By Diane Phillips
It is Valentine’s Day and I should be writing a soppy love story instead of something that sounds like fear-mongering against a backdrop of Darth Vader. But recent events converged to force this from the bowels of my keyboard, a warning that even when you think you’re safe, think again.
The greatest risk to your security is something you cannot see. It is the insidious behind-the-scenes hacking, the phishing for information, the ploy to lure you to a website where your banking info will be targeted or your ID stolen, the kidnapping of the life you share with your server at work and your PC or Mac at home.
Several incidents collided to propel the subject of cyber security to today’s topic on what is supposed to be a hallmark holiday of love. In chronological order, they happened this way.
Last week The Bahamas played host - in my opinion -to a most an amazing man, Juval Aviv. Israeli-born, New York transplant, Aviv is a world-renowned (some would say #1) security and counter-terrorism expert. He’s now 71 but as a 24-year-old he became Israeli Prime Minister Golda Meir’s top bodyguard and later, as an officer in the Israel Defence Force, he led an elite commando/intelligence unit. He was on assignment, not allowed to communicate with his family for more than four years as part of a handful of the Mossad (Israeli Secret Service) to track down the terrorists who slaughtered Israeli athletes in the 1972 Munich Olympics. The Steven Spielberg movie Munich was based on Aviv’s exploits and the book he wrote about that dark time in history.
For the last 40 years, he has turned his sense of right and wrong to white collar crime. He operates in 38 countries with a company of nearly 400 and remembers the days when, as an asset recovery specialist, he traced a missing $5 million and felt like it was a success. Over the decades, the sums grew, first to tens of millions, later to hundreds of millions and today he and his team often find themselves on the trail of missing billions. The worst offenders are governments, he says.
A CNN consultant, Aviv says nothing is a greater threat to world security than cybercrime.
A hacker with barely enough peach fuzz to shave can wriggle and worm his way into your computer faster than you can imagine. Under political directive, hackers in one country can influence an election in another. A relatively simple transaction can bring down an entire electrical grid.
Aviv, with whom I had the pleasure of spending time on two occasions during his visit, was the first warning that awoke me from comfortable slumber about what gremlins may be busily at work inside my computer.
The last meeting with Aviv, pictured right, was a private presentation to which my husband and I were invited at a residence on Sunday evening. Off Aviv went the next day to the next country where he would do his best to warn others asleep at the wheel while he tries to track down and recover funds stolen through political corruption or between traitorous partners.
The following morning a man walked into the office and asked us to schedule an event for him – he wanted to provide a forum for experts to share information on cyber security. A leading businessman, he had been unaware of Aviv’s visit despite the standing room only crowds wherever he spoke in public but, he, too, had reason to be alerted about the threat.
A day later, we got word that a major company in The Bahamas had to halt all work because its data was being held ransom. A few weeks earlier, we will all remember, the same fate befell ZNS.
Hours after we got word of the company’s woes, a young man walked through the door asking us to build a website for his tech company. Its specialty – detecting cyber crime.
“A few years ago, businesses were all trying to figure out how to get themselves more social, learning how to use the tools available via computer to get themselves out on Facebook, Instagram, Twitter, Pinterest,” said the man we will call Bill. “Today, cyber security should be the number one concern for businesses everywhere.”
Hacking tools are so easily accessible, GEICO would say, even a cave man could do it.
They carry names like you’d expect to see on the shelves at ToysRUs. ZEUS was so good it could mimic any website and ended up wreaking havoc on social media. A downloadable tool called Wannabe is allegedly what hit ZNS. The latest one is called RYUK.
As a lot, they’re called script kiddies. The man we call Bill explains: “They’re developed by people who have access to tools. They don’t know anything about programming. They don’t know anything about hacking. They just have access to tools and the damage they can wreak with those is frightening.”
They also make it very easy for us to walk right into their plot. We all know the basics – if you get an e-mail telling you it’s time to change your password and you are not working within that site, don’t do it. No company, not even Facebook or Outlook or any other site, will ask you to change your password by way of e-mail. If you get an e-mail from a company saying click here, don’t, unless you are in that company’s site, but never in an e-mail.
For those of us who remember when expressions like safe sex were introduced to offer protective advice, there is a new dictum, watch where your fingers roam. Most hacking happens at the user level, says Bill. You are safer inside an authentic website than “shopping” via an email. It’s a tough world out there even if out there is just the other side of your fingertips.