My husband is a stock broker (oh, sorry uh "financial advisor") and it's been one heck of a tough week for him. Having to explain this bizarre Wall Street crisis and maintain a sense of hope and humor feels an awful lot like helping consumers understand the Internet and learn how to profit from it and avoid the pitfalls. I've got a recap of some of this week's top cybersafety stories for you:
Congress passed a bill (H.R. 5938) which intends to harden existing laws against cybercrimes. It goes on to the President to sign.
Other Washington, DC news - the US isn't cyber "ready". Most of the blame falls to the Department of Homeland Security which is not only too disorganized to be effective (according to the reports) but also has failed to reach out effectively to private industry. What is certainly clear is that some of our cybercriminal activity is political in nature and has been known to include attacks that are terroristic in nature. Examples include denial of service attacks in Georgia. At a recent National Governor's Association meeting in Arlington, VA, several policy analysts described the constant onslaughts their websites and infrastructures receive from web-based attackers. And considering how easily the City of San Francisco was held e-captive by a disgruntled IT admin, one shudders to think what a real cyberterrorist might achieve if we fail to harden our national infrastructure.
Republican VP candidate Sarah Palin had her Yahoo email account breached. Some yet to be identified hacker used the most basic social engineering skills to figure out her "security" questions and get her password reset, enabling him/her to access all her photos and emails. If we learn anything from this experience folks, it's that passwords can be complex and difficult to guess but it serves little purpose if the security questions can be known by anyone close to you (or with access to Wikipedia). Your mother's maiden name? Home town? Pet's name? Maybe Senator McCain's strategy of not using email at all is the most secure.
More data breaches (yawn.) Forever 21 (the retail store with the loudest music) admits payment card data has been accessed by unknown outsiders. Nearly 100,000 people are effected (or about the average number of people in their stores whenever I get dragged in there by my daughter.)
After this week, and watching coverage of Texas' storm devastation, I really hope the next week offers calm weather, calm markets and stronger cybersecurity for us all. At least I have hope!