I Got Hacked… A Solution?

I watched a report tonight on our local news channel about a hospital in Little Rock having its computer systems compromised by hackers. I think these types of attacks can be mitigated with education and training, and could possibly decrease the number of attacks by a great deal! My disclaimer here is that I am no expert, but most hackers depend on people reading emails, clicking on links or downloading programs because they are just not trained to look for these “gateways” to computers. I mean, I could be hacked tomorrow…they are much smarter than me, but when they have such easy “marks”, why should they worry about sophisticated schemes and tactics when it’s so easy to fool someone not as proficient in technology. I’ll give you what my solution would be, but first a little history of how I dealt with a hacker.

I’ll start at the beginning. In 1991 I bought my first computer… a Packard Bell that I paid about $2500 for the tower and monitor. At that time (and even presently) I hadn’t taken a computer class, and to be honest, I didn’t have a clue how to use a computer. Heck, I didn’t even know what I was going to use the dang thing for, but there it was sitting on my kitchen table. I was afraid of it. After just a few days, I crashed it. I called my 15 year old nephew over to my house to fix it. In less than 15 minutes and his little hands going ninety to nothing… I was up and running again. Then, a few days later the same thing happened, I crashed it and he came over again and fixed it with his magical little fingers.

Sure enough a week or so later and even more afraid of the computer, I called my nephew with another crash report. This time though, I wouldn’t let him sit down and fix it, instead I sat down at the computer and told him to TELL ME and SHOW ME what I needed to do to fix my computer. After that night, it was the last time I ever had to call him about a computer issue. And so for the next few years I became more and more comfortable using the computer. Everything was going great until 1995.

By 1995 I was getting fairly proficient using the PC (I think by then I had bought a more powerful computer). The internet was really starting to catch on, but so we’re the hackers. Then it happened to me, I got hacked! The hacker sent me an email and told me he could see every file on my computer. I immediately got depressed because I felt so violated! Then I got pissed! But instead of calling him names, or threatening him, I wrote him back and asked how he was able to hack into my computer. He wrote back, he gave me the details and I “fixed” the error of my ways. Luckily, he told me he just wanted me to be aware that because of something I did…it allowed him access to my files.

So in the 31 years that I have sat in front a computer, I have learned a lot. At least up until now, it was the only time I have been hacked. However, in all these years I did get a computer virus, but I did it on purpose. When the “I LOVE YOU” virus first came out (2009), I wanted to see what it would do to my computer, so I downloaded the virus and activated it on my PC. Yep, it crashed my computer and it took me a full day to recover from it. But to this day, no more hacks and no more viruses. That does NOT mean I’ll never be hacked, nor does it mean I’ll never get a virus…but I ain’t easy either.

OK, so I gave your all this history just to tell you my solution for drastically reducing the number of attacks (both ransom and general attacks). Most of these breeches into the computer systems are done through unsuspecting “phishing” emails, malicious links and/or malware programs. Knowing what to look for in these emails can reduce the risk of an attack or data breech.

If I were an Administrator, a CEO, a School Superintendent or the head of any other company that uses computers in the workplace… the first thing I would do is require all employees (especially those tasked with responding to emails (customer service, marketing, etc) to attend a one day inservice education class on how to identify and handle suspect emails and suspicious links. Spotting these emails and links are really not that difficult if you know what to look for and how to check them. With a little practice it becomes almost routine. The second thing I would do is require all new hires to also take this one day class as part of their new hire orientation. Thirdly, the class would be given yearly (maybe a half day refresher) for review and to learn any new methods and tactics hackers may be using, because hackers are constantly changing and updating their methods and tactics for these attacks.

When you think about the data breeches, the ransom amounts asked for, as well as the loss of productivity in a facility, this kind of training would be well worth it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s