ABOVE If you’re not doing the basic things in cybersecurity, like changing passwords and avoiding shady websites, doing the fancier things won’t help.
A rumor making the rounds of the sold-out Cyber Risk Workshop put on by CNA Financial Corp. and the Alabama Automotive Manufacturers Association: China is downloading the entire content of Facebook, twice a week.
True? Or fake?
Well, if you have to ask, it’s an unfounded rumor at best.
But it speaks to two trends that were discussed Feb. 9 at the session, the first being that nation/state players are now considered a major force in hacking, once seen as a basement phenomenon driven by bored teenagers or disgruntled ex-employees.
Nation/state players aren’t looking for credit card numbers, according to CNA cybersecurity experts Stephen Douglas and Terry Smith. Instead, they’re hunting for corporate secrets, industry processes and even weaknesses in infrastructure.
The second trend discussed at length was “spear phishing, ” in which hackers do significant amounts of research before sending you that link you shouldn’t click on. By looking at social media, they can tailor an email with personalized information, such as your boss talking about his recent elk hunting trip in Minnesota.
Also worrisome: Not-safe-for-work gambling websites now contain fake ads that can install malware on a company computer even if you just hover over the ad without clicking. It’s something to consider during March Madness NCAA bracket season.
“The bad guys only have to be right one time, while we have to be right 100 percent of the time, ” Smith said.
Hargrove Engineers + Constructors were hosts of the workshop, which generated so much interest that AAMA hopes to replicate it elsewhere around the state.
Text by Dave Helms
