Scientists warn brain implants can be hacked and used to control people (and you thought I was kidding?)

shutterstock_66449896Back in early 2012, I wrote a blog post about whether hacking a human would violate the federal Computer Fraud and Abuse Act. Shortly after publishing it, I received a call from a guy in Austin who said: “dude, someone finally gets it, I need your help!” … I responded that I was a lawyer, not a psychiatrist and that I was just kidding when I wrote that, kinda.

Now, here we are 6 years later and it seems this is becoming a thing more and more of a thing. What do you think?  Vulnerabilities in brain implants used to treat Parkinson’s disease could be hacked by cyber attackers and used to control people, scientists have claimed.

Key Lesson All Business Leaders Can Learn From the Anthem Data Breach Case

The 2015 Anthem data breach affected 79 million people and was the largest health-care data breach in U.S. history. The affected consumers sued Anthem in a case that settled for a record $115 million. Now the U.S. Dept. of Health and Human Services’ Office of Civil Rights has reached a settlement with Anthem for a record $16 million — an amount that is almost three times the next-largest OCR data breach settlement of $5.55 million.

While these numbers are interesting, what is the takeaway for business leaders?

It all started with an employee opening and responding to a phishing email:

phishing-3390518_1920

Anthem discovered cyber-attackers had infiltrated their system through spear phishing emails sent to an Anthem subsidiary after at least one employee responded to the malicious email and opened the door to further attacks. (HHS Press Release)

While this may be shocking, it is neither new nor unexpected. Most cyber incidents are a result of failures of basic cyber hygiene, not super sophisticated James Bond-like attacks. Read more about this in 1 Step to Improve Your Company’s Cybersecurity Today.

“Hacked” Facebook Account — or Cloned?

Dear friends who keep talking about “hacked Facebook accounts”:

When there is an account that is pretending to be your account on Facebook (or other social media platforms) that is sending friend requests to others, in most cases, this does not mean that your account has been “hacked” (i.e., inappropriately accessed by someone other than you).

In most cases, nothing has happened to your account. Rather, someone is attempting to “clone” your account by making a new account that appears to be you by using your information and pictures. When this happens, your account has not been “hacked”!

If this happens to you, go to the profile pretending to be you and report it to Facebook. The pictures below show you how to do it.

Given all of the hysteria about this right now, just do not accept new request from people on Facebook immediately and let them sit for a while — give it a few days before accepting them because if the account is reported to Facebook and then taken down, the illegitimate friend request will disappear.

If you’re interested to learn more about the real “Facebook Hack”, you can listen to these radio segments where I discussed it:

Did hackers record you watching porn? New scam using key elements of phishing and shame hacking

Cybercriminals are using yet another new twist on the old email phishing attack: they email people claiming to have infected porn sites with malware that allowed them to take over the recipient’s webcam and record them sitting at their computer watching porn and if they don’t pay up, the video is going public. I discuss this new method of attack in the video above and you can learn more details about how they do it in this article: Don’t Fall for This Scam Claiming You Were Recorded Watching Porn

For people who know they have never watched porn on their computers, this probably isn’t too effective. For everyone else, this threat of public shaming can be a powerful motivation to comply with the extortion demand.

This is another example of what I have often described as shame hacking, the use, or threatened use, of purportedly hacked data for embarrassing or extorting people by threatening to expose such compromising data if they do not comply with the demands made of them.

Shame hacking is one more way that cybercriminals have learned to monetize the fruits of their criminal actions and represents an increasing trend for how hacked information can and will be used in many ways. I have blogged about other cases where hackers have relied on shame hacking for profit.

Dallas / Fort Worth CBS News station in Dallas / Fort Worth did a story about this latest attack and invited Shawn Tuma on to explain more about it. See story here.

If you are the victim of shame hacking or any other type of cybercrime, you can easily report it online at the FBI’s Internet Crime Complaint Center (IC3).

Why do you need a cyber attorney? Shawn Tuma explains in Ethical Boardroom

spring2018In my latest article in Ethical Boardroom article, I explain some of the not-so-obvious reasons why you need an experienced cyber attorney on your team: Why you need a cyber attorney (Spring 2018)

Here are other Ethical Boardroom (@EthicalBoard) articles that I have written or contributed to that are also available for free: