January 6, 2015

A New Cold War

We’re facing a new cold war. Robert Herjavec & Matt Anthony discuss the rising threat of targeted attacks in Herjavec Group’s latest Thought Leadership Blog.

Senator John McCain issued a statement saying that cyber security is the least understood, most dangerous element of the US’ national security today.

With the recent attacks on Sony, there has been a pivotal change in how corporate breaches occur. This was a targeted attack and it reached a new level of malice.  In addition to a devastating strike against the company, personal employee information was leveraged for financial gain, and terrorist threats were made. 

At Herjavec Group, we have predicted for some time now that cyber warfare will soon lead to the loss of human life through an attack against infrastructure whether it be transit networks, flight controls or a system of equal or greater significance. We don’t make this statement to be ominous or grotesque. The world we live in has changed and the threat of cybercrime has transitioned from the online world to the very real, very dangerous, physical reality.  The FBI has confirmed that North Korea was responsible for the targeted attack against Sony.  This is not the first time that a foreign government has been tied to cyber-attacks.  Every company, and every individual, can and must to do more to protect themselves. 

What should businesses do?

We tell customers that no environment is 100% secure. How an organization monitors vulnerabilities and remediates issues matters most. It is vital that companies do more to detect breaches earlier.  If we all don’t get better at this, incidents can quickly grow out of control, and, as in the case with Sony, escalate into a situation so large as to threaten the company itself, or cause an international incident.  

We advise organizations to focus on monitoring technologies for incidents, and to develop, test and resource their response plans.  It is imperative organizations find a balance between their processes, people, partners and technologies to hunt for those indicators of attack.

What should the general public do?

 We as consumers all need to take proactive measures to update passwords regularly, and carefully monitor all transactional accounts to prevent exploitation of personal data.

  • Regularly change the passwords for every single account you have.  Do not use a password more than once, anywhere, ever. 
  • Never use any personally significant data to build a password.  Names of your family or pets, birthdates, SSN, or house numbers will give an attacker a base to start from.
  • Use passwords that are more difficult to guess.  Numbers at the beginning or end of the password are not strong. Leverage capitalized letters and symbols to enhance complexity.
  • Consider using a password manager like LastPass to help you with the passwords you create and use.
  • If your online account has an option to use two-step login, using a fob or smartphone app to provide additional login security, enable it, and use it.
  • If your account provider requires you to use “secret words” or “personal questions” for identity validation, use good questions and answers – never your mother’s maiden name or the color of your first car.  As a rough guideline, if your mother could answer the questions, you are not protected.
  • Every month, review all your credit and bank statements carefully and dispute any charges that you didn’t authorize.  A line by line review is critical to minimizing credit card fraud.
  • Review your home computer’s operating system:
  • Update to latest patch levels.
  • Update your anti-virus protection and run a full scan regularly

The threat of cyber warfare is the new reality and it is highly misunderstood.  Do not be caught thinking, “this could never happen to MY business” or “No one would ever try to replicate MY passwords”. 

You will be targeted.

If you are one of the millions who touts “never to have been breached”, it’s likely you have been and simply do not know it yet. 

We are facing a new cold war. It’s time we accept it.



This post by Robert Herjavec, Founder & CEO Herjavec Group and Matt Anthony, VP Remediation Security Services first appeared on CNBC.com at http://www.cnbc.com/id/102289899

Connect with Robert Herjavec: @RobertHerjavec

Connect with Matt Anthony:  @MattAnth

*By selecting one of the communications above, you consent to Herjavec Group
sending commercial electronic messages to you for marketing purposes,
including information about the products, services and events selected.