Issue No. 1
NATIONAL PREPAREDNESS MONTH
  Dealing with Cybercrime
     September, 2014
Why a Newsletter?
Greetings!

It's September, which happens to be National Preparedness Month.  More and more of our personal situations need preparedness... from climatic issues (hurricanes, fires, earthquakes, floods...) to unclaimed property, fraud, theft, healthcare and, lately, even Cybercrime. Most people don't understand the basics of these issues, why they're problems, how to properly prepare for them nor how to deal with them, if they become a reality.  A newsletter can help shorten your learning curve on these important issues and arm you with the latest tips and ideas about how to prepare yourself, your family and even your clients. These "HOT TOPICS" keep not only arising, but expanding.  Hence, our Newsletter. 

The format of our Newsletter is to

a) pick a burning issue each month 

b) explain it in layman's terms and then 

c) give suggestions as to how to properly protect yourselves and, short of that, ways to help minimize your exposure to the fallout caused by that particular issue.   

 

Sort of like a "before" and "after" HOW-TO manual! 

 

This month we're focusing on Cybercrime, which is currently the hottest topic, thanks to our Russian friends who, on August 5th, hacked into and stole over 1.2 BILLION records. Then, to start off September with a bang, JP Morgan Chase and Healthcare.gov were hacked into, adding millions to the number of records breached.  Even iCloud is now under investigation, by the FBI, to determine if the site was hacked.

   

If you have a "HOT TOPIC" that you'd like us to cover, be sure to email it to us and we'll try to ensure that we address it.  And, as always, feedback is encouraged!

 

Best regards, 

 


Carol R. Kaufman | Founder/CEO
CareBinders, LLC
Home of CBDataŽ Home & Life Inventory™ Solutions
201-447-1577
 www.CBDataSystems.com
What is Cybercrime?

 

Cybercrime is any criminal act dealing with computers and networks - including the Internet.  A common name for this is "hacking".  But be aware:  Cybercrime also includes traditional crimes conducted through the Internet, such as hate crimes, online bullying and telemarketing, Internet fraud, identity and credit card account thefts.  When any illegal activities are committed through the use of a computer, networks and/or the Internet, they are called Cybercrimes.  "Hacktivism" is also a Cybercrime when someone illegally breaks into computers and computer networks as a means of protest to promote political ends, such as free speech, human rights and information ethics.

Is a "Secure Online Solution" an Oxymoron?

The answer is, of course, "it depends!"  If it's an online program, we'd be foolish to believe that open, accessible data of any kind is unable to be compromised.  Just go to www.privacyrights.org and click on "breaches", on the right column, and scroll down to see the latest security breaches of well known companies - including ones like Apple and JPMorgan Chase and Bank of America.  Closed data files, the result of the programs, that are password protected and encrypted with at least 256bit encryption and a three part identification system are significantly less likely to be compromised but...

Impossible?  No.  Less probable?  Yes.




Unfortunately, with the direction the world is currently going, Cybercrime is becoming more commonplace and incidents are expected to continue to escalate for the foreseeable future.  Last week, Apple's response to their latest issue of iCloud being hacked to get nude celebrity photos demonstrates the complexity of the issue.  Apple's response:  "The celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that is all too common on the Internet."  A non-committal response, trying to redefine "hacking", so they could sidestep the question:  Were they hacked or not?  Hmmm.

So what can we do to protect our important, confidential data?  Below are a few tips and suggestions regarding programs, passwords and other online tools to help guide you (and your clients) through the maze of choices and decisions you have to make on a daily basis, about what to put online and what to keep on your computer or on a local backup drive.

Online Program Tips
  • Don't use online programs unless you understand the potential security risks and are prepared to deal with them.
  • If you use online programs, only use programs that do not contain or minimally contain confidential or sensitive information.
  • If you use online programs, only use programs that are at least 256bit encrypted, have multiple authentication levels and have been rigorously tested, remembering that this is still no guarantee that they won't be hacked.
Locally Residing Program Tips
(Programs residing on your computer - not the Internet, but that may have separate data files that can be stored on the Internet)  
  • Be sure the program is not inadvertently on the Internet. (no unintended Apps).
  • Be sure you can export the data and passwords you create, if you decide to switch programs (As we often do!)
  • Be sure the program allows you to get a printed report of all of your data, including passwords. 
  • Be aware that many programs, like Excel and Word are not 256bit encrypted, so if you want to put the resulting data files on the Internet, you should have an Encryption program that you can use and a very strong password.
Online "Digital Vault" Tips
  • Choose firms carefully; vet vendors.  
  • Check to be sure they have at least 256bit encryption, full time security programmers, their programs have multiple authentication levels, have been rigorously tested and you've visited www.privacyrights.org to ensure there've been no breaches reported, remembering that this is still no guarantee that they won't be hacked.
  • After four years of reviewing online digital vaults, the ONLY one we recommend is Summitas™.  Be sure to check them out! www.Summitas.com

Password Specific Tips

  • Use a different password for each of your online accounts. 
  • Make your passwords nonsensical - see the article in our "Resources" section about Creating a Strong Password.
  • Make your passwords at least 8 characters long, including capitalized and lower case letters, numbers and symbols.
  • Keep a master list of your passwords OFFLINE (somewhere not on the Internet!)

Be sure to read the article in our "Resources" section, "How To Create a Strong Password". 

