Welcome!  

Today there is a ton of stuff going on in the world of Technology and we are going to hit a number of topics from Facial Recognition, Hacks, Cyber Insurance, Privacy, and CyberSecurity Legislation, Incident Response, Warnings about Smart TV’s and monitoring your pets.  It is a busy show — so stay tuned.

For more tech tips, news, and updates visit – CraigPeterson.com

Related Articles:

The Convenience of Facial Recognition is not All Its Cracked up to be  

Call 611 Now — Hackers Breach 1M Cellular Customers

January’s Coming – Do You Have An Incident Response Plan?

Protecting Company Assets and Cybersecurity Insurance

Peeping on Toms

Last Generation Legislators Trying to Solve Next-Generation Security Issues

Block 90 percent of Malware with this

Smart TVs, Security, and the FBI

Apple:1 Android:120

Automated Machine-Generated Transcript:

Craig Peterson 0:05
Hello everybody, Craig Peterson here on WGIR and WGAN and other stations. I am and FM still shout-out to everybody. Thanks for joining me today and deciding to spend a little bit of your Saturday with me. Hey, if you are new to the show a real quick introduction I’ve been in the technology field for many decades. I have been doing internet work in fact, since the early 80s helped to develop a lot of the systems some of which are still in use today. And I have been a victim of security problems with my business. I built a big business it was doing pretty well technically a small business, but it was doing pretty well had 50 employees and then we got nail now this was way back in the 90s. But when we got into Nailed, I had quite the wake-up call about what I really should be doing. And, and, man, it was scary. It was really, really scary at the time I owned our own building, we had our own data center. We were building some of the biggest commercial properties on a line on the Internet at the time. And it was a really scary thing.

Craig Peterson 1:26
It was like, you know, the bully in the yard right at school, and they would suck you right in the solar plexus right in the gut, right. And that feeling that you had you just you couldn’t breathe, the not really pain, but it was just shocking. And that’s how I felt. I didn’t know what to do. I didn’t know how to do it. We had anti-virus software. Why didn’t it protect us and it really bothered me and took a couple of days now. I was very, very technical. Well, of course, I still tend to be if I have a real failure it is that it’s kind of hard to remember what it was like not to know any of this stuff. So you know, bear with me asking me questions. Okay, I get it right. I can be very confusing sometimes. But I was very technical. And it took about two days for me now this is back of course before Google or AltaVista, or any of these really great search engines. So I was using the stuff at the time, like our chain Veronica gopher stuff, and trying to find out what was going on. It was actually digging into the machine itself, that revealed what the problem was, and I’d become a victim of what’s known as the Morris worm, crawling through my machines and some other machines on the internet. It was a really scary time, and I decided right then and there that I had to make cybersecurity priority, and I had to be able to help people with their cybersecurity and businesses as well. Now businesses you hope can afford to pay and keep my lights on, right. And they’ve been very good to me my clients over the years, you know, I’ve had some great clients. And I’ve decided at this point in my life that I only want to work with great clients only clients that really, really want to work with me. But the same can’t be said for consumers because you retirees and other people just don’t have the money to pay what it costs to secure a business. You know, it kind of at a minimum, you’re talking about $50,000 investment, plus monthly and 2500 bucks a month is pretty standard. And you could certainly go out and hire somebody to have somebody who’s a quote it person unquote, but they are not really going to be able to help you out very much and they not going to keep up with it. And that’s the biggest problem we have right now. My people who are involved in this every day, spend about a third of their time in classes. And in coaching and conferences trying to keep up with what are the attacks? What is the best software out there, what you’re doing, you’re using, what are the techniques that we need to use nowadays. And so you as a home user, there’s no way you can afford it. And as a business user, if you’re running a Soho like a small office, Home Office, you cannot afford to do all of the right things. And that’s what I’m trying to help out with. And that’s why we talk a lot about security here on the show, and that’s why I do pop up training and Facebook Lives where we kind of delve into one aspect or more. And then I have paid courses as well, that tells you what the tools are, how to use the tools where you can get the tools what are the best ones my newsletter we talked about that a bit.

Craig Peterson 5:02
In fact, if you got this money as a newsletter, we add a new section. And actually we have a new section that we’re probably going to do this monthly, but it is the number one through five things patches you need to apply. Here are the five things you absolutely have to take care of when it comes to patching this month because there are extreme vulnerabilities and they are being used by the bad guys right now. I can’t think of anything more valuable if you guys can let me know. For everybody, whether you are big business, a small business, a home user, right it, make sure these have been applied or you could be in a whole lot of trouble. And now we’re looking at the costs of recovering from one of these breaches and a very large percentage of businesses today. They’re breached, they file bankruptcy the next day. Because that’s how bad it’s gotten and ransomware attacks are up, and they’re up across the board no longer they necessarily aiming primarily at these real big companies because they realize the smaller guys are the ones that are going to be easier to compromise. And then when you add into that equation, the fact that it takes about eight months for a company to notice that it has been hacked. Wow, think of the damage one of these guys could do. And it’s everything from stealing the intellectual property that you’ve developed and designed. We have another client that we picked up, and she has a business that was a cutthroat. I had no idea how crazy cutthroat it is. She’s in the design business for clothing. And purses, women’s wear shoes, various other things. And in this whole design thing that she’s doing, there is quite a bit of money and she had been selling into these huge retailers and things are going really well. And, you know, maybe one of these days we’ll get deeper into that story. But this is just a couple of weeks ago, I met with her and she lost everything. And now at what, how old is she now? 55 I think, or 50. She’s starting over again, from scratch and I don’t want that to happen.

Craig Peterson 7:40
So the easiest, simplest, most straightforward and free thing you can do, frankly, is to subscribe to my newsletter. Now you’re going to go to Craig Peterson comm slash subscribe, and I’m asking for your name and your email. That’s all I’m asking, for now. I don’t hound you, I’m not like one of these internet marketers that sending you emails every day multiple sometimes, unless I’ve got something that’s big going on, like there’s a training or something, I might send you emails during the week. reminders, hey, I’m starting this afternoon or whatever, right? That’s the only time you’re going to get a bunch of emails from me. And that’s for the free training as well as some of the paid ones. But I am I don’t sell your name. I am not trying to target you or anything else, right. So if you subscribe, you will get my weekly newsletter. And in that newsletter, I have usually between eight and 10 articles, we tend to write a short article that few paragraphs long kind of describing what the problem is, what you need to do give you some tips on what to do about it. And then we will link also to a third-party article, you know, unlike Forbes magazine, or so Newspaper out there, etc. Dark Reading is another one that we get, we linked to quite a bit. But you get all of that there is no charge for any of this. I don’t want you to feel like I did. And I got hit once that first time and I got hit once again a few years later completely different way. And that’s when I decided, hey, listen to this, this low-end antivirus firewall thing that you buy at Staples or from one of these brake fix shops, it doesn’t really know much about it. It just isn’t going to cut it so I upped my game after that. But you are going to understand what you should do how you should do it. My recommendations I throw those in there once in a while if somebody comes out with a new product, as we did with Wi-Fi here recently, and with some of the new Wi-Fi technology, what you should be looking for there and segmenting Your network at your home or your small business, so that your kids playing games who might be hacked, are not going to affect your main network, they’re not gonna be able to get onto your computer, they’re not gonna be able to get on your business computer, none of that stuff. But the only way you’re going to find out about this is if you subscribe. Now, I have hundreds and hundreds, probably 1000 recommendations from people who just really appreciate all of this stuff that I’m doing. And, you know, there’s free stuff, hey, if you can afford it, I’d appreciate it if you get the paid stuff because, you know, there’s more, it’s better because you can afford to pay for it right? But I really don’t hold anything back. Right? I’m not trying to play secrets. It’s the type of software you use as a business. That for instance has some sort of a military subcontract, you have defiers ITR regulations or a doctor’s office where you got HIPAA regulations. Or a business that has to deal with FINRA or PCI regulations, financial transactions and companies. Those guys hopefully have enough money to do it mostly right. And as I said it, it gets expensive. We were just in a company we did a proposal, just a What about a month ago, I guess now, and to secure her stuff properly, would cost her about 80,000 a year. Now she had a number of employees but she decided she wouldn’t, didn’t want to pay it wouldn’t couldn’t whatever. And you know, I understand that too. But your best free advice you’re going to get by going to Craig peterson.com slash subscribe, and I will be sending you my newsletter and I have three special things that you’re going to get as well. That will come in the email after you confirm your subscription So you subscribe, look for my email, click the link, and you’re all set. So I want to talk right now about what to do after the fact. If you’ve been hacked, what are the right things to do?

