Tag Archives: InfoSec

The New York Times has published the article “Hacking Victims Deserve Empathy, Not Ridicule,” reminding us that hacking could easily throw anyone’s life into disarray.

The article cites thegrugq, the author of several practical guides to protecting yourself from hacking. He points out that, “Security is a trade-off against efficiency” and that it can be difficult to make the additional effort when consequences seem remote or unlikely.

But if the hack of AshleyMadison…and Adobe.com…and even the website for Dominos Pizza…tells us anything, the chance of being hacked is no longer remote (check Have I Been Pwned? to see if you already have been). Now is a good time to reconsider what the right level of operational security is for you—and implement it, consistently.

 
 
Future Crimes by Marc Goodman

Marc Goodman’s Future Crimes: Everything is Connected, Everyone is Vulnerable and What We Can Do About It (Doubleday, $30), is a must-read.  Goodman has spent a career in law enforcement and technology, including serving as a futurist-in-residence with the FBI.

Future Crimes exposes the ways criminals, corporations and countries are using new and emerging technologies against you – and how this makes you more vulnerable than you ever imagined.

Here are two excerpts that stand out:

If you don’t own and control your own online persona, it’s extremely easy for a criminal to aggregate the known information about you and use it for a wide variety of criminal activity, ranging from identity theft to espionage. Indeed, there are many such examples of this occurring, especially for high-profile individuals.

The more data you produce, the more organized crime is happy to consume. Many social media companies have been hacked, including LinkedIn (6.5 million accounts), Snapchat (4.6 million names and phone numbers), Google, Twitter and Yahoo. Transactional crime groups are responsible for a full 85% of those data breaches, and their goal is to extract the greatest amount of data possible , with the highest value in the cyber underground.

In 2013, the data broker Experian mistakenly sold the personal data of nearly two-thirds of all Americans to an organized crime group in Vietnam. The massive breach occurred because Experian failed to do due diligence.

Goodman concludes Future Crimes with an appendix of tips that will help readers avoid more than 85 percent of the digital threats that they face each day. (Turning off your computer at night is one.)  Reading the book will help you understand why they are so important.

 
 

The Electronic Frontier Foundation (EFF) is the largest organization dedicated to Internet privacy and related issues. Its resources are considered the gold standard by many experts.

That’s why their Secure Messaging Scorecard caught our attention. It examines dozens of messaging technologies and rates each of them using a range of security metrics. If you already use messaging you think is secure, you may be in for a surprise. (Hint:  low ratings are given to Google Hangouts/Chat “Off the Record,” Hushmail, Skype and Yahoo Messenger, among others.)

The scorecard is part of a campaign the EFF has undertaken in collaboration with Julia Angwin at ProPublica and Joseph Bonneau at the Princeton Center for Information Technology Policy to help consumers access tools to encrypt their communications. They are championing technologies that are strongly secure and also simple to use.

If you are interested in using the safest encryption tools in your communications, their report is essential reading.