ISSUE 31: 2016

Disruptive Technology

Security in the Digital Age

As our lives become more and more digital, families face increasing threats of cybercrime. Here are some ways to avoid becoming a target.

Mack2Happy/Getty Images

» Click here to access your account and more insights.

» Not a client yet? Click here to find an office or have us contact you.

Generation Z has never lived without the Internet technology we use daily. They are “digital natives” to email, social networks and mobile devices.

As they grow into adulthood, the number of people globally who are online and addicted to their mobile phones will continue to increase. In fact, estimates suggest that an additional one billion people worldwide will have access to the Internet over the next five years. Plus, they will be doing so almost exclusively via smartphones.1 There’s no question that these devices provide convenience, but they also allow for increased exposure to cybercrime. “Technology is a double-edged sword,” says Joseph P. Quinlan, Head of Market & Thematic Strategy at U.S. Trust. “The promise of the digital age is exponential, but so is the peril for unsuspecting users.”

Attacks can come from anywhere. For example, a family discovered that someone had purchased over 100 gift cards — each worth $150 — by hacking a shopping app on a teenager’s smartphone when an item was purchased through a store’s Wi-Fi connection. The family contacted Tania Neild, a cybersecurity consultant, to analyze and diagnose the crime. A Ph.D. in database integration who spent five years at the National Security Administration (NSA), Neild says the family didn’t follow some basic guidelines.

“Were they on public Wi-Fi? Yes. Were they doing a transaction? Yes. Were they successfully processing consequences? No.”

Thinking through vulnerabilities

While cybercrime has increased by 38% in the last year,2 this doesn’t mean families can’t enjoy the Internet. Kids, especially, want to be connected. A recent independent study found that 24% of American teens are online “almost constantly” and nearly 75% of them have access to a smartphone.3

Establishing rules and balance is key, Neild says. She begins with the basics:

  1. Access financial information via a private connection — never with a mobile device.
  2. Don’t email private information like birth dates, Social Security numbers or credit card information.
  3. Avoid social media posts with personal information that could divulge a family’s whereabouts or wealth.
  4. Establish passwords — the most common breach — that no one can guess or decode.

Children need to understand the dangers of posting photos and personal information, Neild says. “It could be something benign, a post like ‘Having fun in Cabo.’ But if someone recognizes your name because your family just donated $10 million to build a library, there you are in Mexico, where kidnapping has typically been big.”

Recognizing threats

Over 100,000 breaches in cybersecurity occur every day, says Neild. The majority of those committing these acts fall into one of three categories:

  • Cybercriminals: Their goal is monetary gain and their targets may include companies, individuals and their families. Criminals go after capital, but also target assets with monetary value, such as
    music accounts, gift certificates and frequent-flier miles.
  • Cyber spies: They steal information — passwords to music accounts or store credit, for example — and sell it on
    the black cybermarket, a growing underground economy similar to the traditional black market.
  • Cyber activists: Politically motivated groups use hijacked accounts to hide their identity as they breach an organization’s security systems.

What are some best practices?

Some suggest establishing a family domain — a secure site accessible by a small number of approved family members, each with their own domain email. While this is often simple to set up, it can mean granting another individual or company access to privileged information.

Neild suggests using a trusted expert to set up secure email and build a private server — or firewall. This should be used when handling family assets, instead of public servers or Wi-Fi. The server should have a desktop accessible to authorized family members with unshared passwords. The firewall should be checked and updated monthly, or at least once a quarter.

While complexity often plays a role, increasing a password’s length can also help ensure a family’s safety, says Brad Deflin, founder and president of Total Digital Security. “Certain hacking software can sometimes crack an eight-character password in less than a day, while a 10-character password could take a year and a half to crack using the same software,”
Deflin says.

After a breach

Despite all the precautions you can take, breaches do still occur, reiterates Neild.
A good start to dealing with being a victim of cybercrime is remembering these three steps:

  1. Don’t disturb evidence, and let the investigators do their job.
  2. Contact the source from which the property was stolen.
  3. Alert your family’s financial and legal advisors.

Cybercrime is a fact of modern life, but with thorough preparation and understanding, all members of families should be able to enjoy the benefits of the Internet.

1 ”Mobile Is Eating the World,” ITU, a16z, 2015.

2 The Global State of Information Security® Survey, 2016.

3 Amanda Lenhart, “Teens, Social Media & Technology Overview 2015,” Pew Research Center, April 2015.

IMPORTANT INFORMATION

Some of the featured participants are not employees of U.S. Trust. The opinions and conclusions expressed are not necessarily those of U.S. Trust or its personnel.