Craig Peterson 12:17
Well, there are some things that you can do right away. I remember back in the day if you noticed that your machine and this is true today, it has run somewhere and is doing something odd, the best thing to do is shut it off. And then have somebody take that disk and put it on another machine that can analyze it, not just a regular machine. You don’t want to spread that ransomware but an analysis machine uses Knoppix or one of these other tools in order to have a look at it. But if you’re a company, what do you do if you’re an individual, what do you do? A lot of people turn to insurance in order to cover it. You may not be aware of it, but your homeowners and Sharon’s may have a writer that covers cyber intrusions, on your computers. And if you’re a business person, you probably have already purchased some sort of a cyber insurance policy. That makes a whole lot of sense, frankly. But it can be a requirement for your company as well to have cyber insurance. So I’ve got five things to know right now, about cyber insurance because the attacks are increasing. It’s becoming more and more important for companies to protect themselves. And cyber insurance may not cover you. And I have seen quite a number of times where companies This is in the news, I think, goodness, I don’t have personal experience with this. But in the news, I’ve read articles where companies filed for their cyber against their cyber insurance policy and the policy didn’t payout. Right now in the news, there’s a big story about a large company that going to sue their insurance company because they wouldn’t pay out all of the money that the company thought should be paid out. Now, in this case, we’re talking about cyber insurance. That said, Hey, you have to take reasonable steps. Now with the cyber insurance that we have. So for instance, depending on the level of service you have from us, we have a policy underwritten by Lloyds of London, whereby if you are compromised, well, we’re taking care of your systems. There is I think it’s a million dollars worth of insurance, so it’ll cover the smaller businesses typically. And then hopefully you have your own cyber insurance, right? That’s how this whole thing works. And then, of course, our company we have our general insurance is our liability and All of this stuff you would expect to have the right key man type stuff, etc. But since the cyber attacks are now a top business concern, we’re seeing numbers from Microsoft that found that cyber attacks beat out economic uncertainty, brand damage and government regulation as the top concerns for business owners and C level executives. So if you’re sitting on the board of a company or you’re sitting on the board of a nonprofit that you’re trying to help out with, this is something that should be big on your mind. I did a presentation for university, about insurance, cyber insurance, how it all works, what the problems are, today, and let me tell you, they were very, very interesting. I think that’s good 47% of the organizations that were surveyed said they have cyber insurance now. So that’s good. That’s pretty much half of all organizations say that they have it, which is up a lot. It’s up 15% in the last couple of years. They’re figuring that by next year, the gross written premiums for cyber insurance is expected to be around $8 billion. So a lot of companies signing up for it. 57% of companies with revenues of more than $1 billion had a cyber insurance policy. Now compare that to 36% of companies with revenues less than 100 million. And if you get down to the small guys, less than a million dollars in revenue, we’re talking a number in the teens, percentage-wise of businesses that have cyber insurance. So if you don’t have cyber insurance, you’re not alone. Hey, that’s for certain. But the big problem I think you’re going to face is, if you do get hacked, how are you going to survive? I mentioned earlier that it’s about I think this just takes about 20%. It’s a pretty large number of businesses that get hacked, filed for bankruptcy the next day. But the majority of businesses that get hacked, are bankrupt within six months. So keep that in mind. Can you afford to lose the business? Is your business your retirement? Do you hope to sell it or maybe milk it is a cash cow for years to come? Big Questions, good questions. And if you do what’s going to happen if you lose that income, because the business has gone under because you lost your client lists your production schedule, your bank account information, your intellectual property, very, very big deal and it’s a very, very special Everything to okay. The top risk covered by cyber insurance seems to be a business email compromises. And that’s actually kind of a good thing. Because according to the FBI, we’re talking over $20 billion. And I’ve seen numbers, as high as $30 billion has been lost to these email scams. So business email compromise is where the fraudsters and maybe we can go into this in more detail some time, but it’s where the fraudsters get involved and a trick you or somebody in your organization to sending the money. And you might say, Oh, it’s not gonna happen to me. It’ll ever happen to me. We’re not that stupid when people pay attention to the email. No, it happens because the fraudsters aren’t just sending out an email saying I’m a Nigerian prince. I need to use a bank account. They have done some research on you. They’ve done some research on your business. They know enough to be able to fool your financial people into sending money. And one of the stories I tell pretty frequently when I am last few months here while I’m doing presentations for businesses and other organizations have to do with that exactly. It has to do with the $45 million that was stolen out of an operating account. I have another one that’s a much smaller business that came to us and we’re securing them right now. And they lost $80,000 out of their operating account and to them. That’s a lot of money. How are you going to meet payroll if you don’t have that money sitting there? so busy mail compromise, good insurance to have. But here’s a big concern. We have two big companies out there we’ve got drugmaker, Merck, you probably know about those guys. And a food giant called Mandela’s They’re both suing their insurance providers over non-payment for damages from not pet shop back in 2017.

Craig Peterson 20:12
So think about that, Not Peyya was considered by many insurance companies as an act of war. And we think better, we’re able to protect all of our customers from that. But these big companies weren’t protected. I think they’ve retired us they would have been but you know, they know better, right? But think of you as a small business, or as a just a homeowner, how are you going to be able to fight these big insurance companies? Merck and Mondelez are both suing their insurance companies because the policies weren’t paid. So keep an eye on that one as well. Hey, one of the things I had planned on doing and I may still do is Little free of pop up training on DNS filtering now you know, what is that? What’s that all about? Basically, this is how you can defeat the bad guy’s use of a key and critical internet resource. Now they’re using DNS in order to mess with us. They use DNS when they have ransomware. The wants to call home. They use DNS when they have a botnet that needs to call home. So your computer might be unbeknownst to you may be used by nation-states like our friends in Russia, or China or Iran or North Korea. It may be used unbeknownst to you your computer to attack the Kremlin or the White House or the Department of Defense can be used to attack businesses, other innocent people in their homes. And the only way it can really do this is with a lot of coordination. And that’s what a button that is all about. That’s what the coordination is all about. And if you have ransomware, and if they want to make any money at all, they need to be able to tell you how to decrypt your files that were taken ransom. Now the ransomware guys don’t always give you a good key. In fact, FBI numbers show that even if you pay the ransom, there’s only a 50% chance that you’ll get all of your files back. which is you know, it’s too bad. Too bad. So sad. But that is the way it is. Because they are calling home they may not have called home properly. They might not have the right keys. You can contact the tech support people actually the ransomware guys, their tech support departments to tend to be better than many of the tech support departments that we have here when you call first software you bought right? But anyhow be that is it may I put together a special on how you can for free and basically in less than 90 seconds, how you can improve your security on your computer. Whether you are a small business or a home user, how you can secure your computer improve your security by 90% that is a very, very big number and I know you know Craig God really 90% Yes, really 90% because this technique, although it only takes you 90 seconds is probably gonna take you 10 minutes to sort of put together but this technique now allows you to basically stop ransomware in its tracks and stop some of the busiest compromised stuff in its tracks, which is huge right now, especially if you’re a business and also stops your computer from being used as part of a botnet. It’s huge, right? We’re talking about some very big stuff here. And you can do it for free. Now we have software that we sell, a monthly basis per-seat basis. Actually, it’s a per user basis. You know, it varies but gives-or-take 20 bucks a month that does basically the same thing. It has more features, it gets updated more often there are a number of different differences for it, but you can get it for free. And so I go into some depth on and it’s, it’s about a 10-minute episode that you’ll find up on my website at Craig peterson.com. If you have a hard time finding it, you can always email me just me at Craig Peterson calm and I Walk through the whole thing with you. Okay, we obviously don’t have time today. I have three minutes left today.

Craig Peterson 25:06
So we’re not going to get into that. But it’s really a very big deal. You’ll also find if you go to my website, I’ve got some additional podcasts here. Congress is finally tackling privacy next week, the Senate’s going to take it up. And so I talked a little bit about that, how it’s gonna affect your cybersecurity, a very cool little robot. You know, I’m always dripping on robots, but a cool little robot for your cat. If you’re a business person, this is critical, but I also talked about it from a homeowner standpoint, what do you need to do when it comes to cybersecurity insurance and I go through some scenarios of what has actually been happening out there in the world today, how to protect yourself after t mobile’s big data breach that nailed me as well. I go into some detail about why I opt-out of facial recognition. And I think that you should too, it’s becoming more common and it does make some things a little easier. And there are times when using facial recognition is actually a plus. And so I discuss those as well.

