Trusted Internet Guide to keeping your remote learners safe (and you from them!)

On September 2nd, the Washington Post reported that a DC-based non-profit got hacked for $7.5 mil (cash stolen!) from an attack on a user working from home. How? I'd bet a dollar that the home worker had no cybersecurity.  You’re probably looking for me to hogpile on these poor bastahds, but there’s a bigger question at play. The bigger question isn’t now to not lose $7.5 mil, it’s how to remain safe from a WIDE variety of threats, scanners, fraudsters, and thieves, including those invited into your home by doing important and sensitive work at home without protection, by your need to surf not-so-safe websites while your boss can’t see you, by poisoned legitimate websites that bad guys KNOW you’ll visit, by your remote learning kids playing games and hacking others (yes, they actually do that!), and a whole host of threats you’ve probably never even considered.

The CEO announced the hack to employees in a virtual call Wednesday morning, saying the initial attack targeted an employee using a personal computer while working from home. Attackers stole $7.5 mil!!

It seems like I keep getting the same questions; 

• How do I keep my home safe while working remotely?

• I keep hearing about bad things happening over conference bridges;

• How do I make my home safe for my kids while they learn remotely?

• How do I work from home safely while my kids are hacking their High School?

My answer is almost always the same. What's old is new again.

I worked for Cisco systems when I first got out of the Navy in 2001. Having worked in secure facilities for the better part of my adult life, the idea of telecommuting was a new and foreign experience for me. I struggled with understanding how corporate communications would remain safe in Cisco's cutting-edge work environment. What did I learn? Cisco had it right. Here's what they did, and how we, Trusted Internet, use their model to protect my family and my company during these times of extreme remote work and learning.

Rather than rent office space for everyone, Cisco allowed many users the ability to telecommute. They would even outfit your home office! When I set up mine, they equipped me with a home Virtual Private Network (VPN) appliance. I connected every computer in my home office to it. Once connected, the machine created an IPSec encrypted tunnel from my home office to Cisco, allowing me to access any office resources needed to do my work -safely, through Cisco's defenses.

Today, most next-generation firewalls -even those built for home use, offer this functionality. To protect your students/families (and remote workers from them), install a firewall in your home, right behind the cable modem. Plug your home wireless system into the firewall and have your kids connect to the Internet through that WiFI connection. Without thinking about it, everyone in your home will connect through their home WiFI, through a firewall, giving them a safe environment to work remotely.

Create a tunnel from your home firewall to the school's network. By doing this, they not only get the protection of your firewall and VPN, but their communications will run through the school's defenses --a second layer of protection provided by the school.

Be vigilant for phishing attempts. Trusted Internet offers a managed version of KnowBe4's Phish Alert system. If you think it's a phish, click one button to submit it to us for evaluation.

Implement Multi-Factor Authentication on all VPN connections to increase security.

Last. You probably have someone monitoring your home's physical security systems. You have a small chance of a crime in the physical space. But, you don't have anyone tracking that space where I can personally guarantee a break-in overnight. YOU MUST have a professional team monitor your cybersecurity tasks: log review, attack detection, and incident response and recovery. 

Have an emergency? Contact our Concierge at 800-853-6431.

Need information? Help? Contact Trusted Internet for support, or report incidents, phishing, malware, and other cybersecurity concerns. or staysafeonline@trustedinternet.io.

My Instagram account was hacked about a month ago. Since then, I’ve… (fill in the blank). This is one of the most common calls we receive on our 800 number. Unfortunately, Facebook and Instagram don’t have humans you can call to help. Instead, they offer web interfaces in the application in which to report an issue.

To report a hack on your Facebook or Instagram account, follow these steps:

1. Login: If you can still access your account, log in to your Facebook or Instagram account.

2. Secure Account: Change your password immediately if you haven't already. Make sure to create a strong and unique password.

3. Access Help Center: On Facebook, click on the question mark icon in the top-right corner, then select "Help Center." On Instagram, go to your profile, tap the three horizontal lines, and select "Settings" > "Help" > "Help Center."

4. Search for "Hacked Account": In the Help Center's search bar, type "Hacked Account" and search for relevant articles or guides.

5. Follow Steps: Click on the appropriate article or guide about hacked accounts. Follow the provided steps to report the hack and regain access to your account.

6. Submit a Report: You'll usually find a link to report a hacked account. Click on the link and fill out the necessary information, including your account details and a description of the issue.

7. Additional Documentation: Depending on the platform, you might be asked to provide additional documentation to prove your identity and ownership of the account. This could include a photo ID or other verifying information.

8. Follow Up: After submitting the report, you may receive follow-up emails or messages from Facebook or Instagram support. Be sure to respond promptly and provide any requested information.

