MAL-WARE RATS

By  |  0 Comments

The issues regarding cybersecurity and how to (possibly) prevent them.

Photo_elhombredenegro

Image: flickr/elhombredenegro

It seems to be something we take for granted these days. You buy clothing at the mall, groceries at the supermarket or maybe even a big purchase like a new car. You take out your debit or credit card, swipe it and the next thing you know….

 

You might be out a lot of money. Or worse.

 

Just as old as the internet itself, the issues with internet security are still very much around and they are only getting worse.

 

The past two years in particular have really shown the vulnerabilities in this arena as some of the most important institutions in this country have been struck by cyberterrorists and in some cases, hit very hard.

 

These recent attack began back in January 2013 when a group of Chinese hackers went beyond the paywall of the New York Times databases. During the holiday season of 2013, a series of attacks struck several major retailers including Michaels, Target and Home Depot, downloading all types of credit card data and affecting millions of customers. A large percentage of those customers now refuse to shop at those locations anymore due to the compromise of their personal data.

Photo_Charlie Collis

Image: Charlie Collis

 

 

 

Then there was the case of “The Interview”.

 

Whether it was a group of North Korean hackers or a disgruntled ex-Sony Pictures employee, we may never know. What we do know is that the various hacks inside of Sony’s infrastructure affected both past and current employees as well as numerous others outside the bubble who were connected to the company in one way or another. Conversations of the utmost privacy and internal secrets were unexpectedly revealed, forcing embarrassed executives to release apology after apology.

 

And these are only the publicized attacks.

 

What most people don’t realize is that a cyberterrorist is potentially looking up your data as you read this article. Someone is trying to figure out your credit card number… or your Social Security number. Anything at all to screw with your life.

 

If you thought “Identity Theft” was a movie, you’re wrong. It’s real life.

 

What to do?

 

There’s no foolproof way to completely secure yourself beyond moving to a deserted island and removing yourself completely from all technology. Since you’re probably not going to become Gilligan or the Skipper any time soon, let’s think of what the Professor might suggest. The following may not be the most popular suggestions, but they are the most effective.

 

First… come up with strong passwords for your email, site logins, etc. Sure, everyone wants to have an easy password like “adam123” as opposed to “pr`fHy^TLq;2LyU” (neither of which this writer uses…so don’t get any ideas), but if you truly want to reduce the chance of being hacked and/or compromised, you need a password that isn’t easy to remember, using a series of both capital and lower case letters, numbers and symbols. If you think that’s too confusing, think of those vanity license plates and how they try to combine letters and numbers to relate to a word. For example, you might use something like “Ve5as2LA!” instead of “vegas2la” which is clearly a weaker password.

 

Likewise, when creating logins for sites like WordPress, don’t create usernames like “admin”, which is one of the most used usernames out there and something a hacker looks for first. Once they find that, they only have to figure out your password and boom! They’re in. Don’t let that occur!

 

Also, create different passwords for different sites. Not popular or fun, but if a hacker figures out your password for one site, he’ll try the same for other sites you use. Now, you’ll probably never remember all these passwords, but services like LastPass (www.lastpass.com) can help you by acting like a keychain for all your different accounts.

 

Be very careful about who you give your personal information to. Ever receive an email from your bank saying your account was compromised and requiring you to login immediately for confirmation to their site to provide personal information? The thing is, it’s not your bank and they’d sure like your Social Security number! This scam is one of the biggest out there and could involve your financial institution, a department store or even a service like PayPal or the IRS.

 

How can you be sure? Check the email closely and look at the address being used. If it’s from Chase, it should come from chase.com. Not Gmail or Hotmail. That’s a dead giveaway right there. Also, check the link (but don’t hit return in your browser). If it’s coming from any address other than the address of the company sending the email, it’s likely some kind of attack. Finally, call the company sending the email and confirm it. Of course, if it’s coming from a company you don’t do business with, then you know it’s someone trying to mess with you. Be careful.

Photo_Yuri Samoilov

Image: Yuri Samoilov

 

Speaking of business… what if you run one? Many small businesses see the attack on Target and the like and figure, “I’m not big enough. Those hackers couldn’t hit me”. These hackers don’t care who they hit. Whether they’re doing it to steal money or just for giggles, they’ll hit anyone.

 

If you run an e-commerce site, make note of changes that occurred at the beginning of 2015 called PCI Compliance (www.pcisecuritystandards.org). These new guidelines will affect how you do business online.

 

Mainly, the biggest change is if you store customer credit card information on your site (and many e-commerce sites do), you are no longer PCI compliant. Even if you have a Secure Socket Layer (SSL) certificate from your hosting company of choice to give your site the green lock icon in the browser, you’ll no longer be considered compliant if you’re storing credit card information inside of your database. This is because hackers can go inside your database, find the data and then… you know the rest.

 

Fortunately, if you’re using a third-party payment processor like PayPal, this isn’t an issue for you. If you’re selling in a third-party store like Shopify or BigCommerce, you’re also safe because it’s no longer your responsibility and companies like these already have taken the steps necessary to protect themselves from these attacks as much as possible.

 

Even if you aren’t and using a bank processor instead, many e-commerce solutions like WooCommerce (www.woothemes.com/woocommerce ) do not store the credit card information inside your database in any way. So you’re very much safe.

 

These are just a few solutions to protect yourself from being hit and having your identity compromised. Start with these examples and do some research on your own so the next big victim is NOT you

 

Adam Bell

Adam Bell

 

 

Adam is Vegas 2 LA Magazines technology guru.

You must be logged in to post a comment Login