Jeremy Hammond. A name you’ve probably never heard of. And he was recently the FBI’s most-wanted cybercriminal. As a hactivist for more than a decade, Hammond breached Stratfor, a security company with clients like Homeland Security and the Defense Department. At one point he knew the credit card information for the United States Marine Corps. Hackers with that kind of chutzpah are few and proud, indeed.
Our Worst Enemy
That an extraordinary hacker would employ extraordinary security precautions would, on most days, be a safe assumption. But that day in 2012 was not Jeremy Hammond’s. He was methodical and patient when penetrating targeted networks, working on his Mac laptop from a coffee shop or random Wi-Fi access point, repairing computers for others to make ends meet. But his digital personal hygiene was less complex, and his encryption password even less so. The FBI discovered that password fairly readily, and Hammond went to federal prison because of his cat. Chewy, his cat’s name, followed by 123 was Hammond’s password and his downfall.
Post a Guard, Ever Vigilant
It wasn’t the Marines in search of their credit card. Hammond fell because of the weakest link in the cybersecurity equation: the human element. Often, hackers use social engineering to exploit human weaknesses and gain entry to offices and networks. These techniques are effective because, bless our hearts, we often make it really easy. We use our pet’s name with the numbers 123 as our password and, next thing you know, the bad guys are in the break room sipping a Coke while our data prepares to Elvis out of the building on a thumb drive.
ICS uses White Hat hackers to penetrate your network looking for threats, digital and human. It’s what we do. Easy as 123.