As of 2015 Cyber-attacks cost businesses $400 billion per year and is estimated to increase up to $2.1 trillion per year. (Forbes) This past week of October 21, 2016 the United States fell victim to one of biggest cyber-attacks in history. This comes on the heels of allegations of Russia rigging the U.S. elections, Wikileaks releasing confidential emails from the Clinton campaign and Barak Obama threatening cyber warfare against Russia.
In this attack the Dyn servers came under attack from massive traffic being produced from tens of millions of IP addresses at the same time. (Gizmodo) Being that some of the major U.S. businesses rely on their servers it resulted in half of the internet being shut down from the DDoS attack. A DDoS attack is essentially massive traffic being pointed at certain servers causing an overload. Such overload can actually fry servers beyond repair.
This attack also affected banks and other online payment solutions. As a matter of fact, the software company that I work for was directly affected. We had to perform emergency protocol to immediately rectify the situation so that payments could once again be processed through our platform.
There is not an official statement about who is responsible for these attacks. Of course the mainstream media automatically blamed Russia as they have for the leaks on Hillary Clinton. Currently there is no evidence to support that claim. It could be another ploy to stir up tensions between the United States and Russia which helps to keep the army ranks full of fresh recruits.
We are living in such an advanced world where not only computers are vulnerable to these attacks but even the “internet of things” as well. These “things” include other internet enabled gadgets such as cameras, baby monitors, digital video recorders, etc. (Bloomberg). The problem with these gadgets is that there is no way to block the threats like you would on your PC. You are not able to download anti-virus programs or malware blockers which were used to infiltrate these gadgets.
The truth is that this problem is not going to go away anytime soon. As I mentioned the United States has threatened Russia with cyber warfare. On top of that 12 of the world’s 15 largest military powers are currently building cyber warfare programs (CNN). Earlier this year Chinese state sponsored hackers stole identity information for thousands of Americans. Another state sponsored attack stole millions of user information from Yahoo email users.
However, cyber warfare capabilities are not just limited to state powers. Everyday citizens have the same ability. There is actually a multi-million dollar industry where hackers steal information and sell it on the black market.
In 2012 a DDoS attacks shut down banking websites for Bank of America, JP Morgan Chase & Co., Citigroup, Wells Fargo, and PNC Financial Services. Not only were the websites affected but so were the ATMs and even in-person services restricting millions of Americans from access to their money for withdrawal or transferring.
The effects of cyber warfare are huge. Yet many overlook the threat because we are used to giving away our private information to companies and governments. However, a prolonged attack could have the same effects as a nuclear attack, EMP attack and even financial collapse. Such effects include:
- Shutting down major sections of the power grid
- Erasing millions of bank accounts
- Manipulating or hijacking hundreds of millions of identities
- Disrupting financial systems such as the stock market
- Disrupting transportation systems such as red lights
- Nuclear power plants connected to the grid
As we prepare for other disasters this type of attack needs to take a higher priority. The likelihood wouldn’t be as high as maybe a home invasion or being physically attacked. However, with the current geo-political terrain being tense we need to learn how to prepare for cyber warfare. Being that I work for a software company I figured that I would share some of what I know and practice.
How to Prepare for Cyber Warfare
- Don’t click unrecognizable links in emails
As a way to get malware and other viruses downloaded on your computer hackers will send out phishing emails encouraging you to click a link to the website. These emails have become sophisticated and personalized. They tend to send relevant emails that you like. So if you are a big gun fanatic they may send you emails about guns and ammunition.
DON’T CLICK ANY LINKS THAT YOU DON’T RECOGNIZE! Most of the time when I get an email I will only open the ones that I recognize the sender. The other ones I don’t even waste my time with. However if you open those emails that you don’t recognize then don’t click the link especially if it doesn’t have the “https:” at the beginning. Only secure websites that don’t have malware and viruses running in the background will have the “https:” in the URL.
If you want to check out the link then I would encourage you to type the address into your web browser instead of clicking. Also, I would recommend adding the “https” at the beginning of the address. You could also enable a web browser extension called HTTPS Everywhere. This ensures that you’re web browsing will be encrypted preventing you from visiting websites that can harm your computer.
- Be mindful of the links that you click on social media
We are living in a day in age where there are tons of fake news websites being created just to lure you in. Once you are there malware and viruses on that site directly affect your computer unknowingly to you. Once it has been downloaded onto your computer those hackers can either hack your information or use your computer to commit other attacks.
So when you see articles, (especially conspiracy theory articles) be sure that the website is reputable. You can usually do this by checking out their social proof. If they have many followers online “that may be indication” that they are reputable but not always. Another way to verify is to do a Google search of the headline that they are publishing. If there are other reputable news sites that are publishing the same then you MAY be able to trust that site but again not always.
If you click on the website be alert to anything that instantly begins downloading on your PC and stop it. LEAVE THE SITE IMMEDIATELY! Another sign that the website is embedded with harmful objects is if there are tons of pop ups or if your browser begins to slow down dramatically. Don’t click any of the pop ups and leave the site.
- Never share sensitive and personal information over email
I know when a Prince of an African province reaches out via email you have to help right? He probably wants to wire you a million dollars for your help. Sounds like you hit the jackpot right? DON’T BE AN IDIOT! That was the most inspirational thing anyone has ever told me. Before I do anything I first think “would an idiot do that?” If an idiot would, then I don’t do that thing.
NEVER EVER SHARE SENSITIVE AND PERSONAL INFO VIA EMAIL! If you ever need to enter payment or other sensitive information then make sure it is submitted on a web form that has “https:” in the web address. If you must send such private information via email make sure it is someone that you know personally and encrypt the email. You can use an email service like Tutanota that encrypts information. Encryption is basically putting a message inside a virtual envelope. Otherwise your online communication can easily be seen by hackers among other threats.
