Blake Dowling: Consumers can avoid feeling the ‘email Bern’ by hackers

2
8

Debbie Wasserman Schultz got to “Feel the Bern” in the form of a hostile crowd of Florida delegates at the Democratic National Committee.

Why were these Bern Victims so fired up? The email scandal of course, which led to Schultz’s resignation. The pro-Clinton digital documentation that was revealed in this breach and scandal is a mess.

There are several old school rules of thumb that my grandparent’s used to use which were “make sure to get it in writing” and “make sure to not put that in writing.”

You should have the same approach to writing emails.

“I don’t care if anyone reads this ever.” If it’s not that, delete.

Emails can be sent/forwarded to the wrong people, handed over to the courts, watched by the National Security Agency, and for Debbie and the gang at the DNC, hacked.

The DNC realized something was wrong going back as far as April. They brought in a professional security firm to analyze their network; they found a breach, blocked it, but it was too late. The bad guys had been inside their world for a year, and they had already taken everything they wanted.

It is suspected that a nation state was behind the hack (Russian-backed cybercrime syndicate – Guccifer 2.0 is suspected), and I was asked by the Orlando Sentinel this week how you stop something like that? (See my Q & A with Paul Owens later this week.)

The short answer is; you don’t.

If you have the resources to build nuclear weapons and fly in space, you can pile up enough code, hackers, hardware and software to perpetuate a successful cyber threat against anyone. Like Bill Clinton and the intern, it’s going to happen eventually. What you need to be thinking about is how to minimize the threat.

Your password is your front line of defense.

To those of you that have a password that is a variation of the word password or a word that can be found in the dictionary. FAIL.

Those rules from information technology experts have been read over and over: use a number, a capital letter, and a symbol in every password gives you some security. There are software programs designed to auto-hack passwords, and by following these protocols, you might just stop a threat in its tracks.

The most common attacks are Trojans, Phishing schemes, denial of service (DOS) attacks, Ransomware/Malware (Cryptolocker), and password attacks/brute force attacks. In conjunction with a strong password, put your email somewhere smart.

Don’t use a free hosting service for email. There are a dozen examples of free email, but I will minimize my risk of a nasty letter in the mail and not call them by name.

You get what you pay for, both in life and email. Use a cloud platform with a “Tier 4” data center.

Tier 4 is defined as critical servers and computer systems in a Data Center, with fully redundant subsystems (cooling, power, network links, storage, etc.) and compartmentalized security zones controlled by biometric access control methods.

If you have your email on a local server, make sure a state of the art firewall is deployed, and in all cases have up to date hardware with the latest patches, as well as anti-virus and antispam solutions in place.

Lastly, if an attack, breach or theft occurs, have a solid backup of your email and data in place.

The Russians, Chinese, the 14 people in North Korea with internet access and the wacko next door could all be potential cyber criminals. You can buy kits on the dark web to become a cybercriminal in about seven minutes.

So keep thinking defensively, to that end, another way to keep the bad guys out is “two-factor authentication.” This is a method of confirming a user’s identity by utilizing a combination of two different components. These components may be something that the user knows, something that the user possesses or something that is inseparable from the user.

An example from everyday life is the withdrawing of money from an ATM. You have to have a bank card (something that the user possesses, 1 factor) and a PIN (personal identification number, 2 factor) allows the transaction to be carried out. The same goes to logging into a commercial site, when they text you a code to enter.

Criminals are not getting dumber, but the average American is; see the Pokémon Go craze if you need further evidence.

So when it comes to email, keep your eyes wide-open, and security top of mind. Be safe out there.

___

Blake Dowling is chief business development officer at Aegis Business Technologies. His technology columns are published by several organizations. Contact him at dowlingb@aegisbiztech.com or at www.aegisbiztech.com.

2 COMMENTS

Comments are closed.