The City of Providence Was Hacked - Tips to Protect Your Business
Tuesday, December 15, 2015
It happened again. Another municipal website, this time for the City of Providence, was hacked. This incident came with a threat to “sell” private information, and then with a request to be paid in bitcoins. A spokesperson for the Mayor’s office has tried to assure the people of Providence that the hackers only had access to public information. Is this true? How much damage was already done? A full investigation must be conducted to reveal more accurate information, which the RI State Police and others will now conduct, however we may never know the true extent of the damage.
So how do we, as companies, and individuals, trust the cloud – just another word for the internet? More and more business applications are becoming cloud based. But should you feel confident using the cloud when the media is breaking news every day about new security breaches occurring?
What we advise is that you gain some knowledge. And, further, we advise you to Think Like a Hacker. I’m not referring to becoming a hacker yourself, or to experiment with how to do that - but if you understand what a hacker is thinking and how they operate, then you will be able to create a plan to more effectively safeguard your network.
GET THE LATEST BREAKING NEWS HERE -- SIGN UP FOR GOLOCAL FREE DAILY EBLASTA hacker hacks for 3 reasons: Fame among others in the hacker world. Just for the fun of it. And, of course, fortune. But, what are they looking for?
Easy targets of opportunity – networks with little security (like a small business).
Someone else’s network – maybe yours. A hacker never uses their own network to conduct attacks.
Computers that are out-of-date (such as Windows XP & Server 2003 and 3rd Party updates) – expired antivirus, firewalls not current, or no spam filtering service.
Hackers enter your network in a variety of methods. They steal or guess passwords, log your keystrokes, and send you junk email known as spam. Another method is by creating “Zombie Computers or a BOTNET.” This means the hacker places malicious code on your computer along with many others and then from a remote command center sends viruses and other attacks to various targets – without you realizing your computer is the culprit.
Worried yet? According to ZDNet, over 1 billion personal records (including address information, medical records, financial information) were accessed illegally. How are these criminals getting through? Here are a few of the dangers:
Viruses –Malicious code that spreads (like a human virus) by infecting files.
Malware – Damaging software that infects your computer, doesn’t spread, but is often more damaging.
Phishing – A bogus email that looks like it is from a legitimate source, such as FedEx, United States Postal Service, PayPal, E-Bay, Bank of America, to name just a few. The intention of the email is to create urgency in the recipient, which then causes this person to click on a link that will infect their computer with Ransomware or Malware.
Pharming – The takeover of a legitimate website that redirects to fake websites designed to steal user names and passwords.
Signs that indicate your network has been infected:
Your machine or network runs slower than usual.
You receive unwanted pop-up windows, often directing you to purchase items, pay a ransom, or you get redirected to illicit sites.
You can’t open your files that you were able open a few minutes ago.
Follow this checklist to mitigate your risks:
Look at website URLs closely. The email might look legitimate but the URL is the give-away!
Be cautious and suspicious before downloading pictures, opening attachments & clicking links, even from people you know.
If you do get a “phishing” email – don’t click on any links. GO TO THAT VENDORS WEBSITE DIRECTLY and login from there!
Make sure your Antivirus Software is scanning & up-to-date.
Make sure your Spam-Filtering software is current and running.
Ensure your firewall is inspecting all inbound & outbound traffic.
Make sure your computers are up-to-date. Remember Microsoft no longer supports Server 2003 or XP. If you still run either of these, you are a prime target for a hacker.
Make sure you are backing up your data daily in case your computer is so badly corrupted it needs to be wiped clean and reloaded.
Last, but not least: train your users at your office on how to expect hacking - Think Like a Hacker.
It’s time to fight back! At our businesses and in our homes. Hackers set their sites on all types of organizations. Small and large companies, government sites, and more. Whether it is the City of Providence, Home Depot, Target, or your business – it’s all of our responsibility to keep the data entrusted to us safe.
Lisa A. Shorr is Co-Owner and Vice President of Marketing at Secure Future Tech Solutions, in Warwick, RI. Lisa has written for PC World Magazine, and other publications, and is a board member of The Miriam Hospital and the Jewish Alliance of Greater Rhode Island. She is the past recipient of the Riesman Leadership Development Award given for outstanding community involvement. http://www.securefuturetech.com.
Related Slideshow: Health Data Security Breaches Reported in RI Since 2010
The following are health data breach reports from Rhode Island as listed on the Department of Health and Human Services Office of Civil Rights website.
As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. These breaches are now posted in a new, more accessible format that allows users to search and sort the posted breaches. Additionally, this new format includes brief summaries of the breach cases that OCR has investigated and closed, as well as the names of private practice providers who have reported breaches of unsecured protected health information to the Secretary.
Related Articles
- UPDATED: Hacker Claims to Have Taken Sensitive Data from City of Providence
- NEW: 3 Fired at RIPTA After Security Breach
- Security Breach Scandal: What Next at RIPTA?
- 18 Million Social Security Numbers Stolen in Undisclosed Gov. Data Breach
- Gamers Beware. Sony Announces Security Breach on Play Station
- NEW: Kilmartin Hits Epsilon After E-Mail Security Breach
- RI’s Dept. of Labor Says Security Breach Tied to JPMorgan Chase
- RI Consumers File Class Action Suit Against Target for Data Breach
- 30,000 Rhode Islanders Hit by Health Data Breaches
- 10 Big Companies with Recent Major Security Breaches
- CONSUMER ALERT: Yahoo Notifies AG Kilmartin of Security Breach