Always consult with your independent attorney, tax advisor, investment manager and insurance agent for final recommendations and before changing or implementing any financial, tax or estate planning strategy.

Generation Z has never lived without the Internet technology we use daily. They are “digital natives” to email, social networks and mobile devices.

As they grow into adulthood, the number of people globally who are online and addicted to their mobile phones will continue to increase. In fact, estimates suggest that an additional one billion people worldwide will have access to the Internet over the next five years. Plus, they will be doing so almost exclusively via smartphones.1 There’s no question that these devices provide convenience, but they also allow for increased exposure to cybercrime. “Technology is a double-edged sword,” says Joseph P. Quinlan, Head of Market & Thematic Strategy at U.S. Trust. “The promise of the digital age is exponential, but so is the peril for unsuspecting users.”

Attacks can come from anywhere. For example, a family discovered that someone had purchased over 100 gift cards — each worth $150 — by hacking a shopping app on a teenager’s smartphone when an item was purchased through a store’s Wi-Fi connection. The family contacted Tania Neild, a cybersecurity consultant, to analyze and diagnose the crime. A Ph.D. in database integration who spent five years at the National Security Administration (NSA), Neild says the family didn’t follow some basic guidelines.

“Were they on public Wi-Fi? Yes. Were they doing a transaction? Yes. Were they successfully processing consequences? No.”

Thinking through vulnerabilities

While cybercrime has increased by 38% in the last year,2 this doesn’t mean families can’t enjoy the Internet. Kids, especially, want to be connected. A recent independent study found that 24% of American teens are online “almost constantly” and nearly 75% of them have access to a smartphone.3

Establishing rules and balance is key, Neild says. She begins with the basics:

  1. Access financial information via a private connection — never with a mobile device.
  2. Don’t email private information like birth dates, Social Security numbers or credit card information.
  3. Avoid social media posts with personal information that could divulge a family’s whereabouts or wealth.
  4. Establish passwords — the most common breach — that no one can guess or decode.

Children need to understand the dangers of posting photos and personal information, Neild says. “It could be something benign, a post like ‘Having fun in Cabo.’ But if someone recognizes your name because your family just donated $10 million to build a library, there you are in Mexico, where kidnapping has typically been big.”

Recognizing threats

Over 100,000 breaches in cybersecurity occur every day, says Neild. The majority of those committing these acts fall into one of three categories:

  • Cybercriminals: Their goal is monetary gain and their targets may include companies, individuals and their families. Criminals go after capital, but also target assets with monetary value, such as
    music accounts, gift certificates and frequent-flier miles.
  • Cyber spies: They steal information — passwords to music accounts or store credit, for example — and sell it on
    the black cybermarket, a growing underground economy similar to the traditional black market.
  • Cyber activists: Politically motivated groups use hijacked accounts to hide their identity as they breach an organization’s security systems.

What are some best practices?

Some suggest establishing a family domain — a secure site accessible by a small number of approved family members, each with their own domain email. While this is often simple to set up, it can mean granting another individual or company access to privileged information.

Neild suggests using a trusted expert to set up secure email and build a private server — or firewall. This should be used when handling family assets, instead of public servers or Wi-Fi. The server should have a desktop accessible to authorized family members with unshared passwords. The firewall should be checked and updated monthly, or at least once a quarter.

While complexity often plays a role, increasing a password’s length can also help ensure a family’s safety, says Brad Deflin, founder and president of Total Digital Security. “Certain hacking software can sometimes crack an eight-character password in less than a day, while a 10-character password could take a year and a half to crack using the same software,”
Deflin says.

After a breach

Despite all the precautions you can take, breaches do still occur, reiterates Neild.
A good start to dealing with being a victim of cybercrime is remembering these three steps:

  1. Don’t disturb evidence, and let the investigators do their job.
  2. Contact the source from which the property was stolen.
  3. Alert your family’s financial and legal advisors.

Cybercrime is a fact of modern life, but with thorough preparation and understanding, all members of families should be able to enjoy the benefits of the Internet.

1 ”Mobile Is Eating the World,” ITU, a16z, 2015.

2 The Global State of Information Security® Survey, 2016.

3 Amanda Lenhart, “Teens, Social Media & Technology Overview 2015,” Pew Research Center, April 2015.

IMPORTANT INFORMATION

Some of the featured participants are not employees of U.S. Trust. The opinions and conclusions expressed are not necessarily those of U.S. Trust or its personnel.

Always consult with your independent attorney, tax advisor, investment manager and insurance agent for final recommendations and before changing or implementing any financial, tax or estate planning strategy.