factor authentication (which is requiring two things to access something, like your email):
- This reduces the chances of having personal information being stolen
- It is free for most devices
- Beware of SIM swap hack
- Backup data on Hard Drive:
- This way you would have your files in a potential ransomware attack
- Have a good password
Remember there is nothing foolproof and it’s so much better to take extra precautions.
Good practices to prevent this from happening to you:
- Multi-factor authentication
- Back your data regularly
- Use strong passwords and change often
- Educate others on this
- Have a network security plan & actually implement it
- Establish a cybersecurity policy
- Conduct tabletop exercise for an incident
- Update your software
- Have a robust process for financial transfers
Even if though these were the tips given to businesses to protect themselves from cyber threats, you should use these too to protect yourself! Spread the word because this is something definitely everyone should be aware of!
don’t forget to smile today (:
© Elizabeth Anne Villoria