Craig Peterson 26:18
And Samsung, man,

Craig Peterson 26:20
I’m, I’m sorry, but I really ripped on Samsung. And Android, frankly, went into a lot of the reasons why I say you should never ever, ever use Android. And there are some excellent reasons not the least of which is Apple releases a security update and it releases a security update for iPhones within usually a week or two of the security problem being found. And then it’s available for everyone who owns an iPhone, the very next day. That’s how fast it is. Samsung, not so much you can take the better part of a year to get the security updates for your Samsung android phone and can take even longer. If you don’t have a Samsung, you have another manufacturer. Now some manufacturers are better Samsung’s actually one of the worst when it comes to security updates. But right now, Android devices, if you bought a brand new one, and you updated it, there are over 100 pre-installed security risks right there in Android. So I go into a lot of detail on this. It’s the holiday shopping season. I go into how to buy or how to even get an iPhone for free, and how to buy them inexpensively and which models you should look at which is another big deal because Apple fully supports these phones for at least five years. Samsung, who’s the biggest Android manufacturer only supports it for two. Yeah. Anyways, all of that and more. Make sure you visit me online Craig Peterson dot com slash subscribe, and you’ll get all of this for free. Take care, everyone.

Craig Peterson 0:03
Hey, welcome back. Craig Peterson here, WGAN, Hey, I’m already getting, getting some feedback here about my last statement. So let’s straighten this out. I understand why a lot of people do buy Samsung, you know, I get it, right. It’s something that I’ve thought about over the years I’ve had issues with over the years as well in it, it kind of goes back to what to buy when it comes to technology period, right. And I have always been the type that says, get the best that you can afford to buy. Don’t cheap out because you will save a lot of money in the long run. If you can afford that. You know that purchase price. You’re going to save money because the equipment can last longer. So for instance, just this week, we have a client that decided that they were going to go and because they had had a problem with a Dell computer that they had purchased at just retail, regular old consumer Dell. So they had had a problem with that they didn’t want to buy anymore now they’re going to go by HP, but they went ahead and bought another HP consumer-grade computer. Now that according to the statistics that are out there, the average consumer-grade laptop and that’s what they bought last about seven months. So you pay 700 bucks for a no half-decent, pretty crappy consumer-grade laptop. Versus let’s say that they got what re recommended which was a commercial DELL LAPTOP or maybe even an HP, HP enterprise laptop and you may not be aware of it. But Hewlett Packard split into and they have the consumer division that just costs reduces things. You know, they’ll save a half a cent on a component by putting in something that’s cheaper and crappier. Right, they don’t care. And then they have their HP enterprise, which makes equipment for businesses completely different companies now, okay, they were split off, because there’s no money to be made in that consumer space because it frankly, it’s a race for the bottom. So they decided, hey, listen, we don’t like Dell because the low-end Dell that we bought broke, well, yeah, on average, not just Dell, but across the industry. 7% they won’t last seven months, okay, seven months is average. And it was I think $100 more for the computer that we recommended. That came with a three-year warranty that had better components in it and everything else right, that a hundred bucks, really makes a huge difference. But they decided they wanted to quote save money and quote right and What does it cost? So for instance, we, we ended up lending them a DELL LAPTOP. And that DELL LAPTOP that we lent them was at least five years old, maybe six years old. And it’s still working. Because it’s a commercial-grade laptop, it’s not a consumer. It’s not what you buy at Walmart. It’s not what you can buy at Best Buy or staples. It is a commercial-grade laptop. And as a general rule, if you’re a really small business and you want a commercial-grade, you’d either have to go to a company like us, or you could buy Apple if Apple’s gonna work for you. So let’s look at the apple stuff. So the apple laptop might cost you two or $3,000. You can get them for now right now about $800 for a little air, which is about the same price as you’d pay for one of these consumer-grade Dells or HP’s. But you go ahead and you buy one of those apples. I have Apple computers that are 10 years old. We’re still using. Okay, laptops included. So let’s add up the numbers here. Let’s say they only last five years for that Apple Computer. When is the breakeven point? Well, at about 18 months, and then for the next three and a half years, you have a free computer. That also works really well because Apple is not making major cuts in the quality of the components that you have. So, where I come in to understand this is I know personally in my business, I spend as much as I can on technology. But I do cut some corners sometimes, right? You look at it, and you say, Well, let me see. I can buy this laptop. It’s a third of the price. So I can buy three of these laptops. Instead of buying one of those more expensive laptops. Right. I know you I know. You thought the same thing, right? Because I think of that too. That’s what I do. So you look at it and you say, Well, I could buy three of these, yeah, but you’re not going to have a machine that’s still it’s going to last it and you won’t be able to buy three of those other computers, they just aren’t going to last. And you’re going to have to move all of your data when that computer fails, if you can move it if what fails isn’t the SSD, because, for instance, now SS DS are not created equally. And these are the drive solid-state drives that replace the spinning drives that are in our computers. And they have a limited number of write cycles. In other words, they have a predetermined life factor. We could tell you a story about that, that we won’t right now. There are some that just completely die after a certain number of hours, they just shut themselves off. So beware. So you can’t even compare an SSD of a certain size. As a regular consumer, you have to look at what’s the technology inside behind it. How long is it going to last? How many right cycles Is it good to be able to handle How about the GPU? If you’re doing engineering work, you need a much better GPU that Yeah, okay, there’s a GPU built into that Intel CPU, but it’s nowhere near as good as having the next-gen CPU or GPU made by company x company y company z.

Craig Peterson 6:16
So, even though I’m tempted to cheap out, I don’t and I am much happier because it lasts longer and it performs better the whole time. So I’m not sitting there waiting constantly for something to happen because it’s so slow. And that’s why I moved to Apple, frankly. Now back to the phones. Why I said I don’t understand why people buy Samsung’s Yeah, you know, in reality, I do understand. And it’s, it’s primarily because you have been fooled. Right? They the guys out there that are selling you that Samsung phone is pretending Well, maybe they just don’t know better, but frankly, there are people in the organization that knew but do know better. pretending that this Galaxy phone is just as every bit as good as an iPhone 11 or an iPhone 10 and they are lying to you. And then when your phone fails and I was on that Android bandwagon for a while myself and my Android phones would fail, and they would not get updates at all for even for security patches. I realized that my suspicions were right, that these manufacturers are just trying to crank out the phones as cheaply as they can, as many as they can, and then move on to the next model to get us to buy the next model. Because the whole smartphone industry right now is suffering because of this whole big problem of people are just happy enough with the phones they have. So there’s something called planned obsolescence as a part of this as well. Now I’m not saying that Samsung isn’t giving you security patches because of Planned obsolescence. Although they might be I’m saying that Our friends at Samsung are really playing some games with you. And they are deceiving you. And they are really causing nothing but headaches. But there are ways around it. If you are buying an Android phone because you can’t afford an iPhone, again, you’ve been fooled. Because buying an older model, the iPhone is always a better investment. And it’s a better investment because it will still have some resale value in a few years, unlike that Android phone and it will be supported by Apple. Think about what’s on your smartphone. Do you do have your contacts there? That might be a problem. Do you have any documents from your business, any text, any emails? That might be a problem because if your phone is hacked, which Android phones are, I just told you there’s over there right now they’re shipping with over 100 vulnerabilities pre-installed okay. Think about what else might be either to use your phone to check your bank balances. Does your phone have an app from your bank from your credit card company? Think about that for a minute. Apple gets their fixes out within a day. Samsung as we just found out can take up to even almost a year to get them out if they even provide them for your phone. Because they’re only providing them for the Samsung the 10 and the S 10. And the S nine right now and that that will change so five years versus a couple of years okay. Plus the fixes they just come out from Apple. So do everybody a favor. Buy some of these iPhones by right now I would say go out and buy an iPhone 10 Xr good value. Easy to get and it’s going to last a while stick around. We’ll be right back with more you listening to Tech Talk with Craig Peterson right here on WGAN

