OK, at dinner last night at the prestigious 1921 Room at the new Army-Navy Country Club we talked about the Stones of the District plans to nail the last unvisited stone- that being SE9. We didn’t know that a family member was in a really bad situation, but knowing wouldn’t make anything any better. That one is going to gnaw at all of us cruelly until it is resolved.

So, that kind of put me off my feed for the morning, that and the trip to the airport, and while I will go back to the Saga of the Stones, there is more important stuff to deal with. I sent you the note from my pal yesterday about the insidious nature of the threat to all of us- but specifically to those whose personal information was “compromised” by the Office of Personnel Management.

That sounds too sanitary. Let me try it the right way: Our personal information was, through careless practice, professional incompetence, sub-par performance and probable criminal negligence for which absolutely no one has been held accountable, been given to the agents of a hostile power.

There. That’s better. Not that it changes anything.

Anyway, I was putting the finishing touches on the story yesterday when I began to feel uneasy. Suppose the email telling me to change everything wasn’t actually from my pal? Suppose it was some nerd at the People’s Liberation Army Unit 61398- their elite hackers- had simply read enough of my pal’s history to sound convincing.

You probably get the ones from the Nigerian Barrister who has millions for you if you just provide your bank account information. Suppose you got one from someone who already knew all that “private” information- including your Mom’s birthday and social security number? Take a look at what you may be responding to- your bank knows all your stuff. They don’t ask you in a “.bcc” generic message like this:

What do you do? I told you what I did before. I put a freeze on all my credit reporting information so no new accounts could be opened in my name. Inconvenient, but when I called OPM to sign up for their “protection,” I was informed I had to remove the freeze so they could access everything to protect me.

Forgive my skepticism. No dice. My pal recommends quitting any professional on-line message boards, particularly those that deal with China, the Intelligence Community or DoD. They help the target solution for Unit 61398 and their pals, and are a high priority for the PLA.

Social media? They know who you are, so look out for trouble on all of it, Facebook, Pinterest, Tumbr, all of it. They are phishing in those waters too.

Also, it should go without saying, don’t click on suspicious links or browse unsafe websites. Only install applications that come from trusted, well-known sources. And you can’t trust that, either.

Passwords. There are apps like LastPass and 1Password that can help you with this by generating strong passcodes for each of your accounts. Unfortunately, they will keep track of them all. If you must, keep a air-gapped record of them and change frequently.

Enable two-factor authentication when available. Two-factor authentication requires a user to provide an extra form of identification beyond just your login ID and password. This may be a special PIN code that’s sent to your phone, a physical token like a key fob, or your fingerprint.

Two-factor authentication isn’t impervious to attacks, but it does add an extra layer of protection. Many popular Web services, including gmail, Microsoft, Apple and the social media offer two-factor authentication, so take the extra few minutes to turn it on.

Be suspicious of emails asking for personal information. Do not respond to these, and forward to the “abuse” address most financial institutions have to keep track of hi-jacked accounts.

Web enabled TVs? Yeah, I got one. It freed me from the legacy broadcast networks. But they can be hacked, too. Do not assume that you can keep a secret told in your living room in front of the TV. Some have cameras, too.

Your smart phone? Who is it being smart for? It is providing your whereabouts, conversation, and images to anyone with more than a casual interest.

On the desk or laptop? Put some tape over the camera on the computer and remove only when you want to intentionally teleconference.
Bank accounts and financial institutions? A separate e-mail account for each one with a strong password, changed frequently.

Will that protect you? Not necessarily. Did I get to all of these today, knowing the threat in much more granular detail? No. I was too busy.

They already got Hillary Clinton, Colin Powell CIA Driector John Brennan. This is a real freaking mess.

Copyright 2015 Vic Socotra
www.vicsocotra.com
Twitter: @jayare303