Hackers, Phishing, and Social Engineering: Protection With These Cyber Tips

Available for Interviews Phil Crowley

Philip P. Crowley, is a dedicated attorney who has been handling legal matters for pharmaceutical, biomedical, medical devices, information technology and other technology companies for over 30 years. He has also spent nearly 25 years on the board of trustees of the Stevens Institute of Technology, with substantial involvement in the oversight of academic innovation and entrepreneurship.


Talking Points from Phil Crowley
on How to Practice Good Online Hygiene

Hackers are threatening to  reveal personal details of some of the very famous clients of NYC attorney Allen Grubman, e.g. Elton John, Lady Gaga and Barbara Streisand.  We don’t yet know the details of how the hackers gained access to the system or what data they have. Nonetheless, the incident reminds us to exercise good “online hygiene” habits, i.e. cybersecurity, especially as more workers are working from home, either on business computers or home computers.

How IT Departments Can Be Employed

It starts with the basics, most of which can be handled remotely by company IT staff for business computers:

  1. Constant training and reminding staff to avoid “phishing” and “social engineering” > if something looks suspicious, don’t click on attachments; call the person requesting sensitive data or payments. 
  2. Prompt installation of system software updates > these frequently include security “fixes” to vulnerabilities that have been identified by the software publisher. 
  3. Robust firewalls > not a perfect solution but a necessary component to thwart basic attacks. 
  4. Regular scanning for malware > the kind of software that can lock up an entire system for a ransom payment or send sensitive data like ID’s and passwords to criminals; programs are available. 
  5. Regular backups of system programs and data offline > if a system is “locked up,” it can be restored from an offline copy.  If the backup drive remains online, it could be locked up along with the system.

This is much easier to accomplish in a controlled office environment or on a dedicated business laptop where there is regular IT support than on the typical home computer.  Workers at home who access business accounts through their home computers are particularly vulnerable.  The home computers frequently contain programs not vetted by company IT staff. And the home computers have little or no support from the business IT cybersecurity staff.

What Remote Workers Can Do On Their own

Some homebound workers need to do things for themselves. And the presence of programs not controlled by or supplied by the business can open the door to much mischief

  1. They can start with setting up automatic scanning for and installation of software updates for programs they use.  Many widely used programs have that capability. 
  2. Remove software that is outdated or no longer used. 
  3. Have and use firewall programs. 
  4. Install software that scans for and eliminates malware.

These are followed by:

  • 2-factor authentication > log in with ID and password and sending a PIN via a separate channel or with an authentication app. 
  • Encryption of data in transit > so it can’t be intercepted.  This is a major potential problem for use of free WiFi in coffee shops and other retail establishments.  It’s easy to remedy this with commercially available Virtual Private Network–VPN-software.  It encrypts data over the public WiFi until it gets to the publisher’s servers and then is unencrypted and sent along its way. 
  • Encryption of data in storage > that way, even if it’s stolen it’s useless to the hackers; many reputable Cloud-based storage platforms provide for this. 
  • Regular backups of data offline > as stated above, it’s the easiest way to get back up and operating after a hack or major system failure.

All of these aren’t foolproof, but they make the businesses that employ these techniques must less inviting targets.


Interviews: Phil Crowley

Philip P. Crowley is an attorney for over 30 years who is passionate about helping grow technology companies seize opportunities and avoid expensive legal mistakes as they make ideas come to fruition. Mr. Crowley has also spent nearly 25 years on the board of trustees of the Stevens Institute of Technology, with substantial involvement in the oversight of academic innovation and entrepreneurship. He is the Managing Partner at the Law Office of Philip P. Crowley, LLC. Visit Phil Crowley on the web at www.CrowleyLawLLC.com


Jo Allison
Managing Editor
Director of Public Relations
Success in Media, Inc.

Leave a Reply