This appeared in print as part of the story “Best Laid Plans” In 2007, the City of Columbia’s visioning document suggested that council...
Rarely does anyone tell you to watch TV to learn anymore, but, this month, I would highly recommend watching USA Network’s “Mr. Robot.” The show follows a young programmer who works in cybersecurity by day and is a vigilante hacker by night. “Mr. Robot” does an excellent job of showing how business and personal information is compromised.
An important note is that there are people who have devoted their careers to being ethical hackers. These people have the knowledge and tools to perform many of the tasks depicted on this fictional television show for evil, but instead work behind the scenes at businesses to ensure our data is safe and to help find bad guys trying to hide in a digital world.
So what can actually be learned about security from characters who are trying to destroy a large corporation via hacking?
It’s challenging to list all the ways that we give away our own secrets, but let’s summarize two. Hackers like if you share lots of information on social media. It’s really easy to gather information about you that might be the basis for your password (pet, spouse, birthday) or reveal your favorite financial institution. Protect yourself from social engineering attacks, where hackers attempt to capitalize on fear and create a false sense of urgency, which lowers your guard so you give them exactly what they want. When you get an email from your bank insisting that your account has been compromised and you must log in to fix it, make sure you verify that request with a phone call.
This could be a whole article (it’s been requested), but since about 1 million people have already written that article, I’ll just summarize and provide a couple of links. Random passwords are better than predictable ones (avoid dictionary words). Longer passwords (12 to 15 characters) are better than shorter passwords, as they take longer to crack with brute force attacks (programs that quickly guess many passwords). Hackers that have a base of information about you can add that information to brute force programs to guess your password more quickly, many times in just minutes. Complex passwords that contain uppercase letters, lowercase letters, numbers, and special characters (like #$!) are better. Struggling to remember all your passwords? Invest in a password manager so you can just remember one good password to gain access to all the other great passwords you have created for other sites.
Public Wi-Fi has been a fantastic way of not going over on your data plan; however, these networks lack security. Everyone seems to have a smart phone and a laptop, which are really helpful and remember all the Wi-Fi network’s connections. Unfortunately, hackers know this, and they’ll setup fake Wi-Fi networks named for your favorite eatery, public library, or airport. Your laptop or smartphone will automatically connect to them, and then hackers can monitor and read all of your traffic. Ensure that the data you are accessing or sending from a public network is something that you would be okay with anyone seeing, or talk to your IT professional to ensure your communication methods are secure. Many programs and websites today utilize encrypted connections (Check for HTTPS websites), making the data very difficult to read, but unless you know which ones, just assume that someone else can read what you are doing on public Wi-Fi.
Ransomware is a type of virus that, instead of destroying your data or damaging your computer, actually locks you out of your own data. The creators of these viruses have come up with an incredible way to make money at your expense. These bad guys have figured out that they don’t really need your data, but they know you want your data. The programs they create typically come in the form of a download link in an email or from a legitimate website they have compromised. Once the program enters your computer, it encrypts all your data and then asks for a ransom to decrypt (unlock) the files. A couple of recommendations: keep software up to date and invest in your backup. My company has prevented paying a ransom on more than one occasion this year; however, we’ve also spoken to several businesses that haven’t been so lucky.
These are just a few examples of how a television show can make you more aware of how computer and information security can be compromised. Hopefully, you can use this information to help protect yourself and your business.
Matt McDermott is the owner of 43Tc and a guest writer for CBT.