Ten Easy Steps to Getting Hacked

Here is a quick little survey to help you determine how likely you are to be the victim of a cyber-attack or cyber-criminal exploit.  Give yourself a point for each “Yes” answer.

  1. Security is generally a waste of time and money.
  2. I am too small or uninteresting to be a target of a cyber crime.
  3. Passwords are a hassle, so I keep them short and easy to remember.
  4. I like to use the same password for everything.
  5. I do not need to keep my anti-virus and anti-malware software up to date.
  6. I usually open email attachments and click on links in emails.
  7. I like to share personal details about my life, family, and vacation plans on Facebook and other social networks.
  8. I like to use cloud apps like DropBox and OneDrive for file sharing and storage.
  9. I am not concerned about things like whether my nanny camera, smart TV, or Internet router can be hacked.
  10. If I feel suspicious about something on the Internet, I usually ignore it because I don’t want to seem paranoid.

Score yourself.  If your scored 1-2 points, there is hope, but things could be better.  You might become a victim of cyber-crime.  3-5 means you are engaging in risky behavior, and are likely to become a victim.  6 and over means you are a frequent victim of cyber-attacks and regular visitor to the Geek Squad.

Correct answers:

  1. Good security is usually less expensive than the cost of a breach or loss.
  2. You may be small, but there are beginner cyber-crooks starting every day.  The are going to pick soft, easy targets.
  3. Password length of twelve or more characters is the only factor to prevent automated  brute force password cracking,
  4. Reusing your password means if they get one password, they can get in everywhere else too.
  5. Anti-malware software is a first line of defense against remote access Trojans, keyloggers, and other malicious software exploits.  New exploits are born daily, you anti-malware must be updated to keep up with the next exploit.
  6. Email links and attachments are the main way that cyber-criminals launch an exploit or campaign.
  7. Oversharing on social networks can give away information an attacker can use against you.
  8. Cloud apps can be great, but should be properly secured with long passwords and two-factor authentication.
  9. Most of the “smart” devices that are being sold have small Linux computers at their core, and very little if any security.  These devices can be used to gain entry to your computer network, or to launch exploits like denial of service attacks.  See my earlier post.
  10. Learn to listen to your feelings.  Most scams are designed to change your emotional state to get you engaged.  If you are feeling suspicious, worried, or uncomfortable, there is most likely a reason.  This is your clue to end the session, and even call your IT support to report it.


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.