Did You Hire a Hacker? The Latest Cyberattack Starts Inside Your Organization
If you’re as chronologically mature as I am, you already know the take-your-breath-away punchline to the 1979 horror film “When a Stranger Calls”. For cinephile newbies, let me set the scene.
This cult thriller follows Jill Johnson, a young woman being terrorized by a psychopathic killer… while BABYSITTING. The stalker’s torture of choice is to ring Jill repeatedly on a phone, that still had a cord, and whisper odd things “Have you checked the children.” I don’t even have children, and that scares the babysitters out of me. Oh, I do have children. Clearly, mom and dad didn’t prep her for this date-night disaster.
After a mind-numbing series of creeper calls and ominous music, Jill wisely barricades herself inside the Mendrokus home with a series of locks, deadbolts and sliding security chains reminiscent of your favorite Howard Johnson. She dims the lights, pulls the drapes and calls the police to have them track the source of the call. She is one aware au pair!
Fast forward to the final phone call of that fateful night, which happens to be from the policeman who’s been tracing the killer’s calls. The call is coming from inside the house. Mr. 1970s psycho-killer (qu’est-ce que c’est) is already in the house, and Jill and the tater tots are just, shall we say, DYING to get out. For you chronological newborns, the more recent thriller Scream paid homage to this cult favorite, as did Rick and Morty.
And you ask, what, pray tell, does this have to do with the latest and greatest cyber threats that seek to separate me from my profits and reputation? I’ll tell you, but in my serious voice.
The coming attraction in the world of cyber horror happens to be hackers and corporate spies gaining INSIDER access to the confidential systems of unprepared organizations. Insider theft is the hacker’s way of adapting to the technological barricades we have put in front of our critical data. If they can’t get around it, they find a way to get invited in to babysit. In other words, when it comes to ransomware attacks and hacking, deepfakes and intellectual espionage, the call is coming from inside your house.
Here’s how the inside job often works. Most businesses are STARVED for cybersecurity staff, because we have a worldwide shortage of qualified candidates. Hackers funded by rogue nations seek to fill that void. Due to the remote nature of cyber work, the ease of masking one’s worldly whereabouts, and a skillset honed while hacking US businesses, it’s easy for North Korean, Chinese, and Russian hackers to get legitimate jobs INSIDE US businesses. And once they’re in a trusted position, they have unfettered access to all your data, because you willingly gave them the keys to the house when you hired them to babysit your security.
Those of you who’ve been in one of my keynotes know that I use blockbuster movies and the formula they follow as a framework for how to repel the latest cyberattacks. Which means that you already know the answer to the quiz: your HEROES, your people, are the ONLY thing standing between you and successful insider theft.
The solution, of course, is to effectively train your people to pause and verify before they hand over the keys. And by effectively, I mean that you must make security awareness training entertaining and relatable so that they remember what you taught them after the movie is over. You need to let them know how artificial intelligence has raised the Hacker’s game and how to combat it and you need to make it personal. And that’s my specialty. I hope you’ll ring me for a keynote to update your organization on the latest threats so that you don’t become the next Blockbuster horror flick. I’ll deliver a keynote presentation your people won’t forget.
John Sileo is a cybersecurity author, expert and keynote speaker fascinated by how A.I. accelerates everything, including crime. His clients range from the Pentagon to Amazon, small businesses to large associations. John has been featured on 60 Minutes, Fox & Friends and even cooking meatballs with Rachel Ray. His latest keynote speech is Savvy Cybersecurity in a World of Weaponized A.I. Contact Us or call for details: 303.777.3221.