Lessons learned from Equifax

Recently a major credit bureau, Equifax was hacked and many millions of records of personal data were stolen. The President of Equifax was warned of aging and inadequate cyber security measures, but did not act. He is now testifying in front of a congressional committee.  You can measure the lifespan of an organization with an egg-timer once customers find out that the systems were compromised. Would you trust Equifax with your personal information today?

Hackers have also breached the inner sanctums of National Security in the United States and have made off with advanced cyber weapons. If you think you are safe, if you think the hackers will not bother with you because you have nothing of value, you are mistaken. The hackers search the entire internet by sequentially walking through every IP address there is.

They can catalog what sort of firewall you have, what sort of servers you have and the type of clients you have. If they can breach you systems, they will at a minimum be able to catalog and identify possible exploits on your network. They may be able to convert your workstations into ‘bots’ to perform nefarious tasks on command. They may be able to extract your emails for spearfishing campaigns or to try to break into systems you have received emails from.

It is not a matter of if you have anything of value, you do. The hackers may not be to clean out your bank accounts, but your systems are a valuable resource to hackers. I was asked once to break into a number of systems that were owned by a company that had fired a system administrator who locked them out of their own systems. I found a program on the internet. I loaded it on a workstation and within 30 minutes was able to access every server on the network and change the passwords so that the systems were once again available. This was not due to any special skill on my part, but the power of the program freely available to anyone with an internet connection.

This cautionary tale must end with some ray of hope to be of any use. I would like to offer the following advice.

1. Train your employees to never click on a link in an email. Always hover over the link, inspect the URL and contact IT if in question.
2. Never bother to open emails from people you do not know or are not expecting to hear from.
3. Make sure you have a good firewall facing the internet with the latest software and signatures.
4. Turn on software firewalls on local workstations and only open up those connection necessary to perform the job.
5. Keep all workstation and server software patched and up to date.
6. Keep antivirus software up to date.
7. Remove any Kaspersky products from your systems.