Introduction:
For both individuals and businesses, cybersecurity has become an issue of immediate importance. If you have not already been hacked or a victim of a virus, you soon will be. Dangers stem not only from foreign governments and organized crime, but from competitors, as well as local thieves and vandals. Identity theft is a common purpose but is far from the only goal and much damage has been inflicted by experimenting teenagers who simply want to see what a virus can do to the various internet users they chose to experiment upon.
It is estimated the United States governmental agencies currently spend $28 billion annually on analyzing and combatting this issue, up from only $7.5 billion in 2007. Individual companies and consumers spend even more to protect their computer systems and data. It is estimated total cybersecurity spending in the United States alone for 2018 will exceed $66 billion. This will increase in the coming years.
Although all this spending may indeed improve the security of our systems and data in the United States, there are more and more instances in which this security is breached. Face Book announced a security breach in 2018 that affected tens of millions of users. The Equifax data breach occurred in 2017 in which personal information for more than 140 million individuals was compromised. However, many breaches receive less attention and publicity. Since January 2017 at least 14 retailers have reported data breaches, including Sears, Best Buy, Delta, Saks Fifth Avenue, Lord & Taylor, Under Armor, Panera Bread and Whole Foods.
This article shall provide practical advice that one should take to increase security.
The Basics:
Something about having a “personal” computer seems to affect the thinking of most people. People seem to feel that the fact that the screen is designed by them and used for family or personal communications somehow makes it more private than speaking on a street corner. That is untrue.
Any computer connected to the internet is relatively easily accessible to experienced and intelligent hackers. Do not consider your screen as safe. Sooner or later, it will be probably be compromised and your data accessed by strangers. You can increase your degree of cyber security, but you can never guaranty it since your “opponents” are spending a great deal of time and effort (and money) devising ways to invade your privacy and gain access to your information.
Assuming you do not use the internet, you can achieve security since others cannot access your drives. However, almost no one in today’s world has computers off line, and even those that do often have “smart” phones which are, after all, often simply handheld computers that usually use the internet.
The ease of use and advantages of using the internet means that most people will stay on line. The real issue is, how to maximize your security while still on line.
Consider taking the following actions to improve your cyber security.
1) Freeze your credit at all three of the credit reporting agencies. That way, if someone does access your accounts and you end up in a fight with the credit bureaus or agencies as to what is a valid charge, your credit is not compromised during the fight.
2) Annually request your credit report from all three credit reporting agencies and close all unused credit card accounts. (Do keep at least two credit card accounts if you wish to maintain a good credit rating and do not use all the available credit and pay it off each month if you can.)
3) Maintain up-to-date firewalls, antivirus software and anti-spyware software on all computers, including laptops. Update frequently. Mark on your calendar when it is time to update. Ignore unsolicited efforts arriving on your screen recommending updates: often those are the very people seeking access to your computer to install a virus or obtain information. NEVER OPEN AN ATTACHMENT UNLESS YOU KNOW THE SENDER.
4) Ensure your home router is password protected and that you are not using the factory supplied password.
5) Do not save passwords on your web browser. Do not save security question answers on your web browser.
6) Make sure all computer devices have up-to-date operating systems, including your smart phones. The various companies, in a constant race with hackers, upgrade their protections often, at times monthly, and you will not receive the protection the upgrade provides if you do not ensure you are using the most up to date operating systems.
7) Use “strong” passwords (i.e. at least 12 digits in length with upper and lower-case letters, numbers and special characters) on all computers and sensitive files. Worried about forgetting them? Write them down and put them in a home safe, not on your computer.
8) Do not email unsecured files with sensitive personal data. Never send financial information via unsecured e mails.
9) Set-up dual authentication for access to certain websites, when possible.
10) Have conversations with children about accessing online information through the home network and setting up parental controls on installing new software. If you have house guests, have the same conversation with them if they ask to use your computer.
11) Avoid using public unsecured WIFI access.
