Issue link: http://palletcentral.uberflip.com/i/1212207
18 PalletCentral • January-February 2020 palletcentral.com W hether you believe it or not, it is an international billion dollar industry to steal your information. Here are ways to ensure cybersecurity through digital hygiene. Cybersecurity is often thought of as a technology issue. Companies tend to default to using technology to combat cyber threats. However, if you look at many of the data security breaches, the root cause of the breach was not the technology. The root cause of many data breaches is a human, either through error or malicious intent. Known Data Breaches • Equifax (2017) was the result of the company not installing security patches for known vulnerabilities. This was a human decision, not the result of faulty technology. • FriendFinder Network (2016) was the result of weak protection of passwords. While this may sound like it was due to technology, a human had to decide and implement the security protocols for protecting the passwords. • Target (2014) was the result of an employee of the outsourced HVAC company clicking on a link in a phishing email. • Ebay (2013) was the result of hackers using the credentials of three employees to gain access to the network and user information. The Threat is Real You might be thinking, "these are all large companies, hackers are not interested in small companies." Many of our clients thought the same thing. Here are a few of their stories. Client A was on her way for a few days of vacation overseas. The last task was to send requested information to her client. Unfortunately, the cellular reception of her mobile phone was limited inside of the airport. She decided to join the airport's free WIFI network. It would only be a few minutes, and she was not sending confidential information. What harm could it do? Plenty. By the time her plane landed overseas, bad guys had hacked in to her personal and business email accounts and email accounts. They had also forwarded her text messages and calls to another number. When she returned home from vacation she discovered that the bad guys had stolen upwards of six figures from her accounts, maxed-out her credit cards (personal and business), and she was denied online access to her email and financial accounts. What happened? When Client A connected to what she thought was the airport's WIFI network, she had really connected to a cloned network. Bad guys clone WIFI networks in areas where people gather, such as an airport, hotel, or coffee shop. Airports are a favorite target because the high number of business travelers. The purpose of a cloned network is to either install malicious software on the victim's device, steal data off the victim's device, or intercept and redirect the victim's online traffic. Client A was on the malicious WIFI network for only a few minutes. However, it was long enough for the bad guys to infiltrate her device and take-over her account. Client B owns a business that sells large ticket items online. It is a small, family run business with less than five employees. Most of his client's pay by credit card. Every morning he logged in to his account to view the processed payments. One morning, to his surprise, he was unable to log in to the account. He contacted the merchant processor and was told that he had requested a password reset, and that the depositing bank account be changed to a new bank account. Client B stated, firmly, that he did not request the changes and demanded that Clean Up Your Act or Get Cleaned Out! CYBERSECURITY By Carrie Kerskie