Craig Peterson 0:03
Hello everybody. Welcome back, Craig Peterson here on WGAN and online at Craig Peterson dot com. You can get all of this week’s articles right there from me on my website and also the newsletter I try and keep you up to date on all the latest tech news you need to have. What are the important things and how should you be handling them so all of that up and Craig Peterson dot com and you can get my podcasts all over the place just in your favorite podcast app I’m really am almost everywhere now. You will find me please subscribe, and that helps our numbers and it helps get the message out and I really appreciate it if you do this isn’t a labor of love. And I hope you can share this love with other people as well as we try and help them out. We are seeing right now. A major revolution in the world. And part of that has to do with our facial recognition. So I want to talk about facial recognition what department Homeland Security is doing right now, what China’s doing this whole thing with some of the Arab countries and, and really why you should opt-out facial recognition. Department of Homeland Security has been using facial recognition now at the gates of some airports at some gates. And they’ve been trying to match your national ID photo with the picture that’s taken at the gate. And they have arrested. I think it’s almost 10,000 people who were here illegally, who overstayed visas, etc. I went to the airport to hop on a plane just have a domestic flight, not even International. And as they hopped on that plane, We’re about to they were arrested. I mentioned illegal immigrants, which is certainly one qualification of people. But it also arrested criminals that were wanted for various crimes were, you know, independent of their legal status in the United States? Well, we have seen now over in China, some very, very scary uses of some of this facial recognition technology. And I being basically here, mostly libertarian, certainly on when it comes to our own privacy and security very libertarian. We’ve seen in China, some serious problems and right now, like this week in Iran, and I want to talk about what’s coming here in the US within the next six months in China. They have been using facial recognition as part of their social credit system. So now in China, if you buy a phone, smartphone or otherwise, the carrier is required to take a picture of you

Craig Peterson 3:09
and send that photo on off to the central government. So now the central government in Beijing has photos of everyone who’s in the country legally. And I guess the illegally as well. And then they’re using that to track you if you jaywalk, for instance, you lose social credit. There’s a great dark, I think it’s dark mirror right episode about this sort of thing. But if you jaywalk, you lose social credit. If you lose enough social credit, you can’t vote. You can’t even get on a train to go to work anymore. So they’re using that in those ways. They’re also using it to suppress religious minorities. Just this week on I think it was Wednesday. De An article came out showing a secret document that was in China that was part of their, you know, the Socialist Party over there. And the socialists had decided that they wanted to be able to have more reeducation camps. And the people that have gotten out of these camps say these are internment camps. They are torturing people. It’s just insane what they’re doing. And they’re doing this to ethnic minorities there in China. A lot of them are part of a Muslim minority as well. So China has this facial recognition technology that they are starting to export. And China is a major driver in the United Nations now to have a facial recognition standard that they can use, okay, and that they want to be spread around the world and it’s just absolutely amazing when you get right down to it. So we have also heard just this week about what’s happening in Iran? Well, a couple of weeks, I guess. But there have been protests in Iran, you know, our sanctions against Iran have really been hurting them. They have a very hardline socialist government over there. But again, it decides what rights people should have and what they shouldn’t have. They’re not obeying any sort of constitutional protections as we have in the United States because they just don’t exist, right. When it comes to a socialist country doesn’t matter. It’s whatever the head of the Socialist Party says whether it’s a fascist government or communist government, it just doesn’t matter because everyone’s equals under their feet is kind of the bottom line. Right. Can you tell my political leaning on this one? Yeah, it’s I think it’s a bad thing. So in Iran, what they’ve started to do is they have been positioning snipers on top of buildings and shooting and killing at least hundreds. We don’t get good reports on Iran, obviously. And they pretty much shut down the internet over there of people who have been protesting the government. Now it doesn’t look like it’s gotten to that level yet in Hong Kong, where they’re also protest protesting the socialist government. But what China has started to do now is they are selling fully autonomous killer drones in the Middle East. And these drones are, are designed to decide by themselves, who they should kill. So you could literally if you’re wrong, you could literally let these things loose in the streets. And let’s say the curfew is 6 pm just as an example from 6 pm to 6 am. And anyone that the drone sees in the streets that it does not recognize either through the facial recognition or perhaps a uniform or some other method. ology, if it doesn’t recognize you just shoots and kills you.

Craig Peterson 7:05
extensively, these are going to be used in warfare, which means if we are battling over there in the Middle East, our troops could be up against these drones. And it could be very, very bad for us and for everybody else. Now let’s talk about what’s happening here in the US. I was shocked when I went down to New York City. It’s been at least a decade, maybe 15 years ago. And I entered a building because I wanted to visit someone who had invited me to their business down there. So in I go, and I could not go into the building without presenting some form of ID, which they scanned and kept, and that really upset me, really upset me because it wasn’t what businesses of theirs and they said, Well, you know, no, no. We need to be able to count the bodies that might be in here in case there’s, you know, another bombing and we want to keep track of terrorists and every Now it’s okay, well, wonderful. So there’s a great article that I have up on Craig peterson.far.com, Karen peterson.com that came from Fortune magazine. And this is for actually from their newsletter. And fortune moved into a new office building in Manhattan a few months ago. And they had a new entry system. So a lot of these buildings, you have to have a card, you put the card up to the reader, and it might be something that you just touch it and it reads it with RFID might have to slide it in. But they put in a system that allows you just walk through because they’ve scanned your face. Just smile at the camera and in you go No more waiting, no more forgotten card keys or anything else. This I think is a very big problem. And the problem that I see and there are many of these, frankly surrounding this, but the biggest problem is If you lose your badge, you can get a new one. What happens if they lose the information about your face? What happens if that stolen?  You only have one face. And how can you be sure whether it’s this building in Manhattan or the Department of Homeland Security that wants to scan your face at the airport? How can you be sure that it’s going to be kept safe? Because unlike a John Travolta in the movie face-off, you just don’t get to change your face over time. Big, big problem. So don’t let them scan your face. And there are programs underway at the airports to try and get you to do that. Because you can just walk through everything’s wonderful. All right, I disagree. So your next steps. Don’t let your face get scanned. iPhones a little bit of a different deal when we talk about that when we get back. You’re listening to Craig Peterson WGAN.

Craig Peterson 0:04
Hi, everybody. Welcome back, Craig Peterson here on WGAN and online at Craig Peterson dot com. Hey, let’s finish up that last little discussion here. I just told you to opt-out of facial recognition systems whenever you can, you know, in some cases like what the Homeland Security Department is doing right now at airports, you can’t really opt out of that. It’s kind of like this. What do they call this ID program that they have, where your ID is something that the federal government recognizes and needed to fly. And the states are sending all of this stuff off to the federal government, which I think is a major violation of privacy, something that we’ve got to protect against but you know, again, you can’t really opt out of that depends on the state. But I think as of next year, every state all 50 of them are going to have this new secure ID is part of your driver’s license stuff I, I am really, really not happy with that. But maybe, maybe that’s just me. I don’t know, maybe it’s just me I’m kind of paranoid in that regard. But let’s talk about your iPhone or heaven forbid your Samsung Galaxy phone. here’s, here’s what’s going on in the iPhone. The iPhone has had for quite a while now ever since it started having the thumbprint reader or the fingerprint reader. The iPhone has something called a secure enclave. Now, this has caused some people some problems over the years because if you replace the broken screen on your iPhone, and you didn’t do it correctly, that broken screen at the bottom had that little fingerprint reader and if it’s disturbed at all, you you now lost access to the phone period because that secure enclave was destroyed which is why so many people ended up going to Apple to have their screens fixed and moaned and groaned about it for very good reason If you ask me, so yeah, problems on that front.

Craig Peterson 2:12
However now moving on to the next step,

Craig Peterson 2:15
What is the 10, I guess the iPhone 10 came out and it had facial recognition built into it. And now the facial recognition not perfect. And it’s interesting with my I have identical twin daughters. So my two daughters identical. One of them weighs a little more than the other one does. And they both have iPhone tabs with facial recognition turned on. And they can one of them can always unlock the other one’s phone and the other one can sometimes unlock the other one’s phone. But the facial recognition in the iPhone was having problems with identifying Eastern faces like you know oriental or whatever the culture holidays. But you know, Chinese and even Indonesians and Pacific Islanders and all of those people had some problems with. And China now with their facial recognition is trying to get African faces because it’s having problems with African faces. So there are some problems with it. But one problem that does not exist with the facial recognition on the iPhone only is how is that data stored? Where’s that data stored? Is it going to be stolen? Could it be stolen, etc, etc? The way Apple did it is the right way. And it stores your fingerprint information locally in the phone in the secure enclave, which is virtually 100%. No one has ever shown it to be anything less than a hundred percent hack-proof. It’s amazing what a job they’ve done. So it stores the information about your face in this secure enclave. So if the phone wants to know is this really you? It asks a secure enclave. Hey, is this really him? This girl enclave says yes. And that’s it Apple never get your face and never get your fingerprints. It’s never sent up to the cloud. All of that is handled in the phone in a special chip that has a special sealant around it so it can even be physically broken into without destroying it, called the secure enclave. Very, very, very big deal. So when we’re talking about facial recognition, and Apple I do trust it. I do not, however, trust the way Samsung’s doing it or any of the other Android devices that I’m aware of right now. Now they’re getting better but still don’t trust them. Definitely do not use Samsung’s fingerprint recognized recognition system. It is very, very, very hackable. They may fix that in the future. I’m not sure their facial recognition is actually better than the fingerprint system, but I wouldn’t use either. But then again, you already know I wouldn’t use an Android device, including any of the Samsung’s that are out there. So, there you go, opt-out when you can have facial recognition. For the most part, it’s a very bad idea. And if you’re using an Apple device, facial recognition is okay. I still personally prefer the fingerprint as opposed to facial recognition but maybe that’s just me, but I have an iPhone eight as well. And that’s all it has on it on maybe I’d like facial a little better if I had it on my phone. But I’m not planning on changing from an iPhone eight, probably until next year, next September when the iPhone 12 comes out. Although my age can be supported for a while Apple just stopped supporting the iPhone six. So after the iPhone six, there’s the six s there’s the seven I think there was a seven as There’s an eight, I don’t think there was an eight as there was some 10.

