Halting Hackers with Good Cyber Hygiene

Halting Hackers with Good Cyber Hygiene

By Kristi M. Rogers, Security and Risk Expert, Vice Chairman and Founding CEO, AEGIS LLC.

 

Millions of computers are under a constant, multi-level and multi-faceted attack designed to steal information. But nearly 80 percent of cyber crime can be prevented.

It's an attack that you cannot see, but you most certainly have felt it. According to government figures, the United States has lost hundreds of billions of dollars as the result of cyber crime, cyber espionage and cyber war. In today’s economy, one would think that the alarm bells would be ringing. It's happening now, it happened yesterday, and it will happen at an even greater extent tomorrow.

The National Security Administration's director general, Keith Alexander, states that economic espionage through cyber attacks is the "greatest transfer of wealth in [American] history." It does seem a bit unreal. Unfortunately, it is very real. Most security experts today will tell you that there are only two types of companies in the United States: one that knows it has been "hacked" or attacked via its computers, and the other that does not know it has been attacked.

In 2O11, software company Norton estimated U.S. costs due to cybercrime at $14O billion, $32 billion of which came directly from theft, the rest as a result of time lost to repairs from malware. ($388 billion in worldwide costs)

Growing threat: the Ponemon Institute's sample growth saw a 5O percent cost increase to companies from cybercrime and a 40 percent increase in the frequency attacks from 2O1O to 2O11

Even if your identity has not been stolen your computer may have been co-opted to serve in a vast net, a "zombie army" that disrupts, attacks and steals on a large scale. Where are the attackers? Is it the teenager in his or her parent s basement with bunny slippers and a Mountain Dew who has just hacked into the principal's computer to change his grades? We should all wish for those days. Today, the attackers are lone "entrepreneurs," organized "hacktivists,"and cyber crime syndicates — organized syndicates, mercenary for sale, nation state warfare, zombie armies, invisible botnets, Operation Shady Rat — this sounds like the trailer for the next movie blockbuster, or the next Vince Flynn novel, or even the next Avengers movie. Unfortunately, this is today’s reality.

 

A few examples highlighting public cases of cyber attacks:

SONY CORPORATION: One of the most newsworthy attacks in recent history is that of Sony. In 2011, hackers breached Sony's customer network compromising more than 70 million records. Sony estimated the cost at $171 million.

STRATEGIC FORECASTING: A data breach at the intelligence analytics firm, Strategic Forecasting, disclosed in December 2011, was attributed to Antisec, a "hacktivist" group affiliated with Anonymous that used the 68,000 stolen credit card numbers to make donations to charity.

EPSILON: The Texas-based marketing firm suffered a data breach ir2011 in which 60 million names and email addresses were stolen from customers for more than 50 major retailers and banks. Estimate for the total costs — projected to include forensic analysis, monitoring, fines, litigation and lost business reputation damage — varies from $100 million to as much as $4 billion.

TJ MAXX: In 2007, the clothing retailer breach caused by a remote intrusion resulted in the compromise of more than 94 million credit card accounts, estimated at $64 million in costs.

 

What can you do to protect yourself?

Tips to secure your personal computer and prevent cyber crime:

  • Update operating systems and software to the latest versions to protect yourself from "malware" - malicious software that can be installed on your machine without your knowledge.
  • Even emails from people you know may contain malware links or attachments if an account has been hacked; be careful when following links and visit websites by entering the addresses directly into your browser.
  • Encrypt sensitive data.
  • Change passwords regularly.
  • Don not provide personal information on social networking sites such as address or birthday
  • Do not log into personal accounts over public WIFI networks.
  • Do not plug unknown USB devices into your computer.

 

Download PDF

C5i Corporation HQ
2029 Century Park East
14th Floor
Los Angeles, CA 90067
Phone: (703) 435-2600
Fax: (571) 203-9300

C5i Federal HQ
11921 Freedom Drive
Two Fountain Square, 5th Floor
Reston, VA, USA 20190
Phone: (703) 435-2600
Fax: (571) 203-9300

C5i Saudi Ltd.
Al Subeie Tower, 14th Floor, Unit D
P.O.Box 20090
Al Khobar 31952, Saudi Arabia
Phone: +966 13 887 7118
Fax: +966 13 887 9040