- Install a credible anti-virus and malware blocker
Having an Anti-virus and malware blocker software is like having a condom on during intercourse. The internet is a dirty dirty street full of hookers infected with all types of diseases. You do not want to be walking through the internet without protection on.
I have used Avast Anti-Virus for many years and have never had a problem with being hacked or the computer being inoperable due to malware. Avast has a great tool that shows you how reputable a website is before clicking on the link. It will show up in red if it is littered with malware and viruses. Avast will also stop you from visiting a site that is infested and block anything from instantly downloading onto your computer.
- Install an Ad-blocker
As I mentioned in a previous point most harmful websites are full of pop ups. Most of the pop ups are tricky and makes it impossible to avoid. They tend to place them in the right position so that you will accidentally click it. Not only are pop ups harmful but also harmful objects can run through advertisements placed on websites as well.
The websites and advertisements will tend to download a cookie on your browser. That way they can follow you wherever you browse on the internet. Then your browsing information is sold and shared with others to form a profile for you.
To stop this I use an extension for Firefox called Ad Block Ultimate. It is a free extension that you can activate for your browser. Not only will this keep you safer but also make your web browsing speed faster.
- Have pass phrases instead of passwords
Hacking passwords is all too easy for many hackers. Especially when you have people that use pass123 as their password along with other simple ones. Remember the password is not meant to be easy for you to remember. They are meant to be hard so that they can’t be hacked. Many hackers use software tools that can run thousands of passwords within a minute. When a password is less than 7 characters hackers can usually hack it within 8 seconds. Watch Edward Snowden explain the importance of having a pass phrase below
- Don’t use the same password twice
If your account ever becomes hacked then most likely the attacker is going to use that same password on other accounts that you have setup. Most of the time people use the same password on every site so that it is easy to remember. However, that makes you extremely vulnerable.
So you need to have to multiple passwords. Now this may be hard for you to remember but you could use tools like LastPass or KeePass to store your passwords. That way you don’t have to remember. The other great thing about LastPass is that it provides a password generator for you as well.
- Enable two-factor authentication
Two-factor authentication will not only ask you for a password but will also send you a text message or app alert to authenticate that you are attempting to access that site. Hackers will be unable to do this because they are unable to have text messages rerouted. It may seem like a lot but it is worth the extra step to keep your information secure.
- Have important information on multiple backups
For private information and important documents you should have multiple backups. Redundancy is a powerful idea for preppers. You can have that important information stored on cloud servers, removable storage devices, print a hard copy and even have a burner PC that isn’t connected to the internet. That way if one is compromised and you lose access then you will still have multiple backups.
For removable storage I would recommend encrypted flash drives like the Kingston Digital Data Traveler. You can also get external hard drives such as the Seagate Expansion 1TB Portable External Hard Drive. Then I would recommend having a new cheaper laptop that has never accessed the internet. If it has accessed the internet before then I would recommend reformatting it. You should also encrypt that hard drive so that it is impossible for thieves to access that information if stolen.
- Install a VPN
A VPN (virtual private network) is another tool that you should use to encrypt your online information. When you are online there are thousands of trackers watching your browsing habits and information that you share. Everyone from the government, businesses to hackers and people who are looking to sell your information are watching and collecting information.
With a VPN your browsing habits are encrypted. Again this basically means that your information is placed inside a secure envelope that hides it from others. The VPN will also mask your IP address. Everyone online is identified by their IP address instead of your name. A VPN will use multiple addresses in their network to bounce around your location. This can make it appear that you are in a different state and sometimes even in a different country.
There may be different reasons that you may want a VPN so I would encourage you to shop around. However, I use Hotspot Shield. I would recommend buying their paid version because their free version will interrupt your web browsing with advertisements.
- Use a safe browser
Another big tool for online security is the browser that you are using. Some browsers are more vulnerable to cyber-attacks and ultimately cyber warfare than others. This is especially true if your browser is not updated. Browsers push out updates whenever they find a vulnerability. So keep your browser updated.
I would highly discourage you from using Google Chrome because they share your web browsing information not only with the government but also businesses. There are more private web browsers like Firefox who treasure your privacy. The best browser in my opinion would be TOR because it is encrypted and has a VPN built in. However, the browser can be extremely slow.
You can switch up the browser that you use. If you are just browsing the internet and not sharing any private information then you could use Firefox. However, if you need to share private and sensitive information like paying bills then I would recommend using TOR.
- Use a separate card for making online payments
You will want to use a separate debit/credit card when making online purchases then what you use on an everyday basis. That way if your money is stolen from that card you will still have money for the everyday essentials. Now I’m not a big proponent of using credit cards but they tend to cover you more if your information is ever stolen than a debit card would.
- Have emergency essentials stocked
As a prepper this should go without saying but you should have emergency essentials stocked up in the case of cyber warfare. These attacks have the potential take down the infrastructure of the United States leaving many business vulnerable. Many stores could shut down because they are unable to process payments. So you want to have AT LEAST a 30 day supply of food and water but this event could last for months.
- Have emergency cash on hand
You should have at least a weeks’ worth of expenses withdrawn from the bank in the case of cyber warfare along with other threats. If the grid goes down you will still be able to make purchases. Along with paper cash you should consider stacking some silver if this event turns into a long term recovery operation.
These would be my tips on how to prepare for cyber warfare. Please leave your suggestions and ideas in the comment section below. Your feedback helps the prepper community prepare the smart way now so that we can thrive later.
Photography by Florian F. (Flowtography)