With the past few days, there have been multiple coordinated attacks on our national technology infrastructure. According to a report by the Washington Post, “FBI officials believe the attacks required expertise.”
A report in USA Today states: “Repeated and successful attacks on fiber-optic cables in California have security experts warning the Internet’s physical infrastructure is ‘basically unsecured’ and vulnerable to both casual and determined attackers.”
The map below, provided by 9 News, shows numerous Comcast outages across the nation.
Here’s a video that describes the outages:[youtube https://www.youtube.com/watch?v=LHnG-n0-o9c?rel=0]
Today, New York Stock Exchange was taken offline, the Wall Street Journal website was taken down, and United Airlines was shut down with flights grounded from coast to coast.
One would hope that it took a sophisticated army of cyber criminals to bring down United Airlines. Yet, United Airlines claims that the nation-wide outage was due to a router failure. If we are to believe them, it’s more troubling is to think that a single point of failure, of a single component, caused a major airline to shut down.
If our infrastructure is so shoddy and fragile that it fails without any human intervention, what would happen if people tried to take it down?
The same can be said for the New York Stock Exchange and the Wall Street Journal website. It would be more comforting to know that those outages were part of a coordinated attack.
- “Bizarre: New York Stock Exchange, Wall Street Journal, and United Airlines all downed by technical glitches,” Salon, 8 July 2015.
- “California attacks send warning that Internet lines are ‘basically unsecured,'” USA Today, 1 July 2015
- “‘Coordinated attack’ downs services with cut lines,” 9 News Colorado, 30 June 2015.
- “NYSE repoens after trading stopped amid United Airlines, WSJ.com tech issues,” Fox News, 8 July 2015.
- “String of West Coast attacks on Internet fiber optic cables leads to FBI investigation,” Washington Post, 2 July 2015.
- “United blames travel-snarling system outage on router problem,” Los Angeles Times, 8 July 2015.
Here’s What You Can Do To Help
Given the rise in high-profile attacks, it would be wise for everyone to increase their own security efforts for personal and business computing.
You may think that you’re a much less important target for hackers than an air traffic controller, bank president, or nuclear power plant worker. However, any hacked account or computer is typically only a few relationships removed from a high level target. It’s estimated that we’re all about six degrees of separation from anyone else. Which means that every target is equally important to a hacker. Additionally, hackers work on building aggregate networks of hijacked computers for launching attacks on critical infrastructure.
Here are some resources for proactive security measures you can take:
- Account Security. Be sure your accounts are setup with complex passwords and two-step authentication. Read our document on Email Safety and Online Account Security.
- Data Redundancy. Make sure your critical data is in three places: local hard drive, backup hard drive, and cloud storage. Make sure you have a regular backup plan and don’t leave your backup drives connected to any computer since new viruses attack files on all attached drives. Be sure to have more than just a backup of your current files. Keep backup of your file versions in the event that current files become corrupted and then overwrite your only backup.
- Computer Security. Use a high quality paid subscription antivirus and security program such as Bitdefender or Kaspersky.
- Credit Card Security. A debit card that pulls directly from your bank account, can leave you with no money in the bank if it’s stolen. That can result in bounced checks and other fees. However a credit card creates a firewall between you and thieves. If your card is stolen, you can report it and have it cancelled.
- Consider having several credit cards so you can use one for online transactions and higher risk purchasing while traveling. Use one for regular monthly bills. It’s less likely to get stolen if it’s only used for a few recurring monthly bills. That way, if a more exposed travel/high-risk card is stolen. You simply need to cancel it, but won’t need to contact a dozen merchants to provide them with a new number.
- For an extra measure of security, consider purchasing no-fee American Express Prepaid Reloadable credit card for online purchases. In this way, you won’t need to give out your primary credit card numbers. You can use these cards for one time payments, or refill them for ongoing use.
- Email Security. Follow best practices with regard to email security. Read our document on Email Safety and Online Account Security.
- Financial Security. Use a service like Equifax to monitor your credit activity.
- Identity Security. Use a service like LifeLock to secure your personal identity.
- Password Safety. Consider using a password manager like 1Password that uses local encrypted storage of your password list. Do not store this in the cloud and do not synchronize through the Internet. Synchronize through your local network only. Maintain a copy of your passwords on your computer and also on a mobile device with biometric security (fingerprint reader). Alternatively, you can write your passwords and account information on paper and store them in a fireproof and waterproof safe. Using a multi-function home copier, you could make a backup copy and leave it in a safe place.
- Redundancy. Maintain a second computer with a backup of your essential files and contacts. Have it configured to function for printing, network, email, and other functions in the event that your primary computer goes down. Create a non-computer-reliant system for your daily tasks. In other words, for all the tasks you rely on your smartphone or computer, figure out a pen and paper solution.
- Social Media Security. Be vigilant when using social media. Don’t accept friend requests from people you don’t really know. It would mislead your friends into accepting a friend request from a person they think you know and approve of.