With the advent of the Equifax leak, along with countless others, we have entered into a new phase of Information Insecurity.
There are roughly 300 million people in the United States. Of those, 143 million have had their data stolen by the Equifax breach. This constitutes about 1/2 of every man, woman and child in the US. If you eliminate the population of children, this is almost complete coverage of the adult citizenry in the United States. That number is staggering.
Take this into combination that we are using computers that most of us do not know how to fix a stuck update, or do not update our applications on our phones or computers at all. The recent string of malware will infect all systems on your network once a single system is compromised. So, you have to update everything, consistently.
Then there are the innocent self-infections by installing something that is supposed to be clean, but really isn't.
And, finally, my favorite one: I don't have a computer at all, I don't go on the internet. These people have been put at risk, also. Due to the Equifax breach. We are all at risk
So, what is new?
Those that wish to do harm to us now have the capability to assault us on a number of fronts. They have personal information that can be used in combination with inherent holes in our security to craft authentic-looking exploits through the use of email, robo-calls, viral texts, et al. All designed to look real. To trick us in to giving up even more of our information. Or, to completely falsify our identities and take over our lives without us even knowing it.
So, what is my course of action?
- Update everything, every time you touch the device.
- Have everything automatically update. If this breaks an application, then so be it. Better to break an application than break the bank from losing more than you already have.
- Use identity theft protection. The likely hood of you having free protection resulting from the Equifax breach is high. Use the free protection.
- Get smart on exploits. Start reading information from the major anti-virus providers. The information may be technical, but after you read it for a while, you'll start to pick up on the gist of the information. You don't need to know all the technical information, but you do need to educate yourself as to "how" the infections are happening.
- Seek help from those in the now.
- Don't ever let anyone access your computer remotely, unless you have a high degree of trust in that person.
- Antivirus and Antimalware systems are a must. Those that block you from doing something high-risk are incredible.
- Learn how to use encrypted email. I find is abysmal that in the year 2017 we still do not use encrypted email as default. Every email I send out has my public key in it which the recipient can use to encrypt their communications with me. Encrypted email can eliminate a gross number of exploits and give the user a great amount of power over their communications. However, we shy away from it.
I wish I had better news to give you. I figure this will occur in 2018 - 2019. It will be the new wave of exploits. It will be the combined use of current exploits and available stolen information that will make it almost discernible between legitimate and fraudulent companies on the web.
Thanks for reading,
Jay C. Theriot