TMCnet News

The Sacramento Bee Claudia Buck column [The Sacramento Bee]
[November 01, 2014]

The Sacramento Bee Claudia Buck column [The Sacramento Bee]


(Sacramento Bee (CA) Via Acquire Media NewsEdge) Nov. 01--It was a week of unsettling cybernews.

A record number of Californians -- 18.5 million -- were exposed to data breaches in 2013, a staggering sixfold increase from the previous year, according to a report released Tuesday by state Attorney General Kamala Harris. The U.S. will likely suffer a "major" cyberattack within the next 10 years that will cause widespread harm and threaten the country's financial and government institutions, says a survey of 1,600 computer security experts released Wednesday by the Pew Research Center and others.



And in Sacramento, the local FBI office announced Monday it's opened a new hotline, urging consumers and businesses to report instances of cyberintrusions.

Clearly, we're all vulnerable. But there are ways to protect yourself. This week, FBI Special Agent David Rubel in Sacramento answered questions from The Sacramento Bee about cybercrimes and what consumers and businesses can do to protect themselves. Here's an excerpt: Your office recently announced its new hotline where consumers and businesses and can report attacks and get help from the Sacramento FBI's cybercrime squad. What prompted the dedicated hotline? The FBI's mission is to bring cybercriminals to justice. We want to connect with the public. We feel there's a lot more crime out there than is being reported to us. We're very willing to investigate the crime, if they'll call us. If they are the victim of cybercrime or know someone who's been a victim, we want to hear from them. (The Sacramento FBI's "computer intrusion and cyber-tip" hotline is (916) 977-2297.) So many cybercriminals appear to be operating from overseas, in Eastern Europe or Asia. Is it really possible to catch the bad guys? Absolutely. There are cybercriminals everywhere. We know they are in Sacramento. We want the public to report (incidents) so we can hunt these people down.


What kind of cyberattacks are most common? They're up to everything. The top three: stealing bank account and other financial information (hacking into someone's computer and installing a keylogger to acquire account passwords); extortion schemes (hacking to steal nude or compromising photos, then demanding money or more photos by threatening to send them to person's entire contact list or office email); denial-of-service attacks (bombarding a business's website or computers with high-volume nuisance requests that render the system inoperable).

You've also cited phony emails as a common problem.

Spearfishing is a very big issue. It's the preferred method of hackers getting into your computer. It's spoofing an email to somebody so that the recipient thinks it's from a trusted source. If you're Company A and always do business with Company B, you'll open an email with an attachment (that looks like it's legitimate) saying "Please open and let me know what you think." As soon as it's opened, malicious code is executed, which gives the attacker access to that (computer) and the entire network. ... You really have to verify that everything you're opening is coming from the person it's purported to be.

(FBI spokeswoman Gina Swankie cited a media report of small pizza business in Colfax that recently received an email with what appeared to be a résumé attached. It actually wasn't a résumé, but a file that contained malicious code. Once the file was opened, it executed the code and locked up the business's computer. The cybercrooks then demanded a $2,000 payment in bitcoins to undo the damage.

(In a larger case, a group affiliated with the global hacking group Anonymous infiltrated the computer systems of Sacramento-based cybersecurity firm HBGary Inc. and others, stealing thousands of account details and posting private company emails. In 2012, six perpetrators were charged in federal court in New York.) What are some of the basic tips to protect your computer? Keep your software updated. Apply your computer's security patches as soon they become available. Use a reputable antivirus scanner (Norton, McAfee, AVG, Microsoft Security Essentials, etc.) and keep it updated. When you update your software and install a virus scanner, it's the same as eating your vegetables and getting a flu shot. It'll boost your immunity, but it won't guarantee you'll never get sick.

Practice safe use of the Internet. Be careful of what you download. Just as you should be cautious about wandering around in a park at 2 a.m., be cautious about wandering around on questionable websites. That means anything off the beaten path: gambling, pornography sites, etc. You're more vulnerable. ... The back recesses of the Internet are less likely to be regulated, and they're places where people are less likely to report malware or bring it to the attention to law enforcement.

How extensive is Sacramento's cybercrime team? We have an entire cybersquad dedicated to these investigations. The team includes special agents, intelligence analysts and a computer scientist, along with other professional staff to investigate computer intrusions. The capabilities of the team enable us to reverse-engineer attacks, analyze data and examine patterns. ... The cyber task force works with investigators from the CHP, the Air Force, the National Guard ... and 55 other FBI field offices throughout the country. It's a united army: local assets plus those with whom we can collaborate virtually.

Call The Bee's Claudia Buck at (916)321-1968. Read her Personal Finance columns at sacbee.com/claudiabuck.

___ (c)2014 The Sacramento Bee (Sacramento, Calif.) Visit The Sacramento Bee (Sacramento, Calif.) at www.sacbee.com Distributed by MCT Information Services

[ Back To TMCnet.com's Homepage ]