MILITARY BOOKS

Personal Cyber Security Service In An Era Of Hacking And Ransomware

Home | United States Army | United States Marine Corps | United States Navy | United States Coast Guard | United States Air Force | Subject | Rank | Articles, Stories and Poetry | Contact Us | FAQs | Site Map

New Page 3

Hacking and ransomware attacks like Wannacry and Petya are not random or unforeseeable. You don't become a target of these attacks by sheer chance, or act of God. I should know, because mine was among the hundreds of thousands of systems affected by the initial wave of the Wannacry malware attacks in May 2017.


The hack and subsequent encryption of my system by the ransomware came as a rude surprise to me. I had always associated hacking and such incidents with the NSA, other government agencies, and big corporations. Not individuals like me. And much as I would like to blame the NSA, (and yes they were culpable in some way, but more on that later), I have to admit that my lack of adequate
personal cyber security was also a significant factor. 

 

Like most other internet users these days, I also have multiple computer and mobile systems that I regularly use to go online. Thankfully, my primary production systems that I use for my business had been updated to the latest version of Windows 10. And even that wasn't down to a conscious decision on my part, but due to an automatic update. 

 

But on one of my other PCs, Windows 7 was intact and became infected. As most of my sensitive business data and personal stuff was on other systems, catastrophe was averted. All I lost was some of my older, less relevant data. But it was still a stark reminder that even a minor oversight can lead to strangers having access to your private data, often with personal or financial implications. 

 

The incident has thrown up in stark relief some uncomfortable truths. I was reading up on Microsofts response to the ransomware attacks to figure out their stance on the issue. After all, it was the vulnerabilities in their OS that led to the attacks right? But sadly, things are not so clear cut. 

 

For starters, attack affected only the outdated versions of the Windows operating system, like XP, Windows 7, and Windows 2008. If it had been successful against Windows 10, users could potentially have had a solid case against the company. But in fact, thanks to an NSA tip off to Microsoft, the company had been able to release a patch in March to protect these older OS versions. 

 

That led to my first lesson from this whole incident. I now take all security updates and patches seriously, rather than postponing them or ignoring them altogether. And yes, I have decided to heed the companys call and update all my systems to the latest software versions and patches. But that is only part of the equation. 

 

It was, after all, the NSA who was responsible for finding this particular vulnerability in the Windows systems in the first place. And they held on to it for over five years, using it to gather intel, which is what they are paid to do. But this is the same NSA that lost a whole cache of data to Snowden. And the very tools for this attack were stolen from the NSA and left free online for anybody to pick up and use. 

 

The Microsoft response was scathing and withering in its criticism of NSA, and their unwillingness to divulge these vulnerabilities in time to the company. While that is understandable, we ordinary citizens cannot expect agencies like the NSA to stop using these exploits. 

 

And what worries me most is the fact this surely won't be the last incident of its kind. In fact, the Wannacry malware only used two exploits from the NSA. There are already reports of newer malware, like "EternalRocks" which uses another five different hacking tools. And inevitably, in future, there are bound to be further hacks and exploits of the latest Windows 10 systems as well. 

 

So what should the average user do? Governments and corporations have the budget to employ dedicated teams of cyber security experts to monitor their systems. But what about busy individuals, particularly high net worth businesspeople, and prominent personalities? Surely, somebody has created a business to provide this vital service, like a PC version of home security monitoring? 

 

In my quest to find an answer to this question, I ended up at the door of an interesting company: Rubica. Though they are relatively new, having been established only in 2016, they do have an impressive pedigree. The company was created from the cyber division of Concentric Advisers, a cyber security consultancy service with more than a decade of experience. 

 

So what can this private firm provide you or me, individuals and solo entrepreneurs with data that needs constant protection? Pretty much everything, or so it would seem, based on the array of services on offer. They provide a cyber audit of your current level of security, which, had I used it prior to the Wannacry attack, could have surely prevented the loss of my data. 

 

Rubica also has an app to secure your mobile devices, as well as PCs and Macs. I was particularly intrigued by their Concierge service, which seems like a highly personalized service. Their 24x7 monitoring teams and AI provide a constant shield against attacks by constantly checking your cyber security for potential weaknesses.  

 

Rubica is definitely not a mass market solution, nor do they advertise themselves as such. If you have a dedicated team of security professionals available 24x7 to handle cyber security, the service certainly wont come cheap. But the value of your privacy in incalculable. And if the potential monetary cost of a breach of that privacy is also very high, then services like Rubica may be well worth a look.

© 2013 - 2017 Hi Tech Criminal Justice