That’s what I learned from a talk by Robin C. Stuart, a veteran cybercrimes investigator, who laid it on the line last weekend in a talk sponsored by Sisters in Crime, NorCal at the Half Moon Bay Public Library.
“If someone wants to hack you, they can do it,” said Stuart. In other words, barriers, firewalls, security systems will slow the bad guys down, sometimes significantly, but it won’t stop them. Unfortunately, we, the public are on the losing side because there aren’t enough cybercrime fighters.
For example, according to Stuart, the FBI has a robust 14,000 agents but a mere 1,200 workers in their cyber squad. The Secret Service has 13,000 agents, but a miserly 1,000 cybercrime stalkers.
“The bad guys are after you and me and our information,” she said. Although they are successfully attacking companies like Microsoft, Apple, Facebook and Google, what they want are not organizational secrets, but their customer database. For Google and Facebook, that amounts to four billion combined user’s private information. If you are like me, you have probably given up enough info to make you shudder to one or more of these groups.
To plug the hole in this ever-widening gap in the cybersecurity dam, people like Stuart are hired. Surprisingly, she doesn’t have a law enforcement background. She was a paralegal before. But, what she does have is a topnotch analytical mind and a tremendous curiosity that keeps her digging for answers.
Since I had my identity stolen last year, with my hacker going into my bank accounts, health account, home phone and email, I was interested in not just specifics (how they retrieved my information) but also the big picture.
On an international scale, there are the nation states like Russia, China, North Korea and Iran who use, among others, military personnel whose day job is to infiltrate computer systems, retrieve IA, influence opinion and in the US case, elections.
“Then there is the garden variety attacker. They use traditional malware or ransomware. Their only goal is money,” said Stuart. At one time, investigators could ‘follow the money.’ But with the invisibility of cryptocurrency as a payment method and the dark web, the money trail is almost impossible to follow.
“I've been following miscreants from a particular region for ten years," said Stuart. During that time, attacks on cities, health-related companies (i.e. hospitals), and organizations with huge databases have been increasing.
If there is one thing I learned from Robin’s talk and my own personal experience is that it is up to me to protect my information. That means having different and complicated passwords for each of my accounts. However, it’s not foolproof. My debit card was recently hacked into and someone bought some extremely expensive face cream. But I knew immediately who to call (my bank) and what to do (change passwords).
Thanks, Robin for a very informative talk…a scary talk…but one I needed to hear. As for my hacker last year, he/she was never caught by the cyber police I worked with. However, in my third Trisha Carson mystery, the creep goes to jail.
Robin Stuart (l), cyber crimefighter, is
introduced by Diana Chambers (r), Sisters in Crime, president, Nor Cal Chapter