Answering questions on cybersecurity

Question: Why is it a big deal to take precautions with one’s digital data and online identity?
 

Answer: Americans are accustomed to locking their car doors and front doors to protect property and personal belongings from theft. It’s just as important to put in place safeguards to secure one’s whereabouts and financial, health and personal information stored online. Now more than ever before, Americans do business, banking, shopping and communicating using the internet.  Across the country and around the world, people access public Wi-Fi to check social media, consume news and entertainment, download information, upload digital photos, make mobile payments and basically mind their affairs online. The problem is that savvy cyber thieves are mining every opportunity to pluck personal information stored in cyberspace for illicit purposes and criminal intent. Consider the recent data breach reported by Equifax that may have compromised the Social Security numbers and other identifying information for more than 145 million Americans. Yahoo also revealed an epic hack of three billion accounts – disclosing that it was three times more than initially reported last year – from a security breach in 2013. Yet another cyber theft in 2014 compromised Yahoo’s systems and personal information of 500 million accounts, resulting in an indictment of four people by the U.S. Justice Department earlier this year.

Hackers are looking to exploit stolen personal information, including passwords, dates of birth, log in credentials and more to gain access to financial accounts and other sensitive information, such as medical and tax records. They also like to swipe contact lists to cast a bigger web and trick even more people to download malware and victimize them with fraudulent schemes.

The Federal Trade Commission (FTC) advises Americans to take precautionary measures to thwart identity thieves from stealing personal information from computers, mobile devices and wireless networks. Whether at home, school or work and especially when using the convenience of a WiFi hotspot, encryption is a key tool to protect personal information. Make sure websites -- and every page visited if sending personal information -- are fully encrypted before logging in to them. A website is encrypted if its address starts with https (the s stands for secure). WiFi hotspots are likely not secure unless they require a password.

Go to https://www.consumer.ftc.gov/topics/online-security for more guidance.

To report malware, go to the FTC website https://www.ftc.gov/complaint.
 
Question: How can Americans observe National Cybersecurity Awareness Month?

Answer: Give yourself peace of mind by taking cybersecurity seriously. The Department of Homeland Security and National Cybersecurity Alliance have issued guidance for responsible stewardship for all digital citizens. As with any crime, it’s important to stay a step ahead of wrongdoers. That’s why it’s so important to protect usernames and passwords and take advantage of authentication tools. Regularly update software systems to reduce risk of attack by virus. Do not open suspicious links sent to you, even if you know the sender. Steer clear of links in online ads and pop-up banners. For all those who have lost important files and documents when a computer system crashes due to a virus or otherwise, avoid the heartache and headache by backing up digital work files, photos and other valuable information. Be smart with your privacy settings and understand how your purchase history and digital footprint may be collected and distributed by apps, websites and internet-connected devices. Regularly monitor financial accounts and check credit reports. Using security tools will help limit one’s risk of harm from the next data breach and identity theft. As I recently shared at a congressional hearing in October called to examine the massive data breach at Equifax, most Americans are now at risk of real harm, not mere nuisance, from identity theft. Policymakers, law enforcement, businesses and consumers must keep our oars in the water to avert the rising tide of identity thieves, hackers and online scammers, both foreign and domestic.

As chairman of the Senate Judiciary Committee, I pursue aggressive oversight and work on bipartisan legislative tools that will protect individuals, businesses and government from security breaches.

On a larger scale, sophisticated cyber theft poses grave risk to U.S. jobs, national security and American competitiveness. Intellectual property (IP) and innovation prime the pump of America’s 21st century economy. According to the U.S. Department of Commerce, IP accounted for $6.6 trillion in value added, or 38.2 percent of GDP in 2014, adding up to more than 45 million American jobs, about 30 percent of U.S. employment. The FBI reported in 2016 that its investigations of economic espionage and theft of trade secrets on U.S. businesses rose by 53 percent within the previous year.

National Cybersecurity Awareness Month provides an important reminder that Americans cannot afford to ignore. Guard your online information even more carefully than your own pocketbook.  Whereas pickpockets may steal the cash in your wallet, cybercriminals may walk away with your privacy and take your life savings, medical history and tax records in the process. What’s more, the recent massive security data breaches and ongoing investigations of foreign hackers meddling with U.S. elections are a wake-up call to individuals, policymakers, businesses and law enforcement to address the identity theft crisis on our horizon.