Getting Hacked Hurts
During the Cold War, spies used to use contrivances like dead drops and microdots to hide their nefarious activities. While such old school techniques are a little out of date by today’s standards, we’ve seen that it’s hard to keep secrets in the information age too. Recently publicized data security breaches and hacking events have disrupted business for Sony, GoDaddy, Citibank, Yahoo, and others. Large companies are capable of fixing their breaches in a relatively short period of time and mitigating any collateral damage. Where does this leave small businesses and individuals?
A recent article in the NY Times states, “What people don’t realize is that hacking and spying went mainstream a decade ago,” said Dan Kaminsky, an Internet security researcher. “They think hacking is some difficult thing. Meanwhile, everyone is reading everyone else’s emails — girlfriends are reading boyfriends’, bosses are reading employees’ — because it’s just so easy to do.”
Whether you are a government operative, a business owner, or just the man or woman on the street, you need to protect your privacy. If you don’t secure your communications and your computers, you are just asking to be hacked. This means that your emails, voice mails, financial records, and other proprietary information could soon become public knowledge, or worse. (The 2017 hacking incident at Yahoo compromised more than three billion accounts.)
“Understanding the threat is always the most difficult part of security technology,” said Matthew Blaze, an associate professor of computer and information science at the University of Pennsylvania. He is a security and cryptography specialist as well.
Forewarned Is Forearmed
In today’s technology-driven world, it takes tech to make or break tech. The problem is that for every firewall, antivirus program, and anti-malware software on the market, there are groups, clubs, and governments who are bent on cracking them.
If governments can’t produce a foolproof system to protect their most sensitive information, where does that leave everyone else? Following are five steps you can take to protect your privacy from prying eyes and ears.
- Isolation – While this sounds like the easiest thing to do in principle, it is also the toughest to enforce. If a hacker can’t gain access to a system because it’s isolated from the Internet, you’d think that this would be a foolproof way of protecting data. And you’d be wrong. As long as people have the ability to access the system, it can be cracked. The Iranian government found this out to their chagrin when their system was breached by the Stuxnet virus. The virus was introduced when a technician plugged a flash drive into a port.
- Use encryption – If they can’t read your data, they can’t exploit your data. This is probably one of the best and least used methods of protecting sensitive information. There are both hardware and software-based encryption systems available to the public. What’s great about encryption is that in the event that someone does breach your firewall, all they will come away with is gibberish.
- Mask your IP address – If they can’t find you, they can’t target you. There are a number of ways of masking your IP address that will give you an advantage over snoopers and hackers.
- Set a self-destruct timer – While Google and Yahoo keep such records as IP addresses, emails, and even web searches for 18 months or more, there are ways to get around these problems. Email services like 10-Minute Mail allow users to send a message and then the address self-destructs ten minutes later. For web surfing, you need to change your proxy setting in order to hide your IP Address.
- Cone of Silence – Just like brute force isolation, this is another nearly foolproof way to protect your secrets…shut up! That’s right, if you don’t record it, email it, or transmit it, then the bad guys can’t find it. Of course, in our wired world, many people have trouble keeping information close to the vest.
When it comes to securing your secrets, Jaye Andone and Ed Meskel are experts. Their company SCIF Global Technologies is in the business of designing and manufacturing Sensitive Compartmented Information Facilities worldwide.