The Public and the Personal
In a recent podcast session about Cyber Security Safeguards with Ben Graybar, we talked about the well known, large-scale public examples of cyber hacks as well as our personal experiences. The hacks that are public may seem like something that happens to someone else, but many times given the vastness of these hacks, we are caught up in them also. Usually, when we are caught in the public hacks that include tens of thousands, we just hope that we are the small fish in a large pond of bigger fish and that our data will not be hacked, even if our personal information has been compromised. Simple measures are the most effective ways to prevent being a victim of any type of hack. So, tune in to see how to safeguard your cyber security and not be a part of the hacked universe.
Big Company, “Very Sophisticated Cyber Attack”
In February 2015, Anthem Blue Cross, Anthem Blue Cross and Blue Shield Amerigroup and Healthlink was the victim of a massive data breach. Our very own, Ben Graybar was an insured of Anthem and received the notification about the breach. As the letter stated, the information compromised included names, birthdays, medical ID’s, social security numbers, street addresses, e-mail addresses, employment and income information. Now, I don’t know about you, but that just about covers all of the data you would ever NOT want to be breached by anyone. Fortunately for Ben, he suffered no losses as a result of the breach, that included his data.
Another Hack of Health Care Insurer
Cyber attacks continue, day after day, minute by minute. The hackers may change their method, but the objective is the same … to obtain information that is not theirs in order to obtain something else that is not theirs, like cash. Take the case of our guest Ben Graybar who was caught up as part of another victim group in July 2020. Ben was notified that Blackbaud, a company which contracts with UF Health, was the victim of ransomware attack. In the communication Ben received, UF Health and Blackbaud reported what data had NOT been breached, including: Social security numbers, medical record numbers, clinical or diagnosis information, or other highly sensitive information. The good and bad part of this … the company did not gain access to the same level of data as the Anthem example, but the Blackbaud incident does show that the hack goes on.
Cyber attacks seem very complex, and usually they are. However, simple measures are the most effective ways to prevent being victimized. Those simple measures include: (1) Password and (2) Public WiFi.
Passwords are a key obstacle to keep intruders out of your secure data. You should; (1) have different passwords for different applications; (2) make passwords complex, but use a naming system to make the updating of passwords easier and systematic; (3) keep passwords in a secure location, like a password vault (LastPass or similar program); and (4) update passwords on a regular basis.
Whatever you do, do NOT use public WiFi, like what is available at coffee shops or the airport. Even worse, do not plug your device into a public USB port. To quote Caleb Barlow IBM Security, “Plugging into a public USB port is kind of like finding a tooth brush on the side of the road and deciding to stick it in your mouth … you have no idea where that thing as been.” You can apply this same horrible idea to using public WiFi. Just don’t do it. The benefit of connecting is not worth the risk of the potential breach or malware loaded on your machine.
MFA and Other
Multi-Factor Authentication is another measure that can be taken, although it is a bit more complex that the measures mentioned above. There are many other measures that can be taken to protect your confidential and personal data. But remember, the simple measures are the most effective ones to keep the hackers out.
Check out this article about Incentives Matter. Although this might be about economics, it also applies to routine behavior. You are incentivized to keep hacks out, so you will modify your behavior to do the simple preventive measures talked about in this article.