Craig Peterson 6:06
And now 11. So there you go, that six models that they’re still supporting iPhones vs. Samsung, which support which is probably the best out there for support only supports two models versus six models. And it takes some half a year to get security patches out versus one day for Apple. Okay. All right. So let’s talk about security. You might know that I’ve used Verizon for a long time for my cell phone plan. And then I switched over to T-Mobile because they had a much better deal. And most of the time where I’m trying to use the phone, I have coverage. It’s rare that I don’t Verizon definitely had better coverage than T Mobile does. But I’m saving a lot of money over on T Mobile. Well, T Mobile had a data breach, they confirmed so I want to tell you what Do how to protect yourself after this data breach. This isn’t just for people who might be T Mobile customers. This is true for almost anybody out there. Okay, that just in general, when you have a cell phone, it’s estimated that there were more than a million accounts that were breached according to Tech Crunch. So it is a big breach, but you need don’t freak out now. Okay, don’t ignore but don’t get too nervous at the same time. Now, t-mobile has said that it has notified people who had been hacked, basically who’s dated been hacked. And here’s what they wrote. Our cybersecurity team discovered in shut down malicious unauthorized access to some information related to your team mobile prepaid wireless account. We promptly reported this to the authorities. None of your financial data including credit card information or social security numbers was involved, and no passwords were compromised. The data accessed was information associated with your prepaid service account, including name and billing address if you provided one when you establish your account, phone number, account number rate plan and features such as whether you added an international calling feature. Okay? So since the right planet features bit requires T Mobile to notify anyone who’s affected. If you haven’t heard anything yet, the odds are good that you’re not in trouble here. But let’s be a little paranoid. Let’s tell you what to do right now. Okay. You’re going to want to double-check your account settings. You can call t mobile’s customer service number if you have at mobile phone, you can just tell 611 to confirm whether or not your account is affected now 611 does not just work for T Mobile. If your T Mobile customer that’s what you dial in catch a T Mobile if you’re a Verizon customer new dial 611 it’ll get you to Verizon, etc, etc. Most of the carriers use six-one-one to get customer service. So if you are worried that your data was stolen here, you’re lucky because really real critical information like your payment details, passwords, so security number was not stolen years, anyone can tell. So at best, they might be able to impersonate to either at t mobile or in another service. But here’s what you should do. Set up a password or a pin with T Mobile. So when you call them at 611, make sure you have your latest build with you so that you have all of your account numbers all the information that they will ask you for. And then you can set up this password or a personal-identifiable number with TMobile. That way whenever you contact customer support, they’re gonna ask for that specific information in order to proceed. Now don’t forget the pinner pass. Word Are you going to have to go to T Mobile store in person and you have to verify you are, who you say you are, etc, etc. But that’s the bottom line here, just quickly set up a pin. If you haven’t done this with your carrier already a highly recommend you do that. And we’ve done it with all of our accounts for a lot of years. In some cases, there are also multi-factor authentication or two-factor authentication that’s available. So they’ll send you a message in their app that is much safer than sending an SMS message.

Craig Peterson 10:37
So I want to talk to those of you. And I know many of you have done this, but those of you who specifically have accounts that hold Bitcoin, or any of these other cryptocurrencies, one of the ways that 10s of millions of dollars have been stolen from you guys. Is that your SMS has been hacked. So what the guys and gals are doing they’re trying to hack you is they use SMS portability. And they pretend that they are you. They call up your carrier, they say hey, I’ve got a new phone, they give them the numbers for the phone, just an unlocked phone. And now all of your text messages and your phone calls are going to be transferred to them instead of you. So when you are trying to verify now, your payment, whether it’s a bank account, or more particularly right now we’re talking about a cryptocurrency account. When they try and confirm they’re gits you going to send a pin via text message via SMS to your phone but it’s not really going to go to your phone is going to go to the bad guy’s phone. So this is why you really want to have a pin or a password so that when the bad guy calls up tries to steal your phone calls and your pin. They can’t. Because they don’t have that important information, the stuff they really need. So what I want you to do right now is go ahead and call your carrier, set up a pin, set up a password, so that you are safe here in the future. So we’ve talked this hour about facial recognition about why you should never ever buy an Android and some of the deals that are going on for iPhones, even older ones, and how to protect yourself with T. T mobile’s big data breach. So coming up, we’re going to talk about the five things you need to know about cyber insurance. The robot This is cute here for surveilling and playing with your cat Congress what they’re doing this week on privacy, and a whole lot more you listening to Craig Peterson on WGAN online at Craig Peterson dot com

Craig Peterson 0:04
Hey, everybody, Welcome back Craig Peterson here on WGAN of course online at Craig peterson.com. Hey, if you are new to the show a real quick introduction, I’ve been in the technology field for many decades. I have been doing internetwork, in fact, since the early 80s helped to develop a lot of the systems, some of which are still in use today. And I have been a victim of security problems with my business. I built a big business it was doing pretty well Well, technically a small business, but it was doing pretty well had 50 employees and then we got nailed now this was way back in the 90s. But when we got nailed, I had quite the wake-up call about what I really should be doing and, and, man, it was scary. It was really Really, really scary at the time I owned our own building, we had our own data center. It, we were building some of the biggest commercial properties online on the Internet at the time. And it was a really scary thing. It was like, you know, the bully in the yard right at school, and they would suck you right in the solar plexus right in the gut, right? And that feeling that you had you just you couldn’t breathe, the not really pain, but it’s just shocking. And that’s how I felt. I didn’t know what to do. I didn’t know how to do it. We had anti-virus software. Why didn’t it protect us? And it really bothered me and took a couple of days now. I was very, very technical. Of course, I still tend to me. If I have a real failure it is that it’s kind of hard to remember what it was like not to know when any of this stuff. So you know, bear with me asking me questions. Okay, I get it right. I can be very confusing sometimes.

Craig Peterson 2:09
But I was very technical. And it took about two days for me now this is back of course before Google or AltaVista, or any of these really great search engines. So I was using the stuff at the time, like our chain Veronica gopher stuff, and trying to find out what was going on. And it was actually digging into the machine itself, that revealed what the problem was. And I’d become a victim of what’s known as the Morris worm. crawling through my machines and some other machines on the internet. It was, it was a really scary time. And I decided right then and there that I had to make cybersecurity priority. And I had to be able to help people with their cybersecurity and businesses as well. Now businesses you hope can afford to pay and keep my life On the right. And they’ve been very good to me my clients over the years, you know, I’ve had some great clients. And I’ve decided at this point in my life that I only want to work with great clients only clients that really, really want to work with me. But the same can’t be said for consumers because you retirees and other people just don’t have the money to pay what it costs to secure a business. You know, it kind of at a minimum, you’re talking about $50,000 investment, plus monthly and 2500 bucks a month is pretty standard. And you could certainly go out and hire somebody to have somebody who’s a quote it person unquote, but they are not really going to be able to help you out very much and they not going to keep up with it. And that’s the biggest problem we have right now. My people who are involved in this every day spend about a third of their time in classes. And in coaching and conferences trying to keep up with what are the attacks? What is the best software out there? What should we be using? What are the techniques that we need to use nowadays? And so you as a home user, there’s no way you can afford it. And as a business user, if you’re running a Soho like a small office, Home Office, you cannot afford to do all of the right things. And that’s what I’m trying to help out with. And that’s why we talk a lot about security here on the show, and that’s why I do pop up training and Facebook Lives, where we kind of delve into one aspect or more, and then I have paid courses as well, that tells you what the tools are, how to use the tools where you can get the Tools What, what are the best ones. And my newsletter, we talked about that a bit. In fact, if you got this morning’s newsletter, we add a new section and actually, we have a new section that we’re probably going to do this monthly, but it is the number one through five things patches you need to apply. Here are the five things you absolutely have to take care of when it comes to patching this month because there are extreme vulnerabilities and they are being used by the bad guys right now. I can’t think of anything more valuable if you guys can let me know. For everybody, whether you are big business, a small business, a home user, right, it’s making sure these have been applied or you could be in a whole lot of trouble. And now we’re looking at the costs of recovering from one of these breaches and a very large percentage of businesses today. If they’re breached, they file bankruptcy The next day, because that’s how bad it’s gotten and ransomware attacks are up and They’re up across the board no longer they necessarily aiming primarily at these real big companies because they realize the smaller guys are the ones that are going to be easier to compromise. And then when you add into that equation, the fact that it takes about eight months for a company to notice that it has been hacked. Wow, think of the damage one of these guys could do. And it’s everything from stealing the intellectual property that you’ve developed, whether it’s designed, it can be a man, we have another client that we picked up, and she has a business that was a cutthroat, I had no idea how crazy cutthroat