While finalizing the writing of this Newsletter, it was announced that UPS and Home Depot have been the latest victims of "hackers"!
In the Digital Age, Thieves Don't Have to Climb Through Windows to "Case Your Joint"...

Home Inventory
Did you know that certain home inventory programs can give thieves an upper hand?  If you're using an online program or an App you have to be very careful about what information you enter.

According to Jerry Hourihan, president of AIG Private Client Group, U.S. and Canada, reporting to Private Asset Management (PAM) magazine, Cyber liability will be "an ongoing concern" to high net worth families and individuals in the US.

An App, because of its location recognition and scanning capabilities, is connected to the Internet, allowing a thief to know not only where your home(s) are but what and where everything is!  If you're using an App (and there are some great ones!) be sure to use only basic fields - no values!!!  Also, turn off "locations" and NEVER use your full address. 

Using an online program has all of the usual security concerns that are, unfortunately, out of your control.  Be sure you've reviewed our Online Program Tips and consider taking our live webinar or online, self-paced Home Inventory Primer course.  Contact us for details!
In This Issue
Digital Assets

Because of the expansive use of the Internet for the storing of information and images, "Digital Assets" have come to include the data stored by people's Internet presence through online accounts, their websites and even the ownership of their domain names.

Privacy rules on various websites and, for that matter, in various states, dictate not only who owns what data, but also that only the person who opened certain accounts is allowed to close those accounts.  As of this Newsletter, only seven states in the U.S. have enacted legislation specifically allowing personal representatives to access certain types of a deceased's digital assets, and the laws vary widely.  It makes it quite difficult, therefore, if a relative has a Facebook account, for example, and then passes away;  their Facebook page remains online.  There are now lawsuits over this issue. Further, McAfee has estimated that the average Internet user has $37,000 in unprotected digital assets.  Check out the Digital Asset paper in the "Additional Resources" section for more information.  The question then  arises, considering those privacy rules, how can someone's online assets be protected?

One way to deal with the issue is to ensure that all online accounts and their passwords are safely recorded and stored offline.  Another way is to give a copy of that information to a trusted family member or even to your attorney.  Digital Assets are now being included in people's wills, to ensure that they are not forgotten or misused.
Computer Programs, Apps and Data Files;  Are they all different?

Computer Programs...
are a set of instructions that take information, (in this case, from people...) and do work on that information, which can change the information, creating new information.  The programs can be simple or complex and can reside on the Internet, a smartphone, a tablet or on a computer.  Quicken, for example, is a program, as are Word, Excel and even Twitter.  The security of the data as it is input and where and how the resulting data resides, when the program is closed, is always a key element.  Does it start out and/or end up on the Internet, on a local computer, offline, or both?

  

Apps...
are mini-programs that are always downloaded from and are usually, at some point, if not always, connected to the Internet.  They reside on smartphones (and tablets) and generally address one specific type of functionality.  Pacer, Nest Egg - Inventory, PasswordsPlus, and even the Twitter "App" are all "Apps" - they focus on allowing the user to perform a task on their smartphone...even if the task is to get to the online program.(Twitter app).
   
         

Data files...
are the resulting information of your input and the generated information that the computer program or App created.  They can be part of an App or computer program or, in the case of a computer program, they can be separately saved from the program itself.  This is a very important concept, especially if you're trying to keep your data as secure as possible!
 
              

Statistics to Boggle Your Mind...

This infographic gives a good breakdown but you must remember - this was over a year ago...it's gotten exponentially worse in the past year!

872,715,019
Number of Records Reported Breached as of 9/1/14, since 2005, not including "unknown" numbers. 
Source: www.PrivacyRights.org

21%
Percentage of online adults that said they had an account compromised or taken over without their permission.
Source: PEW Research

69%
Percentage of people that felt "very" or "somewhat" secure right after hearing about the Heartbleed security flaw.
Source: PEW Research

39%
Percentage of internet users that said they changed their password or closed an account in response to the revelations about Heartbleed.
Source: PEW Research



Resources for More In-Depth Information 

Did any of our articles pique your interest?  Might you want more information?  Below are some of the top, relevant articles about Cybercrime as of the end of August.  Have a comment or a link we missed?  Please email us and we'll be sure to consider including them in our next Newsletter.

One comment about the last link...and a good concept to consider for this entire discussion:  This article is the most honest "answer" we could get regarding the subject.  As the author aptly states, while researching for his article he seemed "to be introducing more questions than providing answers!"  Interesting (and frightening) statement...
Remember Smokey the Bear?  Well, we like to use Ollie the Ostrich to make our point.  If you stick your head in the sand, the probability is that you'll eventually have to deal with the consequences.

Want help mapping out a plan for your home or business? 
We're here to assist any way we can, even to just bounce ideas around. Our business is helping you to securely and digitally catalog your most important information so it's there for you whenever you need it.

Remember, only YOU can protect yourself against Cybercrime...
Be proactive with your sensitive information!
 
CareBinders, LLC
38 E. Ridgewood Avenue, #332
Ridgewood, New Jersey   07450
201-447-1577
Follow us on TwitterLike us on FacebookView our profile on LinkedIn  Want more tips?  Be sure to follow us on Twitter, Facebook & LinkedIn...

Copyright Š 2014 CareBinders, LLC. All Rights Reserved.