The best spies and cyber attackers embrace advances in technology to carry out traditional espionage goals. Cyber crime has followed the spy playbook. All attacks are now espionage, and to defeat the wave of continually evolving attacks, cyber security must think like a spyhunter.
“Espionage is the greatest threat to cyber defense because spies have evolved into hackers,” says cybersecurity expert and veteran FBI agent Eric O’Neill.
O’Neill is the FBI agent famous for capturing Robert Hanssen, one of the most notorious spies in U.S. history. The remarkable events behind Hanssen’s capture were the inspiration behind the film Breach, starring Ryan Phillippe as O’Neill. O’Neill’s sleuthing background provides him with an expertise in cyber security as well. Currently, Eric O’Neill runs The Georgetown Group, an investigative, security consultancy, where he specializes in counterintelligence operations and cyber security penetrations.
Just as O’Neill’s transition into the realm of cyber security should not be surprising, a spy’s transition into the world of cyber hacking should not come as a surprising either. “The best spies and cyber attackers embrace advances in technology to carry out traditional espionage goals. Cyber crime has followed the spy playbook. All attacks are now espionage, and to defeat the wave of continually evolving attacks, cyber security must think like a spyhunter,” says O’Neill.
So how can you and your organization think like a spy hunter?
Learn to detect phishing emails
In the last two years, the most critical and devastating cyber-attacks have started with targeted and well-researched attacks to compromise a single person through email phishing. The Russian breach of the DNC and Hillary’s campaign during the 2016 election is just one such example; DNC accounts were infiltrated through phishing. A phishing attack is highly personal, the phisher knows your name, your email address, and a little bit about your friends/colleagues or maybe a recent purchase that you made.
This type of cyber espionage requires a dedicated analysis and research of the target and leverages that information to bait a person into sharing confidential information and access to their account without their knowledge.The majority of phishing attacks can be avoided by exercising caution in clicking links and opening attachments.
Choose better passwords
When it comes to choosing passwords, we all have a tendency to recycle. That’s why the most popular passwords are also the ones easiest for online spies to guess. Experts suggest using passphrases, not passwords. Choose a phrase like your favorite lyric or quotation and make sure it’s 25 characters long. Also, Whenever possible, set up a two-factor authentication. When you log into an account with your username and password, the two-factor authentication will send a code via text message, or you may use an app on your mobile phone, to confirm your identity. Also, consider password manager apps and browser extensions that store your login information for all the websites you use and help you log into them automatically.
Protect against ransomware
Ransomware is a type of malware that prevents users from accessing their system until a ransom is paid, and it grew faster than any other malware attack in 2016. While most malware attacks targeted small and medium businesses in the healthcare, technology, and energy sectors, it was banking that took the next biggest hit—attacks grew by 218% for technology, by 112% for energy, and 93% in banking. Despite this, the majority of companies in the U.S. continue to ignore the problem. To safeguard against a ransomware attack, ensure that all critical data is regularly backed up in a secondary, secure, and offline location so that the files are not directly connected to a desktop system where the ransomware or an attacker can reach them.
Secure social media accounts
“Social media continues to serve spies,” says O’Neill. Mining social media accounts for freely offered information arms a spy seeking to launch a social engineering attack such as phishing. Intrinsic knowledge of a target, their goals, and likes, their relationships, and desires, is a foundational tenet of cyber espionage. Research that used to take meticulous time and effort to acquire can now be accessed with a glance at Facebook or through clever google searches. Careless friends and marketing hungry organizations, excited to share information, can throw even the most cautious and Internet savvy to the wolves. Taking care to use social media privacy settings and being judicious in the content you post can go a long way in protecting data.
A cyber hack can be catastrophic to any organization. According to the National Cyber Security Alliance, about 20% of small businesses are victims of a cyber attack, with 60% having to shut down their business less than 6 months after the attack. While many attacks can be mitigated or avoided by installing antivirus and anti-malware software, they cannot account for every attack, especially those targeted at a specific individual or organization.
As attackers evolve and exploit new vulnerabilities, organizations and private users alike must take great care to follow the above tips, and more before wading into the cyber battleground. “For this reason, complacency is the true enemy of cyber security,” says Eric O’Neill. “The best cyber security works like a spyhunter.”
DISCLAIMER: This article expresses my own ideas and opinions. Any information I have shared are from sources that I believe to be reliable and accurate. I did not receive any financial compensation in writing this post, nor do I own any shares in any company I’ve mentioned. I encourage any reader to do their own diligent research first before making any investment decisions.
The best security options for high-end luxury homes
It’s important to keep luxury investments secure, and to accomplish this, a top-notch security system should be in place for...
Oversized flyers: What should seatmates and airlines do?
With the average seat pitch getting smaller and flyers getting larger, here are measures that airlines and seatmates are doing...
Banking tech trends to watch for in 2019
Here are some of the top banking tech trends for 2019 that you should be aware of and what you...
How AR and VR are changing EdTech
Here’s why augmented reality and virtual reality are becoming useful tools in the EdTech sector and how educators and students...
5 great real estate markets for investors in 2019
These five real estate markets have great potential in 2019, and investors should take note and assess how these markets...
- Sponsored5 days ago
The fight against cybercrime makes cybersecurity the top investment choice for 2019
- Business5 days ago
Mark Zuckerberg to hold public debates on future of technology
- Business4 days ago
San Francisco Giants’ home turf renamed Oracle Park in $200M deal
- Featured4 days ago
Dividend calendar – what is it good for?
- Business4 days ago
Consider this first before attempting to sue Amazon
- Featured5 days ago
The pros and cons of having Members Exchange
- Business3 days ago
How to beef up workplace cybersecurity in 2019
- Crypto4 days ago
Here’s how women are shaking up the cryptocurrency world