Craig Peterson 6:47
it is. She’s in the design business for clothing, and purses, women’s wear shoes, various other things. And in this whole design thing that she’s doing the is quite a bit of money, and she had been selling into these huge retailers and things are going really well. And, you know, maybe one of these days we’ll get deeper into that story. But this is just a couple of weeks ago, I met with her, and she lost everything. And now at what, how old is she now? 55, I think, or 50. She’s starting over again, from scratch and I don’t want that to happen. So the easiest, simplest, most straightforward and free thing you can do, frankly, is to subscribe to my newsletter. Now you’re going to go to Craig Peterson comm slash subscribe, and I’m asking for your name and your email. That’s all I’m asking for. Now, I don’t hound you. I’m not like one of these internet marketers that sending you emails every day multiple sometimes unless I’ve got something that’s big going on. There’s training or something, I might send you emails during the week. reminders, hey, I’m starting this afternoon or whatever, right? That’s the only time you’re going to get a bunch of emails from me. And that’s for the free training as well as some of the paid ones. But I am I don’t sell your name, I am not trying to target you or anything else, right? So, if you subscribe, you will get my weekly newsletter. And in that newsletter, I have usually between eight and 10 articles, we tend to write a short article that few paragraphs long kind of describing what the problem is what you need to do give you some tips of what to do about it. And then we will link also to a third-party article, you know, unlike Forbes magazine, or some newspaper out there, etc. Dark reading there’s another one that we get, we linked to quite a bit but you get all of that there. is no charge for any of this, I don’t want you to feel like I did. And I got hit once that first time and I got hit once again a few years later completely different way. And that’s when I decided, hey, listen to this, this low-end antivirus firewall thing that you buy at Staples or from one of these brake fixed shops, it doesn’t really know much about it, it just isn’t going to cut it. So I upped my game after that. But you are going to understand what you should do how you should do it. My recommendations, I throw those in there once in a while if somebody comes out with a new product, as we did with Wi-Fi here recently, and with some of the new Wi-Fi technology, what you should be looking for there and segmenting your network at your home or your small business so that your kids playing games who might be hacked are not going to affect your main network there, I can be able to get onto your computer, they’re not gonna be able to get on your business computer, none of that stuff. But the only way you’re going to find out about this is if you subscribe. Now I have hundreds and hundreds, probably 1000 recommendations from people who just really appreciate all of the stuff that I’m doing. And, you know, there’s free stuff, hey, if you can afford it, I’d appreciate it if you get the paid stuff because, you know, there’s more, it’s better because you can afford to pay for it right? But I really don’t hold anything back. Right? I’m not trying to play secrets. It’s the type of software you use as a business. That for instance has some sort of a military subcontract, you have defiers it or regulations or a doctor’s office where you got HIPAA regulations, or a business that has to deal with FINRA or PCI regulations, financial transactions and Companies, those guys hopefully have enough money to do it mostly right. And as I said, it gets expensive. We were just in a company, we did a proposal just I want about a month ago, I guess now, and to secure her stuff properly, it would cost her about 80,000 a year. Now she had a number of employees, but she decided she wouldn’t, didn’t want to pay it wouldn’t couldn’t, whatever. And you know, I understand that too. But your best free advice you’re going to get by going to Craig Peterson dot com slash subscribe,

Craig Peterson 11:38
and I will be sending you my newsletter and I have three special things that you’re going to get as well. That will come in the email after you confirm your subscription. So you subscribe, look for my email, click the link and you’re all set. You’re listening to Craig Peterson on WGAN and I’ll be right back. Stick around

Craig Peterson 0:06
Hey, Craig Peterson here on WGAN. Thanks for spending part of your day with me here. We’re covering some of the topics that are really of interest, I think to everybody, and are certainly of importance to everybody. And that includes and I think in many ways is most particularly cybersecurity. So I want to talk right now about what to do after the fact. If you’ve been hacked, what are the right things to do? Well, there are some things that you can do right away. I remember back in the day if you noticed that your machine and this is true today. It has run somewhere and is doing something odd. The best thing to do is shut it off. And then have somebody take that disk and put it on another machine that can analyze it. Not just a regular machine, you don’t want to spread that ransomware, but an analysis machine uses Knoppix or one of these other tools in order to have a look at it. But if you’re a company, what do you do? If you’re an individual, what do you do? A lot of people turn to insurance. In order to cover it, you may not be aware of it, but your homeowners’ insurance may have a rider that covers cyber intrusions, on your computers. And if you’re a business person, you probably have already purchased some sort of a cyber insurance policy. That makes a whole lot of sense, frankly, but it can be a requirement for your company as well to have cyber insurance. So I’ve got five things to know right now, about cyber insurance because the attacks are increasing. It’s becoming more and more important for companies to protect themselves and Cyber insurance may not cover you. And I have seen quite a number of times where companies This is in the news, thank goodness, I don’t have personal experience with this. But in the news, I’ve read articles where companies filed for their sideburn against their cyber insurance policy. And their policy didn’t payout. Right now in the news, there’s a big story about large companies that are suing their insurance company because they wouldn’t pay out all of the money that the company thought should be paid out. Now, in this case, we’re talking about cyber insurance. That said, Hey, you have to take reasonable steps. Now with the cyber insurance that we have. So for instance, depending on the level of service you have from us, we have a policy underwritten by Lloyds of London whereby if you are compromised? Well, we’re taking care of your systems. There is I think it’s a million dollars worth of insurance. So it’ll cover the smaller businesses typically. And then hopefully you have your own cyber insurance, right? That’s how this whole thing works. And then, of course, our company, we have our general insurances, our liability and all of the stuff you would expect to have the right key man type stuff, etc. But since the cyber attacks are now a top business concern, we’re seeing numbers from Microsoft that found that cyber attacks beat out economic uncertainty, brand damage and government regulation as the top concerns for business owners and C level executives. So if you’re sitting on the board of a company or you’re sitting on the board of a nonprofit that you’re trying to help out with This is something that should be big on your mind. I did a presentation for university, about insurance, cyber insurance, how it all works, what the problems are today. And let me tell you, they were very, very interesting. I think that’s good. 47% of the organizations that were surveyed said they have cyber insurance now. So that’s good. That’s pretty much half of all organizations say that they have it, which is up a lot. It’s up 15% in the last couple of years. They’re figuring that by next year, the gross written premiums for cyber insurance is expected to be around $8 billion. So a lot of companies signing up for it. 57% of companies with revenues of more than $1 billion had a cyber insurance policy. Now compare that to 36%. companies with revenues of less than 100 million. And if you get down to the small guys, less than a million dollars in revenue, we’re talking a number in the teens, percentage-wise of businesses that have cyber insurance. So if you don’t have cyber insurance, you’re not alone. Okay, that’s for certain. But the big problem I think you’re going to face is if you do get hacked, how are you going to survive? I mentioned earlier that it’s about I think this just takes about 20%. It’s a pretty large number of businesses that get hacked, filed for bankruptcy The next day, but the majority of businesses that get hacked are bankrupt within six months. So keep that in mind. Can you afford to lose the business is your business your retirement? Do you hope to sell it or maybe milk it is an account cash cow for years to come? Big Questions, good questions. And if you do what’s going to happen if you lose that income, because the business has gone under because you lost your client lists your production schedule your bank account information, your intellectual property. Very, very big deal. And it’s a very, very scary thing to okay.

