This week, the information of tens of millions of philandering spouses has been exposed by hackers of the adultery website AshleyMadison.com. While there isn’t much sympathy for this batch of victims, how vulnerable are the businesses that do have Americans’ personal information?
In addition to the Ashley Madison breach, major corporations like Target, Sony and Home Depot have fallen victim to hackers, as has health insurance giant Anthem. With so many daily transactions conducted in cyberspace, the opportunities for Americans’ data to be compromised are plentiful.
“This is a huge issue and it seems to be getting worse and worse and worse. Once you have companies like Target, Sony that start getting breached, and these are companies that have incredible security, then we know that there is a very big problem,” said Tyler Cohen Wood, a cyber expert who is the cyber branch chief for the Department of Defense. She is also author of “Catching the Catfishers: Disarm the Online Pretenders, Predators and Perpetrators Who Are Out to Ruin Your Life.”
Wood said because almost everyone takes part in electronic transactions, almost everyone is at risk.
“It is affecting pretty much everyone, and one of the worst things about it is there’s not a ton that the average consumer can really do to protect their information when they’re putting it out there on these types of websites,” Wood said.
According to Wood, hackers will prey on any system where they can find an opening.
“Hackers target companies of all shapes and sizes. Often times, unless there’s an ideology behind it, like in the Ashley Madison case, they’re typically going to go for the lowest hanging fruit. So they’re going to find a way in, and it’s getting harder and harder for companies to find where the lowest hanging fruit is,” said Wood, who explained the unlikely manner in which a major retailer was breached.
“Target was actually breached through a remote HVAC system,” Wood said. “The lowest hanging fruit there was an unsecured HVAC system, where they were able to steal credentials and get into the system.”
Listen to the WND/Radio America interview with Tyler Cohen Wood:
The greatest damage is done to companies that fail to discern a breach until long after it happened.
“Often times, companies don’t necessarily know that they’ve been breached for a few months,” Wood said. “So a lot of times they just don’t know so we don’t hear about it until months, months later.”
There are some bright spots in this challenge, however. Wood said the recent spate of high-profile hackings has corporate leaders focused on making sure it doesn’t happen to them or their teams.
“I think a lot more higher-level executives are taking notice and getting involved,” Wood said. “This is no longer just an issue where your IT department can step in and do all of the security. Now you have employees who are using devices to connect into your network. All employees have to be educated about the threats and the risks that they could potentially be posing to their corporate network as well.”
Another encouraging sign, she says, is that better security will soon be available for our credit cards.
“There’s also something that’s coming in October called the new PIN and chip cards,” Wood said. “These cards are actually going to help consumers because, when you use them, the information is stored in a chip. When you add that with a PIN, it is much less likely to be hacked. The Federal Reserve says that it makes the transaction 700 percent more secure.”
Although greater corporate vigilance and heightened credit-card security are likely bring greater consumer protection, Wood said individual Americans need to be very careful to avoid offering help to hackers in online posts.
“One of the big problems is that people take for granted that they’re completely anonymous or they have complete privacy when they’re posting things because they’re sitting behind a keyboard,” Wood said.
Wood said it’s smart to check every online communication for any information that doesn’t belong in cyberspace.
“People really need to take a different way of looking at this issue and really think that anything that you put out there is not necessarily private,” Wood said. “Anything that you do put out there could potentially come back and haunt you one day.”