Honestly, we don’t know yet. There was a time when our voting preferences, our political leanings, our policy choices were our own business. Now they are someone else’s business, quite literally. There are so many stories coming out about Donald Trump’s connections to and collusion with the Russians that it is getting hard to keep these accusations straight. Here’s the latest:
Trump Russia Investigation Update
The key word is help. As in, actively provide information that the Russians may not have been able to discover on their own. “Help” is not a synonym for encourage, appreciate or enjoy.
Without getting too political (because after all, this is a cyber security blog), here are the basics of the Trump-Russia Investigation from a cyber security perspective:
- The Trump campaign had possession of a huge amount of information about American voters from Cambridge Analytica, the data mining firm hired to help collect and use social media information to identify and persuade voters to vote (or not vote), through an activity known as political micro-targeting.
New Evidence Points to Russian Hacking of U.S. Power Grid
Russian hacking of the United States’ power grid isn’t just probable, it is already happening.
Hackers recently breached at least a dozen U.S. power plants, including the Wolf Creek nuclear facility in Kansas. It appears they were searching for vulnerabilities in the electrical grid, likely to be exploited at a later, more critical time. In a related case, hackers also recently infiltrated an unidentified company that makes control systems for equipment used in the power industry. Although none of the security teams analyzing the breaches have linked the work to a particular hacking team or country, the chief suspect is Russia. Why are they the primary suspect? Because Russian hackers have previously taken down parts of the electrical grid in Ukraine across several attacks and seem to be testing more and more advanced methods.
CYBER SECURITY EXPERTS SCREAM: IT’S NOT ABOUT MONEY, IT’S ABOUT INFLUENCE!
What will it take for the world to believe that cyber warfare, like the latest NotPetya Attack, is real and it is HERE NOW?
Will it take your company ceasing operations for the day, as hundreds of companies in at least 64 countries were forced to do?
Will it take your long-awaited surgery being cancelled, as occurred for many patients at Heritage Valley Health Systems in Pittsburgh?
Or will it ultimately take people dying (think power grids, airport operations, nuclear power plants being controlled) before everyone takes notice?
We read the headlines: another ransomware attack has hit– blah, blah, blah. It almost gets annoying hearing about them! Until you really think of the implications above. Yes, this time it mostly affected Ukraine, but someday, it will be YOU AND ME!
“There is a basic truth: It is the consumer’s information. It is not the information of the network the consumer hires to deliver that information.”
These were the words of Tom Wheeler, the chairman of the F.C.C., when it was announced that Federal regulators have approved new broadband privacy rules that require internet service providers like Comcast and Verizon to ask for customers’ permission before using or sharing much of their data. He went on to say that the information used “should be the consumers’ choice, not the choice of some corporate algorithm.”
Privacy groups were, of course, thrilled with the new rules, which move the United States closer to the stricter policies in European nations. The industries that depend on online user data were not quite as happy, with the Association of National Advertisers labeling the regulations “unprecedented, misguided, counterproductive, and potentially extremely harmful.”
What does all of this really mean for consumers?
Setting Up Account Alerts Can Help Protect You From Fraud.
Did you realize that you can have your credit card company and bank notify you anytime there is activity on your account? This tool makes it very easy to catch fraud before it stings your wallet.
Not unlike the purported size of his hands, Donald Trump has a rather small file of publicly known information compared to those who have been in the political spotlight for many years. That could be one of the motivating factors behind the recent hacking of the Democratic National Committee. While the size of Trump’s hands has little to do with any serious conversation, it does remind us that foreign nation states are highly motivated to collect the private information of powerful people.
The DNC revealed recently that two groups had gained access to their information; one (dubbed Cozy Bear) had been monitoring the committee’s emails and chats for as long as a year. The other, “Fancy Bear”, hacked into the DNC in April to get opposition research files and was able to gain access to all of the DNC’s research staff computers.
Mark Zuckerberg Hacked Because of Weak Passwords
It seems Mark Zuckerberg might be a little lazy, or a little stupid, or at the very least a little embarrassed. The undisputed king of social media has had two of his social media accounts hacked. Granted, it was not his Facebook account—just his Pinterest and Twitter accounts, the latter of which he hasn’t used since 2012. A Saudi Arabian hacker team named OurMine has taken credit for the attack, claiming they got his password from the recent dump of information obtained in the LinkedIn data breach from 2012.
Let’s see where Mr. Zuckerberg went wrong by using the safe password development tips (in bold below) from his very own creation: Facebook.
Make sure your password is unique, but memorable enough that you don’t forget it. Supposedly, Zuckerberg’s password was “dadada”.
When was the last time you checked your privacy settings on your social media profiles? Being aware of the information you share is a critical step in securing your online identity. Below we’ve outlined some of the top social media sites and what you can do today to help keep your personal information safe.
FACEBOOK Social Media Privacy
Click the padlock icon in the upper right corner of Facebook, and run a Privacy
Checkup. This will walk you through three simple steps:
- Who you share status updates with
- A list of the apps that are connected to your Facebook page
- How personal information from your profile is shared.
As a rule of thumb, we recommend your Facebook Privacy setting be set to “Friends Only” to avoid sharing your information with strangers. You can confirm that all of your future posts will be visible to “Friends Only” by reselecting the padlock and clicking “Who can see my stuff?” then select “What do other people see on my timeline” and review the differences between your public and friends only profile. Oh, and don’t post anything stupid!
Ransomware: A Vital Course on the Next Big Cyber Threat
Ransomware is pretty much exactly what it sounds like: it holds your computer or mobile phone hostage and blackmails you into paying a ransom. It is a type of malware that prevents or limits users from accessing their system and forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems or to get their data back.
It’s been around since about 2005, but earlier this year, the FBI issued an alert warning that all types of ransomware are on the rise. Individuals, businesses, government agencies, academic institutions, and even law enforcement agents have all been victims.