12) Do not click on spam or other unknown links and attachments in emails. Beware spam which claims it is from a friend or relative. One of the first steps a hacker will use is to commander the internet and e mail identity of a person’s machine and if your friend has been hijacked, opening that e mail from him or her will contaminate your own machine. Your friend will not even know it is happening since the e mails sent out from his or her machine may occur almost instantly. And, of course, your own machine will then be doing the same thing to your own friends and family once contaminated.
The Coming Collapse of the Cloud.
Every government in the world and many terrorist organizations are seeking to develop computer software that will have the internet collapse entirely. We see some governments “testing” their abilities several times a year when large retailers, banks and even military organizations report collapse of various systems, either due to “overuse” or a virus. We know that China, Russia, Iran, and ISIS all had allocated departments and large resources devoted to determining ways to have the web collapse.
And it is important to note that the United States has also allocated resources to the same goal as well as countermeasures.
It is easy to see why the internet will be an attractive target for our enemies. The economy, from financial institutions to manufacturing, all depend on programs in the cloud. Economic data, maintenance data, governmental data is all stored on the cloud. If one wanted to hurt our economy, what better way than to have the cloud collapse for a week or a month?
Consider: you would not be able to access any of your accounts except by going to the bank-but the bank, itself, would not be able to access your accounts either. All ATMs would be down and your proof of what you have in your account-is in the cloud. That is true for all your investments and life insurance as well. How would you prove to your broker that you own a stock? How would you prove to a bank what is in your accounts? Neither you nor the broker would have access to that information.
You could not use your credit card, which uses the cloud to store all transactions. You could not buy anything except by using cash-and your access to cash would be limited.
In short, our entire economy and your entire own personal economy would be at a complete standstill and only those with cash would be able to engage in transactions.
What would you do? Without cash, you can buy nothing and there would be no way to know if your access is reestablished in a day, a month or a year.
Worse, a clever enemy would take measures to erase data as well as make it temporarily unavailable. Imagine if all information as to your accounts, from investments to cash in the bank, was erased by a well-timed attack on the financial institutions or stock exchange information data base. Would that not be a telling blow to the United State economy?
Nor is “deterrence” very effective here. Terrorist organizations would not be harmed by accounts being erased since both they (and certain governments) would have taken precautions to safeguard their own accounts or have no monies in our institutions in any event.
This is not science fiction. This scenario is considered likely by many defense analysts but perhaps more telling, there seems to be no particular reason why such actions would not be taken to confound the United State economy.
It is clear that a wise precaution is to create paper records of key accounts and investments, keeping them up to date weekly or monthly, and storing them in a locale that is secure. To be able to prove what assets you have where may be critical and paper records may be the only way to do that.
It is equally wise to keep cash on hand sufficient to handle several weeks of accounts not being available via banks or ATMs. One client known to this writer keeps several hundred thousand dollars hidden in his home, not because he thinks he will need it for day to day expenses, but because he thinks that if this scenario comes true, he will be able to buy other assets at a bargain rate since people will be desperate for cash.
A far more common “nest egg” is several thousand dollars, sufficient to buy the necessities of life, such as food, fuel, and the like, for a month or two. (Since the financial institutions will not be able to process payments in such a scenario, such matters as house payments or car payments would have to wait until service was restored in any event.)
This scenario may never occur. In that case, one would lose the interest earned on the cash held in reserve and will have lost some time in making paper records. That is cheap insurance to pay for what could be a catastrophic event.
Conclusion:
It is going to get much, much worse. The same thing that makes all retailers desperate to find out data as to what you purchase and what you like encourages criminals to seek that same data to steal what you own. Industry wants trade secrets. Governments want military and diplomatic secrets. Enemies want to bring the entire system down to wreak havoc with our economy and defenses.
While government and industry will fight back, the simple fact is that it is up to you to protect as much of your own data as you can and prepare for the possible success of hostile forces in making the cloud inaccessible for a day, a week, months…or longer.
You can do it now relatively easily. To recreate your data after the blow hits may be very difficult. It may be impossible.
As the boy scouts say: Be Prepared.