Over 140 million people are at risk from the data breach at the major credit bureau Equifax. But the fact that this major hacking incident was not discovered for some time should serve as warning to anyone with vital private data.
To understand why, one must examine the motivation of many cyber criminals. More and more such cyberattacks have one primary goal: Theft of valuable data for profit. In the case of the Equifax breach, the goldmine was one of the largest databases containing the type of information needed for the very lucrative act of identity theft. It’s no wonder that Equifax has responded by making credit monitoring services available to victims.
Now take a moment to put yourself in the visual shoes of the Equifax hackers. If you have just obtained access to not just any large data warehouse of Personally Identifiable Information (PII), you wouldn’t just grab a few hundred names. You would want to obtain as much as you could of this virtual treasure.
Which would mean your ideal scenario is to be able to lurk in the shadows and tap into Equifax for as long as possible. You would want to avoid detection. So if all went well, the staff at Equifax would not notice anything unusual for some time.
Now you can see why so many hacks by cyber criminals remain undetected for months and even years.
And what about your organization? Do you have credit card data? Do you store social security numbers? Medical records? Even phone numbers and addresses are of value to cyber criminals.
Becoming more prevalent is an even different motivation of using pretty much any device connected to the Internet as a platform for attacking systems with valuable information. Vast numbers of machines are being used as part of botnets for the purpose of cyberattacks. In this manner, anything from baby monitors to security cameras can be joined to a botnet. So that camera trained on your front desk may not be spying on you, but it may be more valuable as a part of a network of thousands of botnet devices.
What to Do
So what can you do? Considering how attacks are becoming more and more sophisticated, the only short answer is to implement best security practices for every one of your computing devices. New threats emerge almost constantly, so what is “best” changes just as often.
It no longer is sufficient just to have any antivirus program and even seasoned computer technicians may not be able to keep current on preventing the latest threats.
There are many great sources of security information online and we’ve published our Security Blog with information geared towards not only the needs of small businesses, but also the understanding that you need to focus on the core of your work. So we give you timely information in brief and concise form. You can save this short URL to get just the Security Blog posts: http://t2d.la/security
We also give our clients and newsletter subscribers private and exclusive updates and information. You can subscribe at http://t2d.la/signup
We truly hate spam, so you can rest assured we only send relevant information and we never sell or give your contact information to anyone, unless you want us to.
Finally, you may want to consider our banSHIELD security suite. Since only one system or program may not be enough to protect your data, we combine the best enterprise-grade software and some of our own systems to keep you safe and secure. Please visit https://banSHIELD.com for more information.
As a parting thought, be careful of some of the free antivirus software available. Some products actually leave your system more vulnerable and others even add their own malware. And be careful about running multiple programs. That could slow your system down and worst case, conflicting programs could cause problems.
|UPDATE: There are reports that using the hack checker tool from Equifax (referenced in the article below) will indicate you’ve been hacked and offer enrollment in their TrustID service…even if you put in random numbers as your SSN! We will keep you updated, but for now be cautious! Learn more: http://t2d.la/a020|
Learn more about the Equifax hack itself and what you can do about it:
Short URL: http://t2d.la/a019