October 30, 2017
Each month, we feature a post from an employee contributor on a topic of their choice.
Mary Stringham, KVH Contributor*
As a mother raising children in the twenty-first century, two of the biggest things I worry about are my children’s health and safety. Not just in the physical sense, but also, in our culture which is inundated with instant entertainment at the push of a button, I have to worry about their health and safety online.
Did you know that October is Cybersecurity Awareness Month? Not very many people do. Cybersecurity is one of those mystifying buzz words in today’s society that everyone is familiar with but not many really seem to understand. Most consumers think, “Well I have antivirus software on my computer, I don’t have to worry about that sort of thing”… but are they really fine? Chances are, probably not.
Cybersecurity is not limited to virus protection on your home computer. Consumers should be aware that every time they touch a computer or even their smartphone, they put themselves at risk of being victimized by a cyber-attack.
There are many different types of cyber-attacks that go far beyond accidentally clicking a link and unleashing a virus on your computer. One of the most prevalent types is a phishing attack.
Phishing is when an end user receives an email and it seems genuinely authentic, but actually has malware embedded in an attachment or link. Phishing emails always look like legitimate emails in order to gain the trust of the recipient. Once the end user clicks on the email attachment and “runs” the Active X control, the virus is allowed to propagate across the network.
However, phishing emails also usually contain misspelled words, poor grammar, and often the link or attachment contained in the email will have nothing to do with the company they are pretending to be – something you can check by hovering your cursor over the link. It’s easy to be fooled, though: most people do not carefully read their emails, they skim through them to save time and hackers capitalize on that.
Facebook friend - or foe?
Hackers love social media due to its popularity and how widely it is used. Statistics show that there are more than 1.6 billion social media users worldwide. There are a number of ways that hackers can attack social media users; from fake “Like” buttons to fake pages and inflammatory comments on posts chosen from pages that have a lot of “Likes”.
Have you ever received a friend request from someone you are already friends with? “Wait. I thought I was already friends with this person. Well, of course I’ll accept their request!” This is just one example of how hackers use social media to fool people into a false sense of security.
2017 screenshot: This inventive phishing attempt was sent to a (still) happily married colleague, who, also happily, did not click on it.
The reality of cybersecurity in today’s world is that every day, every hour, every minute cyber criminals – the aforementioned hackers – are developing new ways to infiltrate the networks of hospitals, banks, educational facilities, and even the military in order to carry out their attacks.
Hackers have become so adept at their craft that they are able to sneak their viruses undetected onto otherwise secure networks, make changes that are almost imperceptible, and are not discovered until the damage has been done.
One of the most notorious attacks occurred in February 2016, when hackers were able to infiltrate Hollywood Presbyterian Medical Center’s network via a phishing email, and lock down the hospital’s EHR with ransomware until they were paid $17,000 in the form of Bitcoin. The danger was not only that the EHR was locked and the hackers had access to patient charts and could make changes to them, but once they had control of Hollywood Presbyterian’s network, they had access to medical equipment that was on the same network.
No safe place to shop?
It’s not just your own computer that you have to worry about. Hackers can steal your credit card information the moment you swipe your card at a retail store, a process called Wireless Identity Theft.
By using a special reader, called an RFID (radio-frequency identification) skimmer, or an app on their smartphone, they can stand near you as you run your card through the card reader and the software will download your card information wirelessly, storing the information in a database that they can use later.
(I was a victim of this type of hacking when I swiped my card at a grocery store in a large city. )
Having a chip-enabled card will help mitigate the chances of a hacker being able to steal your information, but the only guaranteed way to ensure nobody can steal your card information is simply to not use it.
So, what can you do? Put your common sense and intuition to good use. If it seems or feels off, that’s probably because it is.
If you receive an email and you have to really scratch your head in order to make sense of it, delete it. Alternately, if the email appears to come from a business that you hold an account with, such as a credit card, your bank, cable company, et cetera, you can contact the business in question to verify whether or not they are trying to contact you.
Chances are likely, if there was an issue with your account, they would call you on the phone.
Growing tech, growing kids.
It is a continuous struggle to keep up with the changes in technology, which seem to happen hourly. With an ever constant barrage of the “newest” and the “best” phones, tablets, computers, smart watches, and activity trackers – and apps to go along with them, it’s easy to lose track.
Make sure you communicate with your children the importance of safety and not blindly trusting that people online are who they say they are. It’s unfortunate that we have to even think about it, but it’s better to be safe than sorry!
*Opinions expressed by KVH Contributors are their own. Managed by Kittitas Valley Healthcare, Thirty Percenters does not provide medical advice. For medical advice, please see your healthcare professional.