Well, once again it is that time of year where ghosts, ghouls, and Spider-man roam the streets for candy. This Halloween, I dressed fashionably as Sherlock Holmes with pink, fuzzy Bunny slippers. I tried to get my wife to go as Watson, but the look I received had me shivering in my boots reminding me that there are so many kinds of fear. I don’t think she appreciated my dedication to the Holmes-ian lore. So, while I was passing out candy, I pondered that many of us might be getting goosebumps from all of the Hacking going on in the world
This led me to ask the question. Why is security such a nightmare?!? Most of us find ourselves beholden to Windows Updates, Antivirus Updates, Anti-Spam updates, and Email Spam filter systems. In the pool of never-ending updates, sometimes we feel as though we don’t truly have a grip on the state of our own security.
If you don’t run a modern security tool, you live in Cyber-fear. Today we live in the age of Cyber-warfare. China hacks the US…the US hacks China…Russia hacks the US…we hack back…and everyone disavows that any of this is actually going on. It can make you feel pretty powerless.
However, the one thing *every* hack has in common is lack of preparation and carelessness.
So…Let’s break it down.
Just like in any crime, criminals need a door (or a Window). People who wish to steal or harm in the cyber-world need an entrance. Don’t give them one.
- Have a proven Anti-virus application. Yes, free ones are just fine. AVAST, AVG, etc. All are good choices. A good A/V isn’t 100% fool proof, but it will let you know if something isn’t quite right.
- Know yourself and the people you interface with. A lot of bad guys come in through email by sending unsuspecting users emails that trick them into going somewhere on the Net they wouldn’t normally go.
- Use LOW TECH. If you get a suspicious email, before you open it, text your buddy or give them an old fashioned phone call to see if it is legitimate. This is especially important if it is outside of their normal behavior.
- Be extremely careful on networks you don’t know. If you travel, don’t just use any WIFI. If you are visiting a Hotel, make sure you are using only their WIFI and that they provide the password to you. Rouge WIFI in a public place is a common hacker trick. They setup an access point and pretend to be the hotel. If you get a funny feeling, don’t ignore it. Use your Cell Phone in HotSpot mode. Be safe.
- Use encryption. If you travel and use networks other than work, home, or school, you must use encryption. If your email client isn’t setup to use Encryption, then remove the account and set it back up with encryption. Hackers steal passwords over unencrypted email all the time. If you run Exchange, you are already protected. If you use another email program, make sure you checked the SSL or TLS box when setting up email. This is especially important on your phones as well. If you don’t know, Ask your friendly neighborhood IT guy or gal.
- Do not download stuff you wouldn’t otherwise. No matter who tells you. Vet it thoroughly. You know what tools you need.
- Don’t be Social Engineered. There is a rash of calls where people are calling folks and pretending they are Microsoft and they need to go download some tool for them to get protected. They then find out they are “infected” and have to spend $50 – $100 for the tool to save them. “Hmmm….I don’t think I had a virus until I downloaded the tool you gave me….Wait a minute?!??!” If you don’t know what Social Engineering is, go read a lot about it…TODAY!
A lot of you out there reading this article will think that you aren’t worth hacking and even if you do get hacked, there is nothing of value. Just a bunch of the photos of the kids. Don’t be fooled.
If you work for a small dry cleaning firm and work with the customer list, how much is that customer list worth and to whom. It might not seem like much to you, but your competitor across town might pay a pretty penny for that list. Yes, that makes you a prime target …. for someone.
In Information Age, it’s all about information. Yours, mine, even your mother-in-law’s. Information is power. Protect it. If you ever doubt the power of information, just ask Google.