Loading...

19 September, 2017 Education

Cyberattacks and Protecting Your Information


ALL BLOG CONTENT IS FOR INFORMATIONAL PURPOSES ONLY. ANY REFERENCE TO OR MENTION OF INDIVIDUAL STOCKS, INDEXES, OR OTHER SECURITIES ARE NOT RECOMMENDATIONS AND ARE SPECIFICALLY NOT REFERENCED AS PAST RECOMMENDATIONS OF PATTON WEALTH ADVISORS. ALL GRAPHS, CHARTS, AND TABLES ARE PROVIDED FOR ILLUSTRATION PURPOSES ONLY. EXPRESSIONS OF OPINION ARE ALSO NOT RECOMMENDATIONS AND ARE SUBJECT TO CHANGE WITHOUT NOTICE IN REACTION TO SHIFTING MARKET, ECONOMIC, OR POLITICAL CONDITIONS.  IT IS COMMON FOR US TO USE A FUND AS A PROXY FOR AN INDEX OR ASSET CLASS.  FOR MORE DETAILS SEE OUR FULL DISCLOSURE HERE.

In this blog, we discuss the following:

  • Cyberattacks by the numbers
  • The Equifax breach and what YOU need to consider NOW
  • Best practices
  • How we protect your data

Cyberattacks and breaches of personal information have become all too common and should not be ignored by anyone. If you are connected to the internet in anyway, have online accounts of any kind, you are at risk.

What we want to accomplish is tough. We want to 1.) maintain our online access and presence, 2.) store data digitally on our own devices or in the cloud (others’ devices), 3.) allow our access freely and sometime share access with certain others 4.) while preventing access to most (including thieves). These are complicated goals and much different than information on a piece of paper locked in a filing cabinet. Accomplishing these goals simply requires some effort.

The Statistics

The numbers are staggering:
  • In 2016 one in every 131 emails was malicious. Just 2 years ago it was only 1 in 2441.
  • Cybercrime damage costs were estimated at $3 TRILLION worldwide in 2016 and estimated to double by 20212.
  • Ransomware damage costs, a thief locking your computer(s) until they are paid a ransom,are estimated to exceed $5 billion in 2017 or 15 TIMES the cost just 2 years ago2.
  • Identity fraud costs U.S. consumers $16 billion in 20163.

It’s not only the statistics that should get your attention but also the hassles and drain on your time if you are a victim. It can take some consumer months to clean up the mess caused by identify theft and lost data is often never recovered.

Equifax Data Breach

Equifax, one of the three credit reporting agencies, disclosed on September 7th that the personal information for 143 million Americans had been compromised. This breach is significantly worse than many others because the data stolen included names, addresses, dates of birth, and social security numbers. These four pieces of data tend to be the items required to confirm someone identify.

You should read the blog posted by the U.S. Federal Trade Commission regarding this breach: https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. As noted in this blog, if you have a credit report (if you are reading this blog then the odds are high!) then it is likely your data has been stolen. In this FTC blog they suggest steps you should consider including:

  • Consider 1 year of free credit monitoring by Equifax
  • Check your credit reports
  • Consider placing a freeze on your files
  • And more

In addition to the above recommendations by the FTC, Experian, another of the three credit reporting agencies, offers a free scan of the dark web.  You can access it via the following link: https://www.Experian.com/scan.  This is another step in an effort to determine if thieves have your personal information.

This Equifax breach is significant and likely includes your personal information. You should seriously consider taking some action.

Best Practices

There is a lot you can do to protect yourself. Here are some best practices to understand and consider:

  1. Email – the most common entry point for thieves.
    • Avoid or delete emails from unknown senders.
    • Be cautious of opening any attachment especially if it is an unknown file type.
    • Scrutinize senders email address to make sure they are not different by one character.
    • Avoid clicking web links in emails and instead type the link directly into your browser to make sure you are going to an authentic site.
  1. Passwords
    • Store them in a secure location
    • Change them frequently
    • Avoid common words and repeating previously used.
  1. Multiple Authentication – this is a second level of validation, in addition to a username and password, such as a text message or other tool.
    • Utilize multiple authentication especially for access to financial related information and accounts.
  1. Software Updates – known as software “patch management” to keep software up-to-date to close “holes”.
    • If you utilize Windows or an Apple device, make sure it is set to automatically install updates as they become available
    • Do the same for all of your software.
  1. Anitvirus Software
    • Use it
    • Make sure it is always up-to-date to protect from new threats.
  1. Wifi access
    • Use a secure network whenever possible. Personal hotspots tend to be more secure than public networks.
    • Avoid conducting sensitive activities on public networks such as activities requiring you to input a credit card number or password.

How Patton Protects Client Data

Protecting our client data is a top priority. During the past year we have hired two cybersecurity consulting firms to conduct a thorough risk assessment, address any issues, and provide 24x7 ongoing monitoring of our systems and every device used to access our systems. This, and much more, is documented in our comprehensive Cybersecurity Policy.

In addition to our own efforts, we favor custodians (firms holding our clients’ money) that have extremely robust policies and procedures in place to protect our clients. We recognize that such robust policies and procedures can cause relatively minimal hassles occasionally for our clients but believe this is a very small prices to pay for the protection it provides.

We have gone to great lengths to protect our clients’ data but recognize no business is immune from the risks of a cyberattack. We are committed to continual improvement and maintaining robust standards.

Conclusion

The sophistication of cyber criminals has escalated rapidly and the pace of change is rapid. The Equifax breach should be taken seriously be every American. We encourage you to consider the recommendations of the FTC as it pertains to this breach and to also consider the best practices outlined above. These things will take effort but are critical in today’s digit age.

Source: 1 1Symantec Internet Security Threat Report April 2017 Volume 22, 2 https://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics-for-2017.html , 3 http://www.iii.org/fact-statistic/facts-statistics-identity-theft-and-cybercrime

Contact Mark A. Patton :

The information provided here is for general informational purposes only and should not be considered an individualized recommendation or personalized investment advice. Any specific securities or investment strategies mentioned here may not be suitable for everyone. Each investor needs to review an investment strategy for his or her own situation before making any investment decision including whether to retain an investment adviser.

All expressions of opinion are subject to change without notice in reaction to shifting market, economic or political conditions.  Data contained herein from third party providers is obtained from what are considered reliable sources. However, its accuracy, completeness or reliability cannot be guaranteed. This content was created as of the specific date indicated and reflects the author’s views as of that date. Supporting documentation for any claims or statistical information is available upon request.

Past performance is no guarantee of future results.  Any comments about the performance of securities, markets, or indexes and any opinions presented are not to be viewed as indicators of future performance.

Investing involves risk including loss of principal.

Indexes are unmanaged, do not incur management fees, costs and expenses, and cannot be invested in directly. For more information on specific indexes please see full disclosure here.

Any charts, tables, forecasts, etc. contained herein are for illustrative purposes only, may be based upon proprietary research, and are developed through analysis of historical public data.

All corporate names shown above are for illustrative purposes only and are NOT recommendations.

International investments involve additional risks, which include differences in financial accounting standards, currency fluctuations, geopolitical risk, foreign taxes and regulations, and the potential for illiquid markets. Investing in emerging markets may accentuate these risks.

Fixed income securities are subject to increased loss of principal during periods of rising interest rates. Fixed-income investments are subject to various other risks including changes in credit quality, market valuations, liquidity, prepayments, early redemption, corporate events, tax ramifications and other factors. Lower-rated securities are subject to greater credit risk, default risk, and liquidity risk.