HacXed!

By Chris Crouse, CIO

Picture

It seems that over the last couple of years more than ever, events of “Hacking” and “Identity Theft” are daily breaking news stories. We can almost count on tomorrow’s headline: “ABCXYZ (Big Company Name Here) Hacked, Sensitive Customer Data Stolen!”
 
Take your pick… Blue Cross, Chick-fil-A, Sony, US Postal Service, MCX, Staples, Kmart, Dairy Queen, Home Depot, PF Changs, eBay and Target to name just a few in the past 2-3 years. Not to mention one of the most recent and discernibly largest occurrences in sheer volume and sensitivity of information stolen is the hacking of the Office of Personal Management (OPM) affecting some 21.5 million people.
 
OPM has acknowledged that the data compromised was sensitive personal information including Social Security numbers and other information collected for background checks, not limited to historical addresses and detailed medical, mental and credit history. While we might start to become numb to occurrences of this type of theft, do not underestimate the powerful impact and potential damage these compromises can cause, such as credit fraud, tax fraud and even extortion.

It can be difficult and seemingly near impossible to protect ourselves when our private information is in the hands of another entity or multiple entities. However, we can actually do a great deal to make a difference.


Just using the basic rules of cybersecurity to protect and control our data can provide the greatest payoff:
Confidentiality, Integrity, and Availability.
 
• Passwords: Create Strong Ones.
A short common name password is something easily cracked with today’s dictionary hack. The best rule of thumb is to use paraphrasing with a mix of capital letters, lower case letters, numbers and symbols.
 
• Downloads & Links: Be Very Cautious.
When downloading files, running program downloads, and clicking on email links – make sure the information is from a trusted source. Phishing attacks often install programs to steal identity but need some sort of interaction to execute. If you are not sure, scan it first.
 
• Firewall & Anti-Virus: Use Them!
This might seem obvious yet almost pointless at times, but remember that some of the most recent methods of identity theft are the older “tried and true” techniques, and newer firewall and anti-virus programs should protect against these attacks. Make sure you schedule frequent virus scans.

• Backups: Save Your Data.
It is always a good idea to store copies of your files on an external hard drive. When done on a regular basis, you know there is a recent back up of your data just in case an attack should happen. And, remember to run occasional virus scans on your backup device, too.