Kendall George, Information Security Officer for Carleton and St. Olaf Colleges, How to Stop Worrying and Start Cyber. Hosted by Amy Goerwitz. Kendall George is a cybersecurity professional with nearly three decades of information technology experience.
Kendall George, Information Security Officer for Carleton and St. Olaf Colleges, “How to Stop Worrying and Start Cyber Security. Hosted by Amy Goerwitz.
Kendall shared with us about his family and his military career in the Middle East working in the cyber field. He loves Coca Cola and Pink Floyd, so we know he’s the good guy to listen to.
His three pronged presentation consisted of:
- Terrifying description of the dangers of the Internet
- Who are these terrifying people, places and ‘things’
- What we can do ‘right now’ to stay safe
Why do hackers hack? 80% of the time it is for the ‘love’ of money. Others for the fun, espionage and other stuff.
Who are these hackers? Hobbyists, people with personal vendettas, criminal enterprises against the nation/state, petty criminals, and organized corporations whose job is to make money hacking. Robots are controlled by people too. They are in the business of phishing, stealing credentials, mis-delivery, user error, malware, and spam. Phishing is huge server programs scrubbing the internet landscape looking for spam opportunities, open routers and servers to get into your business – from your local yard and craft shop to your banking information.
Phishing has two parts: Personal and on-line. Personal phishing is when an undisclosed ‘trusted-looking’ delivery person appears at your door with unwanted packages. Or on-line phishing is email or announcements delivered to ‘look like’ trusted suppliers (i.e., disguised to look like Apple Computer) asking you to ‘click here’, or send them something, or ‘pay this invoice’ you didn’t ask for. ‘Help Me’ or ‘do me a favor’ messages are phishing for you to be kind and helpful – which you believe yourself to be – right? But instead will direct you to clicking on a link guiding you to the Dark Web of Misery. If you are not looking for ‘notice of recent order, or Docu-sign or extended warranty information, the chances are extremely high they are a phishing expeditions into your account in order to plant malware and steal your identity.
What can I do right now?
Do not ignore the issue (walking away from your computer doesn’t help).
Be Aware – question the URL and the sender information or the ‘click here’ temptation.
Pick up the phone can call the person or company for confirmation.
(That is why Social Security NEVER contacts you via email.)
Report all phishing / scam.
Update regularly all your electronic devises.
If you do not know how, call a reputable computer company for help.
It generally means shutting down all devices completely – power off – and let the device rest (overnight). When you come back on line, most devices are now updated.
Make sure you have an Anti-Virus program.
Use long passwords (such as 10-20 words long – like the name of a song/poem line, i.e., youaremysunshine.
‘1password’ or ‘Lastpass’ and other systems can help keep track of passwords.
Make sure your Credit Report is on lock or freeze – just call. You can unfreeze at any time.
Turn on MFA – Multi-Factor Identification. If you need to, ask for help.
After the meeting
Kendall suggested that if you google “Have I been pwned” (p=o as in ‘owned’ but with a p) it will pull up a list of companies that have already been hacked with your account ... try it. Hopefully you will see nothing, meaning you have been diligent with your passwords.
What is the Dark Web?
This is generally referred to criminal activity dealing in drugs, or where hackers meet to share hacking tips, or a market place to sell bundles of email addresses.
Kendall says that you are most welcome to call him with questions or information. Thank you Kendall! We appreciated all you have done to scare us silly. Time for me to get to work!
