If you don’t know who Frank Abagnale is, go to his website at www.abagnale.com and read his bio. If you’ve seen the movie Catch Me If You Can, you know who he is. Leonardo DiCaprio played him in the movie, which was released in 2002.
I had the pleasure of hearing Mr. Abagnale speak for the second time yesterday, at an ASCII Group Success Summit. I first him speak around 10 years ago at a CompTIA Breakaway event (now CompTIA ChannelCon). He was as engaging and moving yesterday as he was when I first heard him speak and I would gladly take the opportunity to hear him speak again in the future.
He started his talk yesterday with an overview of his life and his experience that the movie documented. As I said at the outset, go to his website and read his biography. If you ever have the opportunity to hear him speak, take it. You’ll be glad you did.
What was different from the first time I heard him speak was that I got the opportunity to speak with him before he went on stage and grab a quick photo. What was more importantly different, was what he shared about cyber threats in the present day.
Here are some of the highlights of what he spoke about.
There will never be any technology that defeats social engineering. Only education will defeat social engineering.
What this clearly points out is the need to have effective and continual training in every business, that addresses the risks that employees will encounter and how to spot them. This is not simply one time training, it has to be ongoing and address the current threat landscape. It’s the only option to have any chance to protect your business against phishing attacks and other means of hacking in to a private network.
This also highlights a real deficiency in our educational system. We don’t prepare our students to properly understand the risks that technology introduces into their lives and society as a whole. If we want to have any change to combat cyber crime, cyber bullying and more, we have to educate our youth and our older population to the threats.
The data that employees have access to is the most important thing they touch. Do they realize this?
The breach that hit the federal Office of Personnel Management (OPM) in 2015 was not the first breach the agency had experienced. The prior breach was not made public, nor was the fact that after investigating that breach, recommendations to address the agencies ongoing exposure were not acted on, which lead to the 2015 breach. Worse, that breach exposed over 21 million records of federal employees and of those, 10.6 million fingerprint records were breached. This data, according to Mr. Abagnale, is in the hands of the Chinese military, as this breach was conducted as an offensive cyber warfare exercise.
Cyber fraud has garnered billions of dollars from the federal government. Consider these examples that were shared:
Over $100 billion in fraud was paid out by Medicare and Medicaid. Most was paid to foreigners leveraging technology.
The IRS has paid out billions in losses to fraudulent tax returns and has stated they will continue to do so until new technology is in place in 2020.
There have been $7.7 billion in unemployment losses and over $10 billion in welfare fraud.
Russian cyber gangs bring in over $20 billion a year. India, Russia and China are the main sources of the money trail that comes from cyber crime. Some of this money makes its way back into the US in form of drug trafficking and other crimes.
Mr. Abagnale contends that cyber crime is transitioning from crimes of financial opportunity toward black cyber.
Black cyber would encompass threats like being able to shut down or alter a persons pacemaker or shut down a moving vehicle while deploying its airbags and locking the occupants inside.
The concern about black cyber could also be thought of as cyber terrorism and it’s a clear and present danger to us all.
He believes that warfare of the future will be cyber warfare, attacking critical infrastructure, financial networks and more.
On the personal front, over 1 billion identities have been stolen worldwide. In the US, one identity is stolen every second! Here are some recommendations from Mr. Abagnale for protecting your identity:
Use a shredder and shred anything that has personally identifiable information. He recommends a secure micro shredder, as opposed to the more common strip or cross-cut shredders.
Use a credit monitoring service. Be sure the service shows soft hits on your credit score, not just hard hits, like when you apply for a credit card.
Speaking of credit and debit cards, he advises to never use a debit card. He recommends paying for everything with a credit card and paying it off every month. It will not only safeguard your money, it will build your credit. He even contends that it is worth paying the fees to get cash with your credit card as those fees will pale in comparison to the cost of having your accounts breached from a debit card. He said that the people who have been hurt the most by data breaches are those whose debit cards were involved.
He advises to be very careful about what information you put on social media. By sharing the location of your birth and your birth date, you are providing 48% of the information needed for identity theft.
He recommends never taking a social media picture of your face straight on. Always have something else, like another person or a pet in the picture, so facial recognition will not identify you. I’m not sure about that one.
Go to his website and visit the resources section and read the treasure trove of helpful information he shares.
Most of all, Stay Safe Online!