Our goal at Cyber Safe Workforce is to give our readers and clients the tools and information they need to be more cyber-aware. We teach phishing awareness, how to protect your accounts with strong passwords and multi-factor authentication, and more. In some cases, though, our cybersecurity rests in someone else’s hands. We put our trust into businesses, schools, and local governments in order to complete certain tasks: sharing our credit card information with an online retailer, providing personal data to our children’s schools, and registering your car, to name a few. There are many ways in which we live life online and with some of them, unfortunately, we are not in control.
Earlier this month, it was reported that a hacker broke into the water treatment system of a small town in Florida. The hacker entered remotely through the online system and increased the level of sodium hydroxide to 11,100 parts per million from 100 ppm. This increase was drastic enough it could have harmed residents if the water had made it to their homes.
Reading this story can be alarming, but most experts agree that there was no real danger to the water supply and residents thanks to other routine procedures in place. However, it does beg the question: do the benefits of remote access outweigh the dangers? And, if they do, are utility companies doing all they can to protect the public? Was two-factor authentication available or required to login to the water treatment system remotely? As cyber-aware consumers, it may be up to us to raise these issues to effect change.
Another news item that reminds us how much of our lives are online is the recent release of patient medical records onto the dark web. In this story, two separate U.S. hospital chains had tens of thousands of records containing names, addresses, birth dates, and health diagnoses exposed on the dark web. When we visit a hospital, it may be in an emergency or with a doctor’s direction; we are rarely thinking of cybersecurity when we walk through the doors. But the reality is that hospitals manage massive amounts of sensitive data, from financial and insurance information to health diagnoses.
What do we do when the safety of our data is largely out of our hands? The best advice we can offer is to regularly review your credit report, double-check your health benefit statements, and change your password immediately if you become aware of a data breach that affects your accounts. When you create a new account, reach out to the company and ask about their cybersecurity policies and procedures: advocate for your cybersecurity as you would other aspects of your life!