How can we have a new review each week? Well, with cyber crime reaching record highs and growing, there’s never a dull moment in the cyber arena. Whether you are in the ring and boxing your heart out at your weight class, or enjoying the view from the side-lines, here are some of the top stories this week in the cyber-threat-verse.
Yahoo!: An Oldie But a Goodie
So Yahoo user ID got hacked a couple of years ago and we are just now hearing about it. So what, right? (After all, you use Gmail). Perhaps that’s your line of thinking. Well, here are a couple of key points to consider:
1. Yes, we have only recently learned of this hack. What else does that mean has already happened that we have yet to learn about?
2. As CNN reported: you could have a Yahoo account and not even know it. It’s worth the time to delete old email accounts, but few do.
3. With each new attack, the possibilities of others increases. It doesn’t just mean hackers are getting smarter; they are also getting a wider database of user information. As we learned after the DropBox breach, an employee reuse of a LinkedIn account password may have been the source of the data breach. You seriously need to not reuse passwords, and educate your employees about effective passwords as well.
4. Let this be a lesson to you: invest in cyber security. As examined in a recent New York Times article, Yahoo may not have adequately invested in protection, as compared to competitors.
So if the Yahoo breach was feeling a bit like the punchline to a 2 year-old joke, take a new look: one can learn from the mistakes of others.
Tesla: Hacking a Super Car
If you own a Tesla, or have seen the hilarious Oatmeal comic, you may feel that you too own an “intergalactic spaceboat of light and wonder.” You may have also learned this week that Chinese researchers were able to hack a Tesla Model S from miles away, effectively controlling such features as door locks (theft vulnerability) and braking (serious road hazard).
Don’t worry: the research team turned their data over to Tesla and within 10 days a patch was issued that fixed the bug. It does raise some interesting, alarming questions, such as how vulnerable vehicles may become as they become increasingly electronic. Like the vulnerability of carrying a cell phone, or conveniences have a potential cyber security cost.
If you or someone you know want to cash in on cyber vulnerabilities: Tesla is part of an automaker initiative, paying you up to $10,000 in “bug bounty,” rewards for finding such security flaws.
The DNC: Blame the Obese
While several security experts have opined that Russia hacked the Democratic National Convention, for what purposes no one can say, this week some other words were voiced on the matter: those of Donald Trump. If you watched the first presidential debate, you know the topic of cyber security came up. When Hillary Clinton seemed to criticize Trump for calling on Russia for cyberattacks, he replied, “I don’t think anybody knows it was Russia that broke into the DNC. It could also be China. It could also be someone sitting on their bed that weighs 400 pounds.”
On cyber security as a topic, Donald Trump further stated, “Cyber is very tough. I have a son. He is 10 years old. He has computers. He is so good with these computers, it’s unbelievable.”
So, be it a foreign national, a bedridden corpulent individual, or a 10-year old computer genius, we still don’t know who was responsible.
At least in November we will know who will helm the White House on the next four years of cyber security policy.
Until next week, same bat-channel, same bat-time.