It’s no secret this information is the new currency on the Dark Web. But let’s identify the how’s and why’s - and then what to do to avoid your information - both as an individual and as an organization from getting hacked.
2. In the April 5, 2016 report by the
Identity Threat Resource Center
(ITRC) there have been
227 breaches compromising
6,214,514 records containing
personally identifiable information (PII)
3. The ITRC tracks
data breaches involving:
credit / debit card
4. But let’s identify the how’s and
why’s - and then what to do to
avoid your information - both
as an individual and as an
organization from getting hacked.
It’s no secret this information is
the new currency on the Dark Web.
6. Most stolen data is being sold in the Dark Web. But for how much?
Here’s what the recent McAfee’s report, Hidden Data Economy estimates:
7. Bitglass, undertook an experiment in 2015 to
understand what happens to sensitive data once
it’s stolen. In the experiment, stolen data traveled
the globe, landing in five different continents
and 22 countries within two weeks.
8. Overall, the data was viewed more than 1,000 times and downloaded 47 times;
some activity had connections to crime syndicates in Nigeria and Russia.
10. It’s not just credit card information for sale.
On the Dark Web just about any information can be found,
including free online accounts, including loyalty programs.
What’s the value?
11. At face value, maybe it’s for the reward points.
Digging deeper maybe it’s to profile targets of interest.
A hacker can build an accurate profile by compiling data from the following
loyalty programs: airline and hotel, gas and convenient store, Uber and Amtrak,
fast food and coffee houses, and retail programs.
12. By having a key identifier, ie. personal email,
the Hacker now knows, “Joe goes to Starbucks,
corner of East and West everyday, orders a
double espresso and then hops on Amtrak #7
Eastbound. He also goes to Subway for lunch
between 2-3pm, corner of Smith and Weston.
Every Sunday he stays home and binge
watches Downton Abbey.”
13. Loyalty programs without an
e-commerce component are an easy
target to hack because they may not
even use encryption.
Simple child’s play in a
15. • Use a shredder - for everything: CDs, invoices, solicitations, etc.
• Change your passwords monthly
• Use random passwords with letters, numbers and special characters
• Use two factor authentication when offered
• Only trust your information to encrypted (https://) websites
On the Human Side:
16. • Turn technology off when it’s not being used
• Unplug when you are away for more than a day
• Be smart about smart technology - do you really
need wifi on your garage door? Does your
refrigerator need to communicate with you?
• Pick up the phone and verify legitimate
17. • Be wary of wire transfer requests and invoice
• Don’t open emails from unknown senders
• Don’t open attachments you are not expecting
• Don’t click on embedded links in emails
18. • Cyber security is more than a firewall and antivirus software
• Defend the perimeter, use monitoring software to see unusual activity
• Train for the human-factor
• Know your baseline traffic
On the Technology Side:
19. Be vigilant and keep watch of your finances, but not while you’re
using the free wifi at the coffee shop.