Under Attack: When Bad Hacks Happen To Good Advisors
By Chris Moschovitis
It started with a friend’s request for help.
“Advice please: One of my email accounts has been hacked five times in the last week. I keep changing the password using the complicated passwords that are computer generated and now it seems like I'm getting hacked even more. What can I do to make this stop?”
I often wondered how a doctor feels when delivering a bad diagnosis to a friend or family member. This, of course, is not a life-and-death case, nor am I a doctor. However, when your professional life depends on information technology, getting a bad diagnosis can be injurious to your financial well-being. My friend is a successful insurance advisor whose business requires a great many email transmissions.
I replied online that his computer most likely is compromised by a type of malware (nasty little critters of software) that can record what one types, what’s on one’s computer screen, even what is transmitted. As a result, remedial options were limited.
Assuming that the advisor had a good, uninfected backup, he would have to “burn” his computer by wiping it completely and re-installing the operating system and application from original media. While he did all this, he would need to monitor all of his accounts (email accounts, social media accounts, financial institutions, on-line services, etc.) for any unauthorized activity. Then, he would need to find a “clean” computer - ideally outside his compromised network environment - to change all his passwords again, and immediately institute two-factor authentication across the board.
And Then, More Comments
The comments from my friend and his colleagues and associates started streaming in:
“So does that mean my phone and iPad are compromised? And does that mean I can't just wipe the hard drive clean and reinstall a backup from time machine because that likely means I'll reinstall the malware, right? What's the best way to "burn" my computer?”
“This is horrifying. just the idea...” typed another. “Isn't there a way to remove that type of malware from the computer?”
Yes, there is, but it will not be worth the cost. Trying to remove this type of malware requires hours of uninterrupted and expensive “fun.” Moreover, never underestimate hackers. Your “going in” assumption should be that they are brilliant, persistent, and cunning. They need to succeed only once. You need to defend thousands of times and multiple entry points.
Bottom line: Surgical removal of malware should be considered very carefully, done by experienced cybersecurity people, and it can never be 100-percent guaranteed. One typically faces this type of solution when backup is inadequate.
What is an adequate backup? Like most solutions, there is no such thing as “one size fits all.” It depends on the data, the sensitivity of the information, its life expectancy (yes, data has a life), usage, etc. Is it encrypted to begin with? Should it be? And so on.
You hear people talking about “disk-to-disk-to-cloud” solutions, “time machine” and half a dozen different vendors and products. They all have pluses and minuses. You should have a conversation with both your information technology and your cybersecurity professionals (they are not, and should not be, the same person), and arrive at a strategy and a solution that lets you sleep at night. Always remember: You’re the only one who can accept risk! No product or consultant can do this for you.
The comments kept streaming in…
“I've got a malware program that sweeps my computer numerous times a day for malware…”
“I just installed a second one, for good measure!”
Preventing the ‘Flu’
The majority of antivirus and antimalware programs available are what is called “signature based.” What this means is that they work about as good as your flu shot.
Flu shot effectiveness varies year by year, strain by strain. Why? Because a flu vaccine is made by taking last year’s viruses and, after making them inert, creating a vaccine whose job is to tell your body to attack any virus that looks like the vaccine. If you’re lucky, this year’s vaccine “looks like” last year’s and the inoculation works! If not, then you spend a few weeks sneezing and wheezing in misery.
It’s the same story with antivirus programs for computers. There are, of course, more sophisticated answers, programs that look for behaviors, for example, or those that use artificial intelligence algorithms to guess whether a piece of software is good or bad. Are they right for your environment? Perhaps. It all depends on your risk appetite, type of data and budget.
What’s the bottom line here? Be vigilant. Have reliable backups. Use strong passwords. Encrypt your stuff and your internet sessions (use websites whose url addresses begin with https whenever possible). Use two-factor authentication. Keep your computers, phones, tablets and other connected gadgets up to date.
Chris Moschovitis is co-author of History of the Internet: 1843 to the Present as well as a contributor to the Encyclopedia of Computers and Computer History and the Encyclopedia of New Media. He is working on his latest book “How I Stopped Worrying and Learned to Love the Hackers.” Chris can be contacted at [email protected].