Stilettos, Stoli & Scribbles ~ Served With A Twist

Are you one of the more than 143,000,000 individuals outed in the recent Equifax hacking debacle? Probably. That is, if you live on the grid, you have a social security (or similar identifying) number, have a bank account, probably credit accounts, or any other way of managing your finances other than storing all your money in your mattress.

143,000,000 people – half the population of the United States. And, it isn’t even the sheer number of persons affected — remember Yahoo lost a billion email addresses — it’s the quality of their compromised personal data that is breathtaking. The hackers have your – our – social security numbers and, in the United States, that’s the key to just about everything, arguably the most important item of personal data there is. A data thief with that piece of your information can take over your life and livelihood, it’s even been used to bring people back from the dead.

Why am I blogging about the Equifax hacking incident, you ask? Well, aside from the obvious personal concern I might be experiencing, it’s because the main male character I have invented for our series of novels — Mike Chapman — is a cyber security expert. You might also call him a white, or even gray, hat hacker. I’m in the throes of writing the draft manuscript for Winter’s Thaw, the second book in our series, and have been crafting scenes where Mike is applying some of his skills in the real world.

Because I do not share Mike’s skills, I have had to research such things as the deep web, and a subpart of that — the dark web¹. The deep web is a part of the WWW where the contents are not indexed by standard search engines for any reason, but are hidden behind HTML forms. For example, it’s where encrypted personal data, such as that accessed by the Equifax hackers, resides.

All of this heightened awareness and the coincidental timing of the Equifax hack job, has caused me to focus a bit more on my own cyber security. I do some very, very wrong things. I tend to use the same password on multiple sites: financial, online shopping, medical records, my utilities. I don’t change my password often enough. Do I dream up pretty good passwords? Eh. Sometimes. I like the one I’ve been using recently a lot, but I’ve shared it with K R Brorman because we’re both in and out of the same online tools to get Eden’s Fall launched and released and to get our new website up and running. I love and trust her totally, but that’s still a no-no.

I don’t back up my data often enough, and don’t you know I’m now backing up the Winter’s Thaw manuscript several times a day. I might be able to think of something to write right now, but if it were to disappear? Ha. Those brain cells will never fire again. My sterling prose is gone forever.

My computers and devices are all Apple, all the time, and that gives me some small sense of security, and I update my software — especially the OS — and apps promptly when a new version is released. I subscribe to some credit monitoring services, more than one because they are not all created equal, and my bank accounts are with a company that is known for its security protections.

I never, ever, open a link in an email when I don’t have a high degree of confidence in the source. If you send me an email with a link to pretty photos or cute puppy videos, I might say thanks, but I won’t open it. Sorry, not sorry. When I get a notification from one of my trusted account providers, I do not use any links in their email notification email. I enter my account through my browser and take whatever action is necessary.

I’m sure the timing of this news article from Virginia Tech this morning is influenced by the Equifax hack, but a VT cybersecurity expert Eric Jardine, assistant professor of political science and a fellow at the Centre for International Governance Innovation, had some new ideas for cyber safety² I hadn’t known or thought about. I’m happy to share a couple with you.

• If you have unused apps on your computers and devices, get rid of them. They are a source of potential attacks. Who knew?
• Don’t open random USB keys. The old adage your mom used to use, “don’t put that in your mouth, you don’t know where it’s been,” applies here. VT did this test where they dropped USB keys throughout one of the university parking lots. The vast majority were picked up, and some were plugged into computers and files opened within six minutes.

Credit: Virginia Tech Magazine, “Bug Off: Digital Hygiene Tips”

So, kids. Let’s be smart about how we engage with the internet, let’s change up our passwords, let’s keep a close eye on our bank accounts and credit reports especially for the next few months, and let’s stay safe out there.

Mike is watching.

¹ Frequently, the terms deep web and dark web are used interchangeably, but that is widely considered to be inaccurate. A dark web, or darknet, is an overlay, friend-to-friend or peer-to-peer network that can only be accessed through networks (software) such as Tor (“The Onion Router”) and I2P (“Invisible Internet Project”). Tor is used to gain anonymous access to the internet, while I2P specializes in anonymous hosting of websites.

² In addition to the usual precautions: care with passwords, updating software, using appropriate anti-virus, anti-malware software, backing up your data and not clicking on unknown links in email.