Last Updated on Apr 8, 2020 by James W
To defeat a hacker, you need to think like a hacker. A handful of infamous hackers have followed this aphorism as a means to leave their illegal hacking activities in the past. Those reformed hackers now offer their services to small and medium sized businesses (“SMBs”) that are the growing target-of-choice among the other hackers who are still on the darker side of the law.
A recently-published survey reveals that almost 90 percent of professional hackers are able to break into a target system within 12 hours or less, and that once a network is breached, more than 80 percent of those hackers can find sensitive personal and financial data with less than 12 hours of additional work. Firewalls and anti-virus software barely even slow down a professional hacker.
In view of this reality, advice from professional hackers can point a business in the right direction to improve security on its own networks.
Kevin Mitnick
Mitnick’s name usually lands on top of every list of reformed hackers. He spent nearly five years in federal prison for computer crimes, and established his own anti-hacking consulting business after he was released. His advice includes a number of simple strategies that raise the bar against data breaches, including using more complex passwords and password management or vault software, using cloud computing services to encrypt data, and remaining wary of requests for access to email and contact information. Of particular interest to all businesses is Mitnick’s warning against using public Wi-Fi networks. Employees like the convenience of tying into public Wi-Fi in order to avoid using up valuable cell phone data allotments, but those networks are notoriously insecure. Mitnick also advises businesses and individuals alike to subscribe to virtual private network (VPN) services.
Michael Calce
When he was barely 18 years old, Calce launched distributed denial-of-service (DDoS) attacks that took down Yahoo, eBay, Amazon, CNN, and Dell Computer Company. He was captured and service an eight-month prison sentence, after which he wrote a book that many individuals and businesses use as a guide to cybersecurity. Calce warns that cybersecurity in general is too lax, and that businesses and individuals need to increase awareness of their cybersecurity vulnerabilities. Like Mitnick, Calce cautions against the use of public Wi-Fi hotspots. He parts ways with Mitnick where cloud computing is concerned, as Calce believes that cloud services are susceptible to a major hacking attack. Calce suggests that cybersecurity should be a direct consideration and not just an afterthought in business planning.
Anonymous
A slew of hackers that continue to ply their illicit trade away from the spotlight occasionally come forward with advice on the condition that their identities remain anonymous. Much of that advice includes tried and true wisdom from the cybersecurity world, such as using stronger passwords, enabling two-factor authentication for logins to corporate networks, never clicking on links from suspicious sources or in emails from unknown senders, avoiding peer-to-peer file sharing networks, and updating software regularly to confirm that all patches and bug-fixes have been installed.
Businesses that remain abreast of developments in the cybersecurity world will know that even if they and their employees were to follow each and every suggestion from these infamous hackers, their networks would still be susceptible to a data breach by a determined hacker. Because it is impossible to stop every illicit computer network incursion, cyber insurance that includes data breach coverage is the ultimate defensive strategy against a determined hacker.
Data breach coverage insurance can provide reimbursement for lost data and damaged systems while protecting a business against litigation and liability costs occasioned by lawsuits from third parties whose data might have been compromised through the data breach. Reformed hackers all agree that the hacking community is in a lockstep race with every business to see which of the two groups can stay in the lead on cybersecurity. Data breach coverage will protect a business that has fallen behind in that race.