9. Patience: It might take some time for the support team to review your report and assist you in recovering your account. Be patient and regularly check your email for updates.

10. Prevent Future Hacks: After regaining access, take steps to prevent future hacks. Enable two-factor authentication (2FA), use strong passwords, and be cautious about sharing personal information online.

Remember that the steps and options might vary based on the platform's current features and policies, so always refer to the official Help Center or support resources for the most accurate and up-to-date information.

And as always, if you continue to need assistance, please feel free to contact one of our Virtual CISO™s.

I may have had my identity stolen. What should I do?

My iPhone’s been hacked!  We hear this almost every day. And in every case, after listening and asking a few qualifying questions, what we find out is that the iPhone isn’t hacked; the caller is suffering from identity theft.

This is the starter playbook that we our Trusted Internet Virtual CISOSM team offer during our first encounter with a victim of a potential identity theft.

Identity theft is most often caused by the loss of usernames and passwords. 

Here’s a checklist:

    Freeze your credit files with Equifax, Experian, Innovis, TransUnion, and the National Consumer Telecommunications and Utilities Exchange for free. Credit freezes prevent someone from applying for and getting approval for a credit account or utility services in your name. 

    Immediately change your passwords across the board. We find users using common credentials across multiple accounts in almost every case.  Create complex passwords that identity thieves cannot guess. Change your passwords if a company that you do business with has a breach of its databases. 

    Enable two-factor authentication. As soon as possible, or while changing passwords, get on Two Factor Authentication. Most banks offer it. Where not possible, request it or call Trusted Internet for a Duo dashboard. 

    Perform a search for yourself for potential areas of loss and remediation options. You can also attempt to perform this yourself. We usually engage a brand monitoring tool like Brand24 to monitor open-source information (news, social media, etc.) for high-level threats. When we find something suggesting a deeper look, we recommend Trusted Internet.

    Purchase a credit monitoring service. I’ve used Zander monitoring service for years, but there are several good ones on the market – Toms Guide offers a good breakdown of what they believe to be the top 10.

Where user credentials have been compromised, assume your office and home to be compromised as well. 

    Install layered cyber security measures. Next-Generation Firewalls block botnets from entering (or exiting) networks. If your credentials have indeed been stolen, there’s a likelihood that they may show up in a dark web marketplace. Botnets will visit you. Install a firewall now. 

    Consumer-grade antivirus is rarely enough. Trusted Internet sells primarily Fortinet products, including their endpoint protection application (FortiClient). In recent CyberRatings testing, Sophos Home Premium ranked number one. Where we don’t install FortiClient, we normally recommend Sophos Intercept X.

    Monitoring is a must. Because most Identity Theft occurs because of lost passwords, there's a high probability the attacker will try again. 24x7 Continuous monitoring should be considered a requirement.

Protecting yourself after a data breach

At least once a week, we receive a call from someone who’s had an identity theft because of a data breach. This week we’ve had two. In one, the call came from a senior who’d had his banking credentials exposed and received a call from a seemingly nice lady who wanted to help him reset his password.

Here’s the hint: She wasn’t really very nice.

There’s a high probability that, at some point, you will be the victim of identity theft if you’ve been a victim of a data breach. Me? My personally identifiable information is out because of the OPM database a few years ago. I’d bet it’s out there because of several others as well –many that I don’t even know about.

So what’s a victim to do?

Here are some best practices that we recommend on every call:

1.     Change your passwords…. NOW. Start with your banking and move through the list. And when you’re doing that… By changing your password on some accounts, you have the option of kicking off anyone else that might be on it, making them have to know your new credentials. And don’t forget the rules. Every password should be unique, using at least 15 characters and a compilation of upper- and lower-case letters, numbers, and special characters.

This can become messy fast. How do you remember all those passwords without writing them down somewhere? Try using a password manager. There are several good ones out there. DashLane, 1Password, SaaSPass, and others are all very good.

2.     Turn on Multi-Factor Authentication wherever it’s offered, especially on banking and email. Don’t forget your social media accounts, shopping, and anything else you can think of when you come to a site for the first time after a breach. Fix it… turn on Multi-Factor Authentication.

3. Tell your bank or other financial institutions you’ve had a problem. Consider placing a freeze or alert on your account.  

While you’re there, set up alerts for any activity in your bank account –before any money movement.

4.     Review and validate every request for money, especially wires of larger sizes. AI-based scammers have already copied videos and Voices, so pay attention. In one case, I suggested taking a screenshot of the video call where the request was validated and running it through Google Images. It’s not perfect, but it’s one more validating point.

5.     Freeze your credit. Contact the three major credit agencies and freeze your credit. Tell them you may be the victim of a data breach or identity theft.

And if you still have a problem, set up a complimentary 30-minute call with a Trusted Internet Virtual CISO™.