by Linda Fifield
STARtech21 opened with “The Basics of Cybercrime and Cybersecurity” by Shoba Pillay, Partner, Jenner & Block. I was riveted the moment Attorney Pillay started speaking. The bad guys are out there. We need to know what to look out for and what tools we need to protect ourselves from becoming a victim.
We’ve all read about the security breaches with Equifax, Yahoo, Marriott, healthcare systems, schools, federal agencies, and the like. What are these cybercriminals looking for? How does this impact the individual, companies, or government agencies? By what means are these companies getting hacked?
The Equifax breach occurred between May through July 2017. They discovered the breach and reported it in September 2017. Roughly 143 million people were affected. The hackers grabbed credit information that consisted of names, addresses, DOB, social security numbers, driver’s license numbers, and credit card information. How could this possibly happen? The hackers knew of a vulnerability in the software that Equifax and other companies were using. Equifax’s delay in updating the software allowed the hackers in.
We, ourselves, are open to phishing, malware, and bots every day we open our email or surf the net. Phishing emails are sent from “trusted” companies hoping we’ll react to a link. A common hack is an email from a trusted vendor like Amazon thanking you for purchasing an item for $50 or UPS asking you to track a package. When you didn’t order anything or if you did, their hope is that you’ll click on a link to investigate the purchase. Best case scenario, DON’T click on the provided link. Go straight to the vendor website and check your information from there.
Malware is a file that is downloaded onto your computer or smart device via a link or opening of an attachment. It can take over and infect your computer and network. A type of malware we’re all too familiar with is Ransomware. Hackers are relying on one employee within a business to click on a bad link that puts a company network up for ransom. You pay them back in untraceable Bitcoin, and they release your data. Hospitals, schools, and government agencies are often victims of this type of malware. What precautions should you take? Have offsite redundant backups of your server. If you get hacked, chances are that you can restore an old backup. You might have lost some current data, but you aren’t victim to being locked out of your computer and/or paying the ransom.
Bots a/k/a web robots are considered the most dangerous threat on the Internet. Bots take over multiple computers and smart devices, often without your knowledge, to create a large network of computers to deliver spam, steal passwords, bring down networks, etc. Oftentimes you don’t even know that you’re infected. They use the network of computers to carry out distributed denial of service (DDoS) attacks. The worst can actually take down websites. One of the most notable cases involved Elon Musk’s Tesla. Make sure you only go to trusted sites and always keep your antivirus software updated.
The deep web is an “invisible” web that people who don’t want their activities tracked by traditional search engines visit. One small part of deep web is the dark web. The dark web is primarily used for illegal activities: illegal drug sales, murder and maiming for hire, hacking software for sale, sale of stolen credit cards and passports, child pornography, and peddlers. These sites are often monitored by federal agencies, but it’s still scary knowing that something so sinister is out there. Pretty disturbing.
Technology and the WWW is a wonderful thing. Without it, we wouldn’t be able to provide the services as a court reporter to the legal community. It allows us to provide realtime, conduct depositions over Zoom, and create backups in the Cloud. Unfortunately, there are those individuals who abuse the technology for financial gains, the stealing of intellectual property, and black market sales.
Best advice of the day: Keep your software updated, keep regular backups, install good antivirus/malware software, don’t share personal information, don’t search nefarious sites, and Don’t Click the Link!!
Published in the STARdotSTAR Summer edition.