Craig Peterson 6:26
The top risk covered by cyber insurance seems to be a BEC’s or business email compromise. And that’s actually kind of a good thing. Because according to the FBI, we’re talking over $20 billion, and I’ve seen numbers as high as $30 billion has been lost to these email scams. So business email compromise is where the fraudsters and maybe we can go into this in more detail some time, but it’s where the fraudsters get involved. And a trick you or somebody new organism To sending the money, and you might say, Oh, it’s not gonna happen to me, it’ll ever happen to me. We’re not that stupid when people pay attention to the email. No, it happens because the fraudsters aren’t just sending out an email saying, I’m a Nigerian prince, I need to use your bank account. They have done some research on you. They’ve done some research on your business. They know enough to be able to fool your financial people into sending money. And one of the stories I tell pretty frequently when I am last few months here while I’m doing presentations for businesses and other organizations have to do with that exactly. It has to do with the $45 million that was stolen out of an operating account. I have another one that’s the much smaller business that came to us and we’re securing them right now. And they lost $80,000 out of their operating account and to them. That’s a lot of money. How are you? Get a meet payroll if you don’t have that money sitting there. So busy email compromise, good insurance to have. But here’s a big concern. We have two big companies out there, we’ve got drugmaker, Merck, you probably know about those guys, and a food giant called Mondelez, and they’re both suing their insurance providers over non-payment for damages from not pet shop back in 2017. So think about that not Pecha was considered by many insurance companies as an act of war. And we thank goodness we’re able to protect all of our customers from that. But these big companies weren’t protected. They’ve retired us they would have been but you know, they know better, right? But think of you as a small business or as a just a home How are you going to be able to fight these big insurance companies? Merck and Mondelez are both suing their insurance companies because the policies weren’t paid. So keep an eye on that one as well. Hey, when we get back, we’ve got a fun story about robotics. You know, we talked a lot about some of the real problems, with robots, the new killer drones that are being sold by China to a number of Arab states. Now, and by the way, all throughout the Middle East, but now we got a fun one. So stick around, especially if you’re a cat lover. You’re listening to Craig Peterson here on w GA. And we have another half hour left. And we’re going to get into Congress a little bit here. And I’m going to talk about DNS filtering. What’s that all about? Well, how does that work and how are businesses using it? So stick around

Craig Peterson 0:03
Wow, we got about a half-hour left here. Thanks, everybody who’s listening in and spending part of their Saturday with me here. This is Craig Peterson and you’re listening to WGA and, and online at Craig peterson.com. Hey, if you’re a Facebook fan, you will find me and Facebook Lives at Craig Peterson dot com slash Facebook. I have some stuff up at Craig Peterson dot com slash YouTube. But if you would, if you are a podcast listener, make sure you subscribe to my podcasts that come out a few times a week. This whole show is broadcast via a podcast as well after it airs here on the radio. And you can listen to it anytime a lot of people tell me they listen to it while they’re doing yard work or background noise even though one or two people that go to sleep to it and I don’t know if that means I’m kind of Sleep guy. I don’t know, I heard about one Podcast, where the guy is a history buff. And he puts out like a five-hour podcast talking about historical events, you know, good for him. But apparently, most of his listeners are asleep, because they actually use it to go to sleep at night. So hopefully most of you aren’t doing that. But do subscribe. I’m on all the major podcast platforms out there, you’ll find me subscribe to the podcast, I would really, really appreciate it. And if you are a podcast listener to listen to my show, please take a minute to give me a five-star rating, a little comment about what you like about the show. I would really appreciate it. We talk a lot about robots and some of the scary things that go along with it. And it’s not just robots. It’s the artificial intelligence that might be controlling them and various other things. Well, this is kind of a fun one. I found this on one One of these funding sites as you can go online, and it’s called Kickstarter and I have done a few Kickstarter fundings myself in the past, where it’s a product that I think I might like. And so I invest quote-unquote some amount of money, which is basically just buying the product if and or when they make it. So remember, there’s a little bit of risk here. But thanks to the changes at the Securities and Exchange Commission, now, you don’t have to be a qualified investor to put some money up on Kickstarter. Anyhow, if you are a cat lover, you are going to love this. I have it up on my website as well. It’s called Ebo E-B-O, and this is a robot that live-streams HD video of your pet straight to your phone. Now, you say okay, Craig, what’s the big deal here? How is this exciting? How is this useful? Well, here’s what it is.

Craig Peterson 3:01
Bottom line

Craig Peterson 3:04
it’s a toy for the cat. And it is so cool if you have seen one of these feral toys and I have one my son in law got me one a few years ago a Star Wars one is like the whatever that robots called, I remember are to detail and C3PO and BB8, the little the ball one. And I can hear you guys shouting at you at me here. Yeah, okay. But it’s kind of cool. It’s a ball and it rolls around and it does fun things. So this

Craig Peterson 3:34
Ebo E-B-O

Craig Peterson 3:37
that I have up on my website, Craig peterson.com. And you can find Ebo as well on Kickstarter. whizzes around on a pair of self-riding wheels, so it’s not the same as this feral by any stretch. But it can entertain your cat. It has a built-in laser and it shoots to have the cat chase that And itself runs around and the cat can chase it. And you can have it live stream to your phone. So you can see what’s happening in your house and kind of drive it around and you can see what your cat is doing. It has a fair amount of intelligence and it has facial recognition, or should I say cat face recognition built-in and it recognizes furniture and other obstacles around the room. And when it first comes off its charger The first thing it does is it checks out the room to see if there’s enough space to play enough clear space because it just it zooms around and the cats going to be chasing and it doesn’t want anything to get knocked over. It is so cool. a totally new concept in pet tech frankly, it also in addition to streaming this live, high def 1080 p video to your phone. You can take pictures with it, you can save the video. And when you put a color on your cat, it has a companion color. I think it’s extra you pay for it. But it also keeps track of how many steps your cat takes and how much jumping around it does. So it’s tracking the daily exercise. it’s a total pet surveillance package, which is what it says on Kickstarter. You can set schedules for EBOs activity, and it will automatically return to its dock to charge when a battery starts running low. It is very, very cool. Frankly, I like this thing. We have three cats, but they all belong to my kids. I’m not sure if any of them are going to get it for their cats or not. But according to a study from crowd crowdfunding that was done to Kickstarter did this about four years ago now. So it’s a little out of date, but Probably not too far out. So they did a study and they found that roughly one in 10 successful products I reach your funding goals fail to actually deliver the rewards. Now that isn’t bad one in 10 does not deliver of the ones that do deliver delays Miss deadlines are overpromised ideas mean that there’s often disappointment in store for those products that do get done. So if you’re thinking about putting some money on to something to Kickstarter, you’re not going to get rich, there are no dividends. There’s no stock that you can sell. But you have to think about it is your money is totally at risk here okay. You pay 100 bucks for something on Kickstarter and you may or may not get it and it may or may not be exactly what was advertised. I’ve had very good luck. Everything that I have done on Kickstarter has worked out it has delivered and it has been working What I expected it to be, but you’re not necessarily going to see that. So bottom line, remember, you’re not necessarily buying a product when you get it on a crowdfunding site. And I love this. I love this quote, I gotta read this to you. Very, very short, that classic tweet. Sometimes I wonder if I spoil the cat seen him with his iPad in his year.

Craig Peterson 7:24
So this is fun. A little fun thing about robots. Check it out. You’ll find it on Kickstarter is called Ebo. E-B-O, a little robot for your cat.

Craig Peterson 7:36
See, let’s get into this really quickly. We only got a couple of minutes left in this segment. But Congress this coming week is finally tackling privacy. I guess I don’t know is the impeachment going to be over? Are they actually going to do something we’ll see? But the National Security Agency is warning everybody that cybercriminals becoming more sophisticated. incapable every day. But it’s taken a backseat to privacy. And there is a big difference between cybersecurity and privacy.

