Protect your computer from being hacked!

The idea that people are concerned that the NSA is listing and monitoring their activities is a hysterically funny concept to me. Regardless of what you think of Edward Snowden, know that he is a day late and a dollar short. Most of these same people who care about the NSA have a “Tracebook,” Twitter, Instagram, or half a dozen other social media accounts that should significantly reduce the NSA’s operating budget. In fact, let’s break up the NSA and hire Google! It seems most of us have no problem publicly posting our most intimate details on Facebook, including all but our Social Security numbers. Posting our current location and “checking in” so the entire planet knows not only where we are, but what we’re doing seems like an absolutely essential public service and should also include photos of the food I’m about to eat. How many of these same people know that every image posted contains metadata that also remembers the GPS coordinates and the type of camera used to take the image? I know you want to share a family photo, but do you really want ISIS to know exactly where they live?

Since everyone is so willing to publicly disclose this personal data, it explains why so many are unaware of the data mining taking place and that you do not knowingly consent. I guess we all know that Google is in the business of selling digital user profiles to advertisers. Does everyone write an email to a friend about planning a trip to Italy only to find their inbox full of “special offers” from the travel agency? If your email doesn’t fill up with Italy travel deals, you can bet your Internet browser will now display ads for travel agencies, “learn to speak Italian” and the best Italian restaurants on every page you view. Now ask me what we think about using Google Docs! We suggest you consider DoNotTrackme extensions for your Chrome and Firefox browsers. We also recommend that you set “self-destruct cookies” and note how many cookies are exchanged with your browser on each use. Remember, we don’t really need your username and password, we need your cookies, all of which are transmitted in clear text over the Starbucks wireless network you’ve been using! All available using FireSheep!

Now, if this is a vulnerability that affects people, what vulnerability affects enterprise-grade environments? Forget the notoriously leaky Windows OS and your hopelessly porous laptop, after 55 million credit card numbers stolen from Home Depot and 45 million stolen from Target, we now have credit card machines to worry about at the checkout counter. Actually, the TJ Maxx heist was in many ways much bigger! You may be considering how the hackers managed to get past the firewall. As we have noted before, most computer network security exploits are not executed through the firewall, but rather are executed through “social engineering” with the help of an ignorant employee or paid hit man. It is suspected that at least one of the previous break-ins was assisted by a trusted outside partner, such as the heating and air conditioning service company. Nothing like a hungry night janitor service team to earn a few extra bucks by plugging a USB stick into any desktop computer by launching a new and improved version of BlackPOS malware! Most of these stolen credit card numbers can be purchased here or on the Darknet using a Tor browser to reach Silk Road-type websites.

It seems these days you can’t turn on an electronic device without being prompted that a software update is available for download. From your TV, to your mobile phone, to your tablet, and now even your car, they are all subject to software updates. Wondering what is being downloaded to your device when you do a software update? Does it just assume you’re connecting with Apple, Amazon, or Samsung? What if a bad guy was really just faking a software update and you just voluntarily downloaded a super basket of spy goodies that turn on your phone’s camera, activate your microphone and email snapshots to the mothership? NSA, are you kidding? You would never know if it was your spouse or your employer, would you? Yet millions of people do this carelessly, day in and day out, and don’t think about it anymore. If you want to be tracked wherever you go, risk having your most intimate communications published (just ask Jenifer Lawrence and the other celebrity nude hack victims), simply carry your smartphone with you at all times!

Cybercrime, along with the Ebola virus and violent terrorism, is the single most economically destructive phenomenon to threaten the American way of life since the Cuban Missile Crisis. Yet the average business owner cringes at the cost of conducting a computer network security audit and thinks of penetration testing as lovemaking foreplay. When IT asks for a firewall upgrade or a budget increase to cover a subscription to virus, spam, and botnet filtering, they somehow can’t justify the extra expense. Educating your employees on the safe use of the Internet over WiFi should be part of your healthcare preventive medicine program, but most companies will ignore “socially engineered” vulnerabilities until they’re publicly embarrassed by a major data thief .