I told you last month that I would be writing one of these articles about every month leading up to Scaling New Heights where I will be teaching a completely updated version of my course called Cyber Security for You and Your Clients. Well, my tip(s) for February come just a day after a supposedly 'big' victory in the war against cyber crime.
Just because the US Justice Department announced yesterday that it has indicted 36 people accused of trafficking in stolen identities and causing more than $530-million in damages worldwide, I wouldn't go dropping my guard against cyber crime.
The cyber-crime network called Infraud Organization, spouting the moniker 'In fraud we trust' may have been charged with crimes like wire fraud, computer crimes and racketeering but the cyber crime wave they are indicative of is far from over.
While these indictments may represent the "largest cyberfraud enterprise prosecutions undertaken" by the Department of Justice according to John Cronan, Acting Assistant Attorney for the Criminal Division of the Justice Department, the $530-million is a mere 'drop in a bucket' when you realize that more than $1-trillion in cyber fraud occurred in 2017.
Prosecutors believe that this group actually inflicted losses in excess of $2.2-billion upon their cyber victims, which is represents still only a tiny portion of the growing cyber crime 'take' worldwide.
And even though indictments have been issued against 36 'names', only 13 people have actually been placed in custody (as of press time).
These indictments, and the organization represented by these criminals, is but the tip of the cyber crime iceberg, most of which remains out of view. The reality is that cyber attacks like phishing and ransomware are more prevalent than ever. So even though the vast majority of cyber crime remains out of view, it should not mean the risk is out of mind.
We are all navigating the mighty ocean of the internet, and the 'bad bergs' are out there ready to sink us. So, as with icebergs, there must be a constant vigil for the threat, and steps must be taken to steer clear of the risk.
Today we have the International Ice Patrol that keeps a look out and tracks the 'bad bergs', they insure that the shipping lanes are well alerted, and that ships sailing the seas are fully aware of the risks. And no ship sails without safeguards including sufficient lifeboats for ALL on-board. But 100 years ago that just wasn't true, no such protections existed.
Remember what happened when Captain Smith ignored the risk of icebergs and 'steamed full ahead' into the dark night on a course that would take him into history. Two and 1/2 hours after striking an iceberg the supposedly 'unsinkable' RMS Titanic lay at the bottom of the Atlantic on April 15,1912 and more than 1500 souls perished because there were not enough life boats to save everyone.
As with the Titanic, tragedy is the risk for those who fail to take the proper precautions, and so it is with cyber crime. For there are two things we have indeed discovered, there is no such thing as an 'unsinkable ship' and no such thing as a 'completely secure' computer network.
Murph's Cyber Security Tip(s): "Steer clear of risk" and "always have enough lifeboats to survive."
Steer clear of the risk by employing robust security solutions that can detect the near proximity of cyber risks and prevent disaster.
But, in case of the unthinkable, insure you have adequate lifeboats available in the form of full-proof (safely maintained) backups of all of your data and operating systems so you don't 'go down with the ship' like Captain Smith.