Craig Peterson 8:11
So Congress is focused on passing this national privacy

Craig Peterson 8:14
law, which allows individuals to access correct and request deletion of the personal information. So, generally speaking, that’s probably a good thing. There’s a lot of different proposals. There isn’t a final bill yet. But the Senate Commerce Committee is holding a privacy hearing on Wednesday. So yay, at least one of the two houses is doing something Congress is far too busy with impeachment for the last number of months. So the Senate’s working on this but we also have to consider that Yeah, okay. I’m national privacy law is probably far overdue. But how about the other side and how about cybersecurity? We need something to you know, frankly, I feel sorry for the businesses that are spending the money to do cybersecurity. Right. And having to compete with companies that aren’t doing cybersecurity at all. Yeah, okay. Cybersecurity. And I argue this all the time. It’s a business advantage, right? Use it as an advantage, right? It’s not an expense. It’s an asset. But in reality, they still have to deal with it. Right. They still have to pay the bills their competitors have slightly larger margins because they’re not doing things right. We need to have level footing. We need to have a good cybersecurity bill. And hopefully, Congress will take that up. Maybe next year, the Senate will do this. Who knows how some probably still being impeachment talks here. You’re listening to Craig Peterson and WG and when we get back we’re going to talk about DNS.

Craig Peterson 0:05
My wife who tracks all of my social media accounts does a lot of the postings for me, It has been telling me that a lot of you guys really are liking the long podcast I put up every week I put the whole show into one big podcast. Hey, you’re listening to Craig Peterson here on WGAN, and online at Craig Peterson dot com.

Craig Peterson 0:29
If you do listen to that podcast, I’d love to know because I, I put up all my weekly appearances on my podcast as well. I saw him on different radio stations. And sometimes I post different things as well. And those are separate but I have the one big weekly podcast. What do you guys think of that? Let me know just email me at Craig peterson.com. Or you can certainly comment on my tech talk with Craig Peterson page over on Facebook. Which you can find by going to Craig Peters on.com slash Facebook as well. Let’s talk about something here that affects all of us and doing this one thing is going to improve your security resistance against things like ransomware by most likely 90% this one thing it really is a big deal. Now I have had a lot of clients that I pick up after they’ve been hacked and you know, I’d rather not do that. The other time I get clients is they’ve just been audited and their insurance carrier or maybe their customers have had the had them audited and they need to do it now need to do it fast, right, which is not the right way to do this because there are many aspects to security beyond just plucking some hardware and there is your money. You training there’s a whole bunch of things. But when I look at these companies that have been compromised by ransomware, primarily, so by basically by a botnet, now, there’s one thing in common. Now a botnet is where there are a bunch of computers that have been compromised, that are under remote control by a bad guy, or by a bad community. And they are they exist all the number of them all over the place. Russia has some button that’s and Iran, North Korea, as well as regular old criminals, and the FBI is constantly shutting them down. So what happens is they gain control over your computer, and instead of putting ransomware on your computer, what they’ll do is they will put a remote control on your computer so that now they can have your computer do anything that they want it to do. Many times what they’ll do with remote control is they will go ahead and look through your computer files for files of certain names that like bank or account or payroll, things like that. And then they will upload those files from your computer and use them. Obviously. It’s frankly one of the ways business email compromise works. They’ve got all of that information. And I have seen it, man, I’ve seen this more than once I think of it where they grab invoices that are sitting there on the computer, you say, Well, why would they care about an invoice for? Well, the invoice has the customer information, right? It has the account number, it has your logo, it has the exact format of your invoice because it is your invoice and then the bad guys will change your invoice. Now in many cases, the invoices will say submit payment to, and maybe there’s an address where they should send a check to but nowadays, in many cases, the funds are just a CH, they basically they’re wired. And when the funds are wired to an account, they just go straight in a CH just goes right in. And so what will happen is they will put the AC h number on the bottom of the invoice. Now there are some banks that have single time you say ch numbers, and that number may change from time to time. So the person paying the invoice looks at it and says okay, I’ll just do a CH transaction and I’ll send my $40,000 payment to this account. Okay, great. Well, what happens now, when the bad guys have control of your computer, they found an invoice or more than one let’s say and then they modify the invoice which is so easy to do a PT invoice, they modify that invoice that may be an email or wherever they found it and they send it off to your customers. And they change the ACH number to a bank account that they control. There’s a whole ecosystem around this there are murals. The FBI has just arrested a big gang of meals out in California about a month ago. So the funds go into these meals account, and then they meals immediately remove the funds and send them all over the world and put them in different accounts and everything else. Very, very bad. So if your computer is part of one of these botnets what it’s doing is it’s calling home. So the bad guys now have a connection that’s open 24 seven for them to use whatever they want, and they might use your computer to break into the federal government. the facility, at which point, you get a knock on your door. And it’s the Secret Service or somebody else, right? They might use to spread ransomware to send a business email, compromise emails and use it for a lot of things. ransomware itself if it gets onto your computer also calls home, because it’s going to register your computer with them. And it may send the names of your files and other things to them as well. But typically, it’s just registering so that the ransomware guys know what key to giving you if you pay the ransom. So here’s where DNS comes into all of us. The domain name system, it’s a cornerstone of the internet. If you go to a website, like if you go to Craig peterson.com

Craig Peterson 6:51
how are you going to get there?

Craig Peterson 6:53
We’re going to go to a browser, you’re going to go to the URL and you’re going to type in Craig Peterson dot com That’s not how your computer gets to my website or any other website on the internet. The way it gets to my website is it says, Gives me the address for Craig Peterson dot com. It’s kind of like having you know that, that Donald Trump lives in Washington DC or you just drop a piece of mail in the mailbox address to Donald Trump. Well, you know, it’ll actually probably get to him because the post office knows who he is and where he lives. But if you just try and send mail to Craig Peterson  They have no idea who I am and you might do a little bit better if you put the city I’m in you know the state I’m in the city I’m in the street I’m on and or the street with the full address. Well, the same thing is true on the internet. On the internet, you can put in my name Craig Peterson, dot com, but that doesn’t mean you’re going to be Be able to get to my website, it needs to get the address. So that’s what DNS is all about with the domain name system. And it’s been around for quite a while on the internet, but it’s not perfect. In fact, it’s far from perfect. So when you type in Craig Peterson, dot com your computer, then ask a DNS server. Hey, what’s the address for Craig Peterson dot com, and it gives your computer that address. And there are a couple of different types of addresses nowadays, but your computer then goes to address and gets the web page. Okay, obviously simplifying this. Well, when we’re talking about a bottleneck room, we’re talking about ransomware. When the software gets on your computer that wants to control it or wants to send information about the encryption from the ransomware. It calls home. How does it call home Well, in most cases it calls home by using a name. So these names don’t necessarily mean much, they may look like a real name, it doesn’t really matter. So there might be zero likes dot com, Bob dot com, that it goes too well if your DNS is set up with one of these DNS filtering systems, it’ll recognize, Hey, wait a minute, that is a known bad site or in some cases, it is not a known good site, right. So bad news all the way around, and it’ll send you the address of a page that says, forget about it. This is not a valid site. So that’s why I said at the beginning here, that has a 90% improved by just using DNS filtering is huge. Now we provide commercial DNS filtering for our customers. But if you are a very small business if you don’t need to control the list of sites, if you don’t need it updated, like automatically right away, etc, etc. You can get it for free as well. So get out your pencil right now because I’m going to give you a domain that you can go to in order to get this and it’s pretty easy to do pretty easy to install. This is part of my course that I have coming up as well. You have got that pencil and paper. If you forget you can just email me at Craig Peterson dot com or if you’re driving the car. When you get back, just email me at Craig Peterson dot com, and I can go ahead and send that to you. But here’s the trick. Okay. Go to OpenDNS.com I’m going to go there right now just to make sure that it is correct OpenDNS.com there is OpenDNS so it’s open. And DNS stands for Domain Name System. And they have enterprise products which are what I sell. But they also have some consumer stuff available on the site to an OpenDNS is now owned by Cisco. But they have a couple of free packages that you can get that will improve your security by a good 90%. They have an OpenDNS home version, which is the free service they have OpenDNS family shield, which blocks adult content and then they have a VIP version for home. And then they have a small business umbrella prosumer version So the opening as home VIP is 20 bucks a year. Small Business is 20 bucks a month per user. And we use the enterprise version of Umbrella for all of our customers. So there you go. Very simple. Go there. They have instructions on how to use it, how to install it, and what to do if it triggers if it gets triggered. I’m so triggered. Alright. I hope you enjoyed today’s show. Let me know to make sure you subscribe to my email list to get all of the latest updates. Craig peterson.com slash subscribe. You can get them all right there. I really appreciate you guys being with me today and listening in. I hope some of these tips and tricks I have given you are going to help you out you got to do it. So right now go to OpenDNS.com and take care listening to Craig Peterson on WGAN

Transcribed by https://otter.ai

Transcribed by https://otter.ai

More stories and tech updates at:

www.craigpeterson.com

Don’t miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Listen to this episode