In the last Scam of the day for 2016 it is appropriate that we discuss the issue of Russian hacking of American organizations that occurred in 2015 and 2016 that were intended to influence the Presidential election. Two days ago, President Obama ordered sanctions against Russia including the ejection of 35 Russians spies that the administration said were posing as diplomats and specific actions against three organizations that it said supported the hacking operations. The possibility of further covert actions against Russia was also hinted at.
A day prior to the President’s announced sanctions, the Department of Homeland Security and the FBI issued a joint analysis report entitled “Grizzly Steppe – Russian Malicious Cyber Activity” in which it provided details about the hackings. Here is a link to the report.
Although the report contains important information about Russian hacking of American institutions, the report also provides a long list of specific steps that institutions and individuals can take to avoid being a victim of cybercrime.
Here are just a few of the things that all of us as individuals should consider.
- Backup all important information offline.
- Be on the alert for spear phishing. The report emphasizes, as I have warned you about for years, that the primary cause of hacking is people clicking on links in spear phishing emails that download malware. Use both anti-phishing security software as well as your own brain to refrain from clicking on links in emails unless you have absolutely confirmed that they are legitimate.
- Use strong firewalls with whitelisting configurations by which only approved applications will be allowed to be downloaded on to your computers. This is much better than blacklisting because it protects you from threats about which you know nothing.
- Limit the personal information you provide on social media.
- Use dual factor